Governance, Risk Management and Compliance (GRC)
UK

The table below provides summary statistics for permanent job vacancies requiring GRC skills. It includes a benchmarking guide to the annual salaries offered in vacancies that cited GRC over the 6 months leading up to 30 April 2025, comparing them to the same period in the previous two years.

6 months to
30 Apr 2025
Same period 2024 Same period 2023
Rank 527 548 604
Rank change year-on-year +21 +56 +133
Permanent jobs citing GRC 157 365 432
As % of all permanent jobs advertised in the UK 0.30% 0.37% 0.42%
As % of the Quality Assurance & Compliance category 1.77% 2.70% 2.16%
Number of salaries quoted 97 301 325
10th Percentile £48,800 £41,250 £44,118
25th Percentile £57,500 £47,500 £54,500
Median annual salary (50th Percentile) £71,991 £57,500 £65,000
Median % change year-on-year +25.20% -11.54% -
75th Percentile £80,000 £77,500 £81,250
90th Percentile £84,750 £87,500 £93,750
UK excluding London median annual salary £65,000 £50,500 £60,000
% change year-on-year +28.71% -15.83% -

All Quality Assurance and Compliance Skills
UK

GRC falls under the Quality Assurance and Compliance category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring quality assurance or compliance skills.

Permanent vacancies with a requirement for quality assurance or compliance skills 8,850 13,541 19,961
As % of all permanent jobs advertised in the UK 16.97% 13.77% 19.19%
Number of salaries quoted 4,598 9,268 9,195
10th Percentile £31,250 £27,000 £32,000
25th Percentile £42,500 £36,250 £42,500
Median annual salary (50th Percentile) £60,000 £52,500 £57,500
Median % change year-on-year +14.29% -8.70% +4.55%
75th Percentile £73,750 £70,000 £76,250
90th Percentile £90,000 £90,000 £93,750
UK excluding London median annual salary £55,000 £47,500 £50,000
% change year-on-year +15.79% -5.00% +5.04%

GRC
Job Vacancy Trend

Job postings citing GRC as a proportion of all IT jobs advertised.

Job vacancy trend for GRC in the UK

GRC
Salary Trend

3-month moving average salary quoted in jobs citing GRC.

Salary trend for GRC in the UK

GRC
Salary Histogram

Salary distribution for jobs citing GRC over the 6 months to 30 April 2025.

Salary histogram for GRC in the UK

GRC
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing GRC within the UK over the 6 months to 30 April 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Jobs
England +8 147 £72,500 +26.09% 172
UK excluding London +63 84 £65,000 +28.71% 79
London +48 61 £76,250 +1.67% 113
Work from Home +109 55 £72,246 +25.64% 96
South East +15 22 £65,000 +28.71% 19
North of England +52 21 £67,500 +50.00% 22
Midlands +50 20 £62,500 +13.64% 5
West Midlands +38 14 £68,750 +25.00% 5
South West +110 11 £65,000 -7.14% 9
North West +13 11 £67,500 +68.75% 15
Yorkshire +59 9 £65,000 +15.56% 6
East Midlands +52 6 £57,500 -32.35%
Scotland +130 4 £63,750 +96.15% 7
East of England +51 4 £50,000 -31.03% 8
North East +51 1 £72,500 +93.33% 1
Wales - 1 £52,500 - 7
Northern Ireland - 1 - - 2

GRC
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 10 (6.37%) IBM Domino
2 3 (1.91%) Confluence
3 2 (1.27%) SharePoint
Applications
1 4 (2.55%) Microsoft Excel
1 4 (2.55%) Microsoft Office
2 1 (0.64%) Camtasia
2 1 (0.64%) Final Cut Pro
2 1 (0.64%) Microsoft PowerPoint
2 1 (0.64%) MS Visio
Business Applications
1 7 (4.46%) SAP GRC
2 3 (1.91%) SAP S/4HANA
3 1 (0.64%) Oracle EBS R12
3 1 (0.64%) Oracle Procure-to-Pay
Cloud Services
1 22 (14.01%) Azure
2 15 (9.55%) Microsoft 365
3 6 (3.82%) Entra ID
4 5 (3.18%) AWS
4 5 (3.18%) SaaS
5 4 (2.55%) Power Platform
6 3 (1.91%) Azure Sentinel
6 3 (1.91%) Cloud Computing
6 3 (1.91%) Microsoft Purview
7 2 (1.27%) GCP
8 1 (0.64%) Azure DevOps
8 1 (0.64%) Dynamics 365
8 1 (0.64%) Microsoft Copilot
8 1 (0.64%) PaaS
8 1 (0.64%) Power Automate
8 1 (0.64%) ShareGate
8 1 (0.64%) WhatsApp
Communications & Networking
1 8 (5.10%) Firewall
2 3 (1.91%) Cisco Firepower
2 3 (1.91%) VPN
2 3 (1.91%) Wireless
3 2 (1.27%) DNS
3 2 (1.27%) Network Security
4 1 (0.64%) DHCP
4 1 (0.64%) Intranet
4 1 (0.64%) TCP/IP
Database & Business Intelligence
1 3 (1.91%) Power BI
2 2 (1.27%) Relational Database
2 2 (1.27%) SAP BW
3 1 (0.64%) Tableau
Development Applications
1 4 (2.55%) JIRA
2 1 (0.64%) Team Foundation Server
General
1 68 (43.31%) Social Skills
2 38 (24.20%) Finance
3 34 (21.66%) Presentation Skills
4 33 (21.02%) Analytical Skills
5 17 (10.83%) Legal
6 14 (8.92%) Inclusion and Diversity
7 11 (7.01%) Law
8 10 (6.37%) Influencing Skills
9 8 (5.10%) Retail
10 7 (4.46%) Public Sector
11 5 (3.18%) Marketing
12 4 (2.55%) Banking
12 4 (2.55%) Manufacturing
13 3 (1.91%) Military
13 3 (1.91%) Organisational Skills
14 2 (1.27%) Dutch Language
14 2 (1.27%) Telecoms
15 1 (0.64%) Automotive
15 1 (0.64%) Documentation Skills
15 1 (0.64%) Public Speaking
Job Titles
1 43 (27.39%) Analyst
2 30 (19.11%) Security Manager
3 26 (16.56%) Security Analyst
4 25 (15.92%) Senior
5 23 (14.65%) Information Manager
5 23 (14.65%) Information Security Manager
6 18 (11.46%) Senior Analyst
7 14 (8.92%) Consultant
7 14 (8.92%) IT Analyst
8 13 (8.28%) Information Analyst
8 13 (8.28%) Risk Manager
9 11 (7.01%) Information Security Analyst
9 11 (7.01%) IT Security Analyst
10 10 (6.37%) Risk Analyst
10 10 (6.37%) Security Engineer
10 10 (6.37%) Senior Information Analyst
11 9 (5.73%) Cybersecurity Engineer
11 9 (5.73%) Senior Risk Analyst
12 8 (5.10%) Lead
12 8 (5.10%) Senior Information Security Analyst
Libraries, Frameworks & Software Standards
1 9 (5.73%) EDI
2 2 (1.27%) Ajax
2 2 (1.27%) AngularJS
2 2 (1.27%) CSS
2 2 (1.27%) EDIFACT
2 2 (1.27%) HTML
2 2 (1.27%) IDoc
2 2 (1.27%) LDAP
2 2 (1.27%) SAP Fiori
2 2 (1.27%) Web Services
3 1 (0.64%) ModSecurity
3 1 (0.64%) Oracle Fusion
3 1 (0.64%) SAP Basis
Miscellaneous
1 20 (12.74%) Management Information System
2 19 (12.10%) Security Posture
3 6 (3.82%) Onboarding
3 6 (3.82%) Operational Technology
4 5 (3.18%) Analytical Mindset
4 5 (3.18%) FMCG
5 4 (2.55%) Cyber Threat
6 3 (1.91%) Cyber Defence
6 3 (1.91%) Cyberattack
6 3 (1.91%) Mobile App
6 3 (1.91%) Self-Motivation
7 2 (1.27%) CMDB
7 2 (1.27%) Virtual Team
8 1 (0.64%) Animation
8 1 (0.64%) Industrial Internet of Things
8 1 (0.64%) Learning Management System
8 1 (0.64%) SCADA
8 1 (0.64%) TRADACOMS
8 1 (0.64%) Video Conferencing
8 1 (0.64%) Video Editing
Operating Systems
1 1 (0.64%) Windows
Processes & Methodologies
1 94 (59.87%) Information Security
2 85 (54.14%) Risk Management
3 73 (46.50%) Cybersecurity
4 39 (24.84%) Stakeholder Management
5 25 (15.92%) ITIL
5 25 (15.92%) Security Operations
6 24 (15.29%) Problem-Solving
7 22 (14.01%) Information Security Governance
7 22 (14.01%) Service Delivery
8 19 (12.10%) Cloud Security
9 17 (10.83%) Agile
9 17 (10.83%) Continuous Improvement
10 13 (8.28%) IT Governance
10 13 (8.28%) Vulnerability Management
11 12 (7.64%) Incident Response
12 10 (6.37%) Collaborative Working
12 10 (6.37%) Compliance Management
12 10 (6.37%) Computer Science
12 10 (6.37%) Data Protection
12 10 (6.37%) Security Management
Programming Languages
1 5 (3.18%) JavaScript
2 3 (1.91%) R
3 2 (1.27%) PowerShell
3 2 (1.27%) Python
3 2 (1.27%) SQL
4 1 (0.64%) VBA
Qualifications
1 60 (38.22%) CISM
2 59 (37.58%) CISSP
3 41 (26.11%) CRISC
4 34 (21.66%) Degree
5 24 (15.29%) Security Cleared
6 23 (14.65%) CISA
7 19 (12.10%) SC Cleared
8 9 (5.73%) ISACA
8 9 (5.73%) SANS
9 8 (5.10%) CompTIA CySA+
9 8 (5.10%) GIAC
10 5 (3.18%) ISO 27001 Lead Implementer
11 4 (2.55%) (ISC)2 CCSP
11 4 (2.55%) CCSP
11 4 (2.55%) Cisco Certification
11 4 (2.55%) CISMP
11 4 (2.55%) DV Cleared
12 3 (1.91%) OSCP
12 3 (1.91%) PMI Certification
12 3 (1.91%) PMP
Quality Assurance & Compliance
1 73 (46.50%) NIST
2 68 (43.31%) ISO/IEC 27001
3 41 (26.11%) PCI DSS
4 25 (15.92%) GDPR
5 19 (12.10%) Cyber Essentials
6 16 (10.19%) Cyber Essentials PLUS
7 10 (6.37%) COBIT
7 10 (6.37%) NCSC
8 9 (5.73%) JSP 440
9 6 (3.82%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 6 (3.82%) NIST 800
10 3 (1.91%) Actionable Recommendations
11 2 (1.27%) ITGC
11 2 (1.27%) Sarbanes-Oxley
11 2 (1.27%) SOC 2
12 1 (0.64%) Data Quality
12 1 (0.64%) FISMA
12 1 (0.64%) GLBA
12 1 (0.64%) HIPAA
12 1 (0.64%) QA
System Software
1 3 (1.91%) Active Directory
Systems Management
1 5 (3.18%) Nessus
2 3 (1.91%) FortiGate
2 3 (1.91%) Microsoft Intune
2 3 (1.91%) Single Sign-On
3 2 (1.27%) RSA Archer
4 1 (0.64%) Computer Emergency Response Teams
4 1 (0.64%) Terraform
Vendors
1 15 (9.55%) Microsoft
2 12 (7.64%) ServiceNow
3 7 (4.46%) SAP
4 5 (3.18%) Tenable
5 3 (1.91%) Cisco
5 3 (1.91%) Fortinet
5 3 (1.91%) Infor
6 2 (1.27%) Google
7 1 (0.64%) OneTrust
7 1 (0.64%) Oracle