Period
to

The following table provides summary statistics for permanent job vacancies with a requirement for GRC skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited GRC over the 6 months to 20 May 2022 with a comparison to the same period in the previous 2 years.

Governance, Risk Management and Compliance (GRC)
UK
6 months to
20 May 2022
Same period 2021 Same period 2020
Rank 690 625 669
Rank change year-on-year -65 +44 +91
Permanent jobs citing GRC 587 304 251
As % of all permanent jobs advertised in the UK 0.36% 0.33% 0.27%
As % of the Quality Assurance & Compliance category 2.12% 2.53% 2.05%
Number of salaries quoted 341 240 184
10th Percentile £42,500 £43,675 £38,750
25th Percentile £48,750 £53,750 £45,000
Median annual salary (50th Percentile) £65,000 £65,000 £62,500
Median % change year-on-year - +4.00% -3.85%
75th Percentile £81,250 £80,000 £81,250
90th Percentile £97,500 £95,000 £88,750
UK excluding London median annual salary £56,250 £57,500 £55,000
% change year-on-year -2.17% +4.55% -8.33%

GRC is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 27,654 12,005 12,252
As % of all permanent IT jobs advertised in the UK 16.99% 13.21% 12.99%
Number of salaries quoted 13,339 8,182 9,437
10th Percentile £31,250 £31,250 £30,000
25th Percentile £41,250 £41,250 £38,750
Median annual salary (50th Percentile) £55,000 £52,500 £52,500
Median % change year-on-year +4.76% - +5.00%
75th Percentile £73,750 £70,000 £70,000
90th Percentile £90,000 £85,000 £85,000
UK excluding London median annual salary £47,603 £47,500 £47,500
% change year-on-year +0.22% - +5.56%

GRC
Job Vacancy Trend

Job postings citing GRC as a proportion of all IT jobs advertised.

Job vacancy trend for GRC in the UK

GRC
Salary Trend

3-month moving average salary quoted in jobs citing GRC.

Salary trend for GRC in the UK

GRC
Salary Histogram

Salary distribution for jobs citing GRC over the 6 months to 20 May 2022.

Salary histogram for GRC in the UK

GRC
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing GRC within the UK over the 6 months to 20 May 2022. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Jobs
England -89 499 £65,000 - 53
Work from Home -100 287 £65,000 -7.14% 14
UK excluding London -28 274 £56,250 -2.17% 34
London -196 226 £70,000 -6.67% 23
South East -20 127 £75,000 +30.43% 9
North of England -32 83 £50,000 -16.67% 13
North West -24 63 £50,000 -16.67% 10
South West -3 26 £58,750 -7.84% 2
Midlands -86 22 £75,000 +42.86% 3
West Midlands -75 20 £75,000 +45.63% 1
Yorkshire -43 18 £53,188 -9.47% 2
East of England -102 6 £55,000 -26.67% 3
Scotland - 4 - - 1
Wales -39 3 £37,500 -21.05% 3
Northern Ireland - 3 £60,000 -
North East -15 2 £35,000 -56.25% 1
East Midlands -34 2 £65,000 +8.33% 2

For the 6 months to 20 May 2022, IT jobs citing GRC also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for GRC.

1 413 (70.36%) Information Security
2 301 (51.28%) Risk Management
3 288 (49.06%) ISO/IEC 27001
4 287 (48.89%) Cybersecurity
5 232 (39.52%) Finance
6 207 (35.26%) CISSP
7 183 (31.18%) NIST
8 169 (28.79%) Agile
9 155 (26.41%) CISM
10 151 (25.72%) Degree
11 147 (25.04%) Data Protection
12 139 (23.68%) ISMS
13 138 (23.51%) SaaS
14 135 (23.00%) Azure
15 126 (21.47%) Retail
16 124 (21.12%) Stakeholder Management
17 118 (20.10%) Management Information System
18 115 (19.59%) Manufacturing
19 113 (19.25%) CRISC
20 110 (18.74%) AWS
20 110 (18.74%) Public Sector
21 107 (18.23%) Social Skills
22 97 (16.52%) Local Government
23 94 (16.01%) Computer Science
24 91 (15.50%) DevOps
25 87 (14.82%) Greenfield Project
26 80 (13.63%) Computer Science Degree
26 80 (13.63%) PCI DSS
27 78 (13.29%) Security Management
28 77 (13.12%) GDPR

GRC
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 10 (1.70%) SharePoint
2 2 (0.34%) Apache
2 2 (0.34%) Confluence
2 2 (0.34%) IIS
2 2 (0.34%) WebLogic
2 2 (0.34%) WebSphere
Applications
1 21 (3.58%) Sketch
2 12 (2.04%) Adobe Creative Suite
2 12 (2.04%) Adobe XD
2 12 (2.04%) InVision
3 9 (1.53%) Zeplin
4 8 (1.36%) Microsoft Office
5 7 (1.19%) MS Visio
6 6 (1.02%) Microsoft Excel
7 5 (0.85%) Microsoft Project
8 1 (0.17%) Microsoft PowerPoint
Business Applications
1 17 (2.90%) SAP GRC
2 10 (1.70%) SAP S/4HANA
3 3 (0.51%) SAP ERP
4 2 (0.34%) Remedy ITSM
5 1 (0.17%) NetSuite
5 1 (0.17%) Oracle EBS
5 1 (0.17%) Oracle ERP
5 1 (0.17%) SAP APO
5 1 (0.17%) SAP CO
5 1 (0.17%) SAP ECC
5 1 (0.17%) SAP FI
5 1 (0.17%) SAP FI/CO
5 1 (0.17%) SAP IBP
5 1 (0.17%) SAP MM
5 1 (0.17%) Sentinel
Cloud Services
1 138 (23.51%) SaaS
2 135 (23.00%) Azure
3 110 (18.74%) AWS
4 38 (6.47%) GCP
5 30 (5.11%) Figma
6 28 (4.77%) BrowserStack
6 28 (4.77%) Sauce Labs
7 19 (3.24%) PaaS
8 18 (3.07%) Microsoft 365
9 17 (2.90%) Azure Cosmos DB
10 15 (2.56%) IaaS
11 11 (1.87%) Cloud Computing
12 7 (1.19%) Azure Sentinel
12 7 (1.19%) SuccessFactors
13 4 (0.68%) Azure Active Directory
13 4 (0.68%) Power Platform
13 4 (0.68%) WhatsApp
14 3 (0.51%) Azure Data Factory
14 3 (0.51%) Azure Synapse Analytics
15 2 (0.34%) Serverless
Communications & Networking
1 25 (4.26%) Firewall
2 20 (3.41%) Intrusion Detection
3 13 (2.21%) Network Security
4 12 (2.04%) Internet
5 9 (1.53%) Intranet
6 3 (0.51%) DNS
6 3 (0.51%) HTTP
7 2 (0.34%) HTTPS
7 2 (0.34%) SNMP
7 2 (0.34%) SSL
7 2 (0.34%) TCP/IP
8 1 (0.17%) SMTP
Database & Business Intelligence
1 14 (2.39%) Big Data
1 14 (2.39%) Redis
2 13 (2.21%) SQL Server
3 9 (1.53%) SAP BW
4 5 (0.85%) Data Lake
5 4 (0.68%) Power BI
6 3 (0.51%) Data Warehouse
6 3 (0.51%) InfluxDB
6 3 (0.51%) MongoDB
6 3 (0.51%) NoSQL
6 3 (0.51%) SQL Server Analysis Services
6 3 (0.51%) SQL Server Integration Services
6 3 (0.51%) SQL Server Reporting Services
7 2 (0.34%) DB2
8 1 (0.17%) BusinessObjects
8 1 (0.17%) SAP HANA
Development Applications
1 28 (4.77%) Cypress.io
1 28 (4.77%) Gatling
1 28 (4.77%) JMeter
1 28 (4.77%) Postman
1 28 (4.77%) Protractor
1 28 (4.77%) Selenium
1 28 (4.77%) SpecFlow
1 28 (4.77%) TestCafe
2 16 (2.73%) Git (software)
3 15 (2.56%) Burp Suite
3 15 (2.56%) Log4j
4 6 (1.02%) JIRA
5 2 (0.34%) ERwin
6 1 (0.17%) Team Foundation Server
General
1 232 (39.52%) Finance
2 126 (21.47%) Retail
3 115 (19.59%) Manufacturing
4 110 (18.74%) Public Sector
5 107 (18.23%) Social Skills
6 97 (16.52%) Local Government
7 63 (10.73%) Legal
8 45 (7.67%) Analytical Skills
9 35 (5.96%) Organisational Skills
10 24 (4.09%) Influencing Skills
10 24 (4.09%) Presentation Skills
11 20 (3.41%) Banking
12 17 (2.90%) Telecoms
13 15 (2.56%) Law
14 13 (2.21%) Automotive
15 7 (1.19%) Marketing
16 6 (1.02%) Games
17 5 (0.85%) Inclusion and Diversity
18 4 (0.68%) Documentation Skills
18 4 (0.68%) Financial Institution
Job Titles
1 115 (19.59%) Security Manager
2 113 (19.25%) Analyst
3 64 (10.90%) Consultant
4 62 (10.56%) Security Analyst
5 40 (6.81%) Security Consultant
6 39 (6.64%) Information Manager
7 38 (6.47%) Security Officer
8 34 (5.79%) Information Analyst
8 34 (5.79%) Information Security Manager
9 33 (5.62%) Architect
9 33 (5.62%) Information Security Analyst
10 30 (5.11%) Information Officer
10 30 (5.11%) Risk Analyst
11 29 (4.94%) Developer
11 29 (4.94%) Information Security Officer
12 28 (4.77%) Head of Security
12 28 (4.77%) QA Engineer
13 25 (4.26%) IT Analyst
14 23 (3.92%) Governance Analyst
14 23 (3.92%) Security Architect
Libraries, Frameworks & Software Standards
1 61 (10.39%) .NET
2 55 (9.37%) REST
3 52 (8.86%) React
4 42 (7.16%) Swagger
5 32 (5.45%) Web Services
6 30 (5.11%) AngularJS
7 16 (2.73%) HTML
7 16 (2.73%) HTML5
8 14 (2.39%) ASP.NET
8 14 (2.39%) ASP.NET MVC
8 14 (2.39%) CSS
8 14 (2.39%) CSS3
8 14 (2.39%) MobX
8 14 (2.39%) Redux
8 14 (2.39%) SignalR
9 6 (1.02%) LDAP
9 6 (1.02%) SailPoint
9 6 (1.02%) SAML
10 5 (0.85%) JSON
10 5 (0.85%) XML
Miscellaneous
1 118 (20.10%) Management Information System
2 87 (14.82%) Greenfield Project
3 44 (7.50%) User Experience
4 25 (4.26%) Cyberthreat
5 23 (3.92%) Public Cloud
6 21 (3.58%) Enterprise Software
7 20 (3.41%) IoT
8 15 (2.56%) Linux Command Line
8 15 (2.56%) Self-Motivation
9 14 (2.39%) Data Protection Act
10 13 (2.21%) PMI
11 9 (1.53%) Cyberattack
11 9 (1.53%) Freedom of Information
12 7 (1.19%) Cyber Defence
13 6 (1.02%) Data Centre
13 6 (1.02%) Security Operations Centre
14 4 (0.68%) Cloud Native
14 4 (0.68%) Cyber Kill Chain
14 4 (0.68%) Digital Wallet
14 4 (0.68%) Reinsurance
Operating Systems
1 11 (1.87%) Windows
2 9 (1.53%) Linux
3 2 (0.34%) Unix
Processes & Methodologies
1 413 (70.36%) Information Security
2 301 (51.28%) Risk Management
3 287 (48.89%) Cybersecurity
4 169 (28.79%) Agile
5 147 (25.04%) Data Protection
6 139 (23.68%) ISMS
7 124 (21.12%) Stakeholder Management
8 94 (16.01%) Computer Science
9 91 (15.50%) DevOps
10 78 (13.29%) Security Management
11 74 (12.61%) Analytics
11 74 (12.61%) Problem-Solving
11 74 (12.61%) Security Operations
12 72 (12.27%) Information Security Management
13 62 (10.56%) Artificial Intelligence
13 62 (10.56%) Biology
13 62 (10.56%) Chemistry
13 62 (10.56%) Informatics
13 62 (10.56%) Machine Learning
14 58 (9.88%) Security Architecture
Programming Languages
1 69 (11.75%) C#
2 54 (9.20%) SQL
3 42 (7.16%) TypeScript
4 33 (5.62%) JavaScript
5 21 (3.58%) PowerShell
6 18 (3.07%) T-SQL
7 17 (2.90%) Bash
8 9 (1.53%) Python
9 4 (0.68%) C
9 4 (0.68%) VB.NET
10 3 (0.51%) Data Analysis Expressions (DAX)
11 2 (0.34%) Java
Qualifications
1 207 (35.26%) CISSP
2 155 (26.41%) CISM
3 151 (25.72%) Degree
4 113 (19.25%) CRISC
5 80 (13.63%) Computer Science Degree
6 70 (11.93%) Master's Degree
7 60 (10.22%) CISA
8 41 (6.98%) (ISC)2 CCSP
8 41 (6.98%) Cisco Certification
9 26 (4.43%) CCSP
9 26 (4.43%) SANS
10 24 (4.09%) Security Cleared
11 22 (3.75%) CCSK
11 22 (3.75%) SSCP
12 17 (2.90%) CASP
12 17 (2.90%) CompTIA CySA+
12 17 (2.90%) PMI Certification
12 17 (2.90%) SC Cleared
13 15 (2.56%) CISMP
13 15 (2.56%) ISO 27001 Lead Auditor
Quality Assurance & Compliance
1 288 (49.06%) ISO/IEC 27001
2 183 (31.18%) NIST
3 80 (13.63%) PCI DSS
4 77 (13.12%) GDPR
5 59 (10.05%) Cyber Essentials
6 44 (7.50%) COBIT
7 29 (4.94%) QA
8 27 (4.60%) Cyber Essentials PLUS
9 15 (2.56%) SOC 2
10 11 (1.87%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
11 9 (1.53%) PMO
11 9 (1.53%) Sarbanes-Oxley
12 8 (1.36%) NCSC
13 5 (0.85%) Actionable Recommendations
13 5 (0.85%) ISO/IEC 27005
14 4 (0.68%) HIPAA
14 4 (0.68%) HITRUST
14 4 (0.68%) ISO 31000
14 4 (0.68%) NIST 800
15 3 (0.51%) COSO
System Software
1 11 (1.87%) Docker
2 10 (1.70%) Active Directory
3 2 (0.34%) NDS
Systems Management
1 26 (4.43%) Kubernetes
2 15 (2.56%) FortiGate
2 15 (2.56%) Nessus
2 15 (2.56%) Trend Micro Deep Security
3 13 (2.21%) RSA Archer
4 8 (1.36%) Terraform
5 5 (0.85%) Single Sign-On
6 4 (0.68%) EMC NetWorker
7 2 (0.34%) Active Directory Federation Services
7 2 (0.34%) Ansible
7 2 (0.34%) CASB
7 2 (0.34%) CSIRT
7 2 (0.34%) MIIS
7 2 (0.34%) NetIQ Identity Manager
8 1 (0.17%) Computer Emergency Response Teams
Vendors
1 65 (11.07%) Microsoft
2 34 (5.79%) Google
3 30 (5.11%) Twitter
4 19 (3.24%) SAP
5 18 (3.07%) OneTrust
6 17 (2.90%) IBM
6 17 (2.90%) Okta
7 16 (2.73%) CrowdStrike
8 15 (2.56%) Forcepoint
8 15 (2.56%) Fortinet
8 15 (2.56%) Qualys
8 15 (2.56%) Sophos
8 15 (2.56%) Tanium
9 12 (2.04%) Adobe
9 12 (2.04%) Ariba
9 12 (2.04%) ServiceNow
10 7 (1.19%) Concur
11 6 (1.02%) ForgeRock
12 4 (0.68%) Facebook
12 4 (0.68%) Palo Alto