Period
to 25 October 2021

The following table provides summary statistics for permanent job vacancies with a requirement for GRC skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited GRC over the 6 months to 25 October 2021 with a comparison to the same period in the previous 2 years.

Governance, Risk Management and Compliance (GRC)
UK
6 months to
25 Oct 2021
Same period 2020 Same period 2019
Rank 707 555 750
Rank change year-on-year -152 +195 +66
Permanent jobs citing GRC 355 133 340
As % of all permanent jobs advertised in the UK 0.28% 0.27% 0.25%
As % of the Quality Assurance & Compliance category 1.83% 2.19% 1.81%
Number of salaries quoted 244 66 240
10th Percentile £48,750 £42,500 £40,608
25th Percentile £55,000 £45,250 £50,000
Median annual salary (50th Percentile) £65,250 £60,250 £67,500
Median % change year-on-year +8.30% -10.74% +3.85%
75th Percentile £82,500 £80,313 £77,500
90th Percentile £95,000 £100,000 £93,875
UK excluding London median annual salary £60,000 £55,000 £61,500
% change year-on-year +9.09% -10.57% +6.96%

GRC is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 19,403 6,080 18,786
As % of all permanent IT jobs advertised in the UK 15.36% 12.44% 13.79%
Number of salaries quoted 11,910 4,784 14,207
10th Percentile £31,250 £31,250 £28,500
25th Percentile £40,500 £41,250 £37,000
Median annual salary (50th Percentile) £55,000 £53,750 £50,000
Median % change year-on-year +2.33% +7.50% -
75th Percentile £71,250 £70,000 £67,500
90th Percentile £89,250 £85,000 £82,500
UK excluding London median annual salary £47,000 £48,500 £45,000
% change year-on-year -3.09% +7.78% -

GRC
Job Vacancy Trend

Job postings citing GRC as a proportion of all IT jobs advertised.

Job vacancy trend for GRC in the UK

GRC
Salary Trend

3-month moving average salary quoted in jobs citing GRC.

Salary trend for GRC in the UK

GRC
Salary Histogram

Salary distribution for jobs citing GRC over the 6 months to 25 October 2021.

Salary histogram for GRC in the UK

GRC
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing GRC within the UK over the 6 months to 25 October 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -126 331 £65,000 +7.88% 64
London -142 185 £73,000 +12.31% 25
UK excluding London -140 143 £60,000 +9.09% 43
Work from Home -175 96 £72,500 +28.89% 10
South East -123 48 £60,000 -25.00% 13
Midlands -74 44 £60,000 -7.69% 13
West Midlands -73 32 £65,000 +30.00% 10
North of England -133 24 £57,500 +27.78% 5
North West -97 14 £57,500 +27.78% 5
Scotland -75 11 £80,000 - 3
East of England -98 11 £85,000 +51.79% 2
East Midlands -73 10 £60,000 -18.64% 3
Yorkshire -96 10 £57,500 +43.75%
South West -93 9 £70,421 +10.68% 6

For the 6 months to 25 October 2021, IT jobs citing GRC also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for GRC.

1 165 (46.48%) Information Security
2 150 (42.25%) Risk Management
3 138 (38.87%) Cybersecurity
4 124 (34.93%) ISO/IEC 27001
5 98 (27.61%) Finance
6 84 (23.66%) CISSP
7 81 (22.82%) Azure
8 80 (22.54%) Analytical Skills
8 80 (22.54%) Agile Software Development
9 71 (20.00%) GDPR
9 71 (20.00%) Social Skills
10 70 (19.72%) CISM
11 67 (18.87%) NIST
12 66 (18.59%) DevOps
13 64 (18.03%) Stakeholder Management
14 61 (17.18%) SaaS
14 61 (17.18%) PCI DSS
15 54 (15.21%) Security Operations
15 54 (15.21%) SQL
16 53 (14.93%) Security Management
16 53 (14.93%) AWS
17 52 (14.65%) ITIL
18 51 (14.37%) Data Protection
19 49 (13.80%) Microsoft
20 48 (13.52%) Legal
21 47 (13.24%) Degree
22 45 (12.68%) COBIT
22 45 (12.68%) Management Information System
22 45 (12.68%) ISMS
23 43 (12.11%) Continuous Improvement

GRC
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 20 (5.63%) Apache Airflow
1 20 (5.63%) Gunicorn
2 10 (2.82%) IIS
3 5 (1.41%) Confluence
4 3 (0.85%) NetWeaver
5 2 (0.56%) Elasticsearch
5 2 (0.56%) SharePoint
6 1 (0.28%) Appian
Applications
1 37 (10.42%) Microsoft Excel
2 16 (4.51%) Microsoft PowerPoint
3 7 (1.97%) MS Visio
4 3 (0.85%) Microsoft Project
5 1 (0.28%) Microsoft Office
Business Applications
1 7 (1.97%) SAP S/4HANA
2 6 (1.69%) SAP GRC
3 5 (1.41%) SAP FI
4 4 (1.13%) SAP BPC
4 4 (1.13%) SAP CO
4 4 (1.13%) SAP FI/CO
5 3 (0.85%) Remedy ITSM
6 2 (0.56%) Oracle ERP
7 1 (0.28%) Elite 3E
7 1 (0.28%) NetSuite
7 1 (0.28%) Oracle Financials
7 1 (0.28%) Oracle Procure-to-Pay
7 1 (0.28%) SAP ERP
7 1 (0.28%) SAP Oil and Gas
Cloud Services
1 81 (22.82%) Azure
2 61 (17.18%) SaaS
3 53 (14.93%) AWS
4 34 (9.58%) Power Platform
5 19 (5.35%) GCP
6 15 (4.23%) Azure Cosmos DB
7 12 (3.38%) Microsoft 365
8 2 (0.56%) Cloud Computing
8 2 (0.56%) Collibra
9 1 (0.28%) Azure Active Directory
9 1 (0.28%) Dynamics 365
9 1 (0.28%) IaaS
9 1 (0.28%) PaaS
9 1 (0.28%) PowerApps
9 1 (0.28%) Slack
Communications & Networking
1 30 (8.45%) Firewall
2 10 (2.82%) Network Security
3 5 (1.41%) DMZ
4 3 (0.85%) SSL
4 3 (0.85%) TCP/IP
4 3 (0.85%) Wireless
5 2 (0.56%) Broadband
5 2 (0.56%) Intrusion Detection
6 1 (0.28%) DNS
6 1 (0.28%) HTTP
6 1 (0.28%) LAN
6 1 (0.28%) SMTP
6 1 (0.28%) VPN
6 1 (0.28%) WAN
Database & Business Intelligence
1 34 (9.58%) Power BI
2 26 (7.32%) Data Warehouse
3 25 (7.04%) Tableau
4 5 (1.41%) MongoDB
4 5 (1.41%) NoSQL
4 5 (1.41%) SAP HANA
4 5 (1.41%) SQL Server Analysis Services
4 5 (1.41%) SQL Server Integration Services
4 5 (1.41%) SQL Server Reporting Services
5 2 (0.56%) Metadata
5 2 (0.56%) Oracle Reports
5 2 (0.56%) PostgreSQL
5 2 (0.56%) Relational Database
5 2 (0.56%) SQL Server
6 1 (0.28%) Ataccama
6 1 (0.28%) BusinessObjects Business Intelligence
6 1 (0.28%) SAP BW
Development Applications
1 14 (3.94%) JIRA
2 11 (3.10%) Git (software)
3 8 (2.25%) Rational DOORS
3 8 (2.25%) SonarQube
3 8 (2.25%) Visual Studio
4 2 (0.56%) Eclipse
General
1 98 (27.61%) Finance
2 80 (22.54%) Analytical Skills
3 71 (20.00%) Social Skills
4 48 (13.52%) Legal
5 28 (7.89%) Public Sector
6 27 (7.61%) Retail
7 16 (4.51%) Banking
8 12 (3.38%) Russian Language
9 11 (3.10%) Presentation Skills
10 9 (2.54%) Inclusion and Diversity
10 9 (2.54%) Influencing Skills
10 9 (2.54%) Manufacturing
11 8 (2.25%) Law
12 7 (1.97%) Pharmaceutical
12 7 (1.97%) Telecoms
13 5 (1.41%) Back Office
14 4 (1.13%) Marketing
15 3 (0.85%) Organisational Skills
16 2 (0.56%) Local Government
16 2 (0.56%) Public Speaking
Job Titles
1 91 (25.63%) Analyst
2 52 (14.65%) Consultant
3 47 (13.24%) Security Analyst
4 40 (11.27%) Security Manager
5 39 (10.99%) Security Consultant
6 35 (9.86%) Information Analyst
7 34 (9.58%) Information Security Analyst
8 27 (7.61%) Senior Consultant
9 26 (7.32%) Senior Security Consultant
10 24 (6.76%) Architect
11 21 (5.92%) Security Architect
11 21 (5.92%) Security Officer
12 20 (5.63%) Data Engineer
12 20 (5.63%) Information Manager
12 20 (5.63%) Information Security Manager
12 20 (5.63%) Senior Data Engineer
13 19 (5.35%) Data Analyst
13 19 (5.35%) Information Officer
13 19 (5.35%) Information Security Officer
14 18 (5.07%) Senior Analyst
Libraries, Frameworks & Software Standards
1 26 (7.32%) REST
2 20 (5.63%) Kafka
2 20 (5.63%) NumPy
2 20 (5.63%) Pandas
2 20 (5.63%) pytest
3 18 (5.07%) RESTful
4 14 (3.94%) AngularJS
4 14 (3.94%) Web Services
5 10 (2.82%) jQuery
6 9 (2.54%) .NET
6 9 (2.54%) JSON
7 8 (2.25%) XML
8 7 (1.97%) HTML
8 7 (1.97%) Middleware
9 5 (1.41%) SOAP
10 4 (1.13%) HTML5
10 4 (1.13%) SAML
11 3 (0.85%) LDAP
11 3 (0.85%) SAP Fiori
12 2 (0.56%) ODBC
Miscellaneous
1 45 (12.68%) Management Information System
2 25 (7.04%) Cyberthreat
3 22 (6.20%) Algorithms
3 22 (6.20%) Data Structures
4 16 (4.51%) Greenfield Project
4 16 (4.51%) Self-Motivation
5 15 (4.23%) Linux Command Line
6 9 (2.54%) Public Cloud
7 8 (2.25%) Driving Licence
7 8 (2.25%) Mobile Payment
7 8 (2.25%) Smartcard
8 7 (1.97%) Cyberattack
9 6 (1.69%) Data Centre
9 6 (1.69%) Data Protection Act
9 6 (1.69%) Mobile App
10 5 (1.41%) e-Learning
11 4 (1.13%) Blog
11 4 (1.13%) Distributed Denial-of-Service
12 3 (0.85%) Reinsurance
12 3 (0.85%) Video Conferencing
Operating Systems
1 29 (8.17%) Linux
2 14 (3.94%) Windows
3 9 (2.54%) Windows Server
4 8 (2.25%) Solaris
5 3 (0.85%) Unix
Processes & Methodologies
1 165 (46.48%) Information Security
2 150 (42.25%) Risk Management
3 138 (38.87%) Cybersecurity
4 80 (22.54%) Agile Software Development
5 66 (18.59%) DevOps
6 64 (18.03%) Stakeholder Management
7 54 (15.21%) Security Operations
8 53 (14.93%) Security Management
9 52 (14.65%) ITIL
10 51 (14.37%) Data Protection
11 45 (12.68%) ISMS
12 43 (12.11%) Continuous Improvement
13 41 (11.55%) Risk Assessment
14 37 (10.42%) Internal Audit
15 36 (10.14%) Business Intelligence
16 35 (9.86%) Analytics
17 32 (9.01%) Data Privacy
17 32 (9.01%) Mathematics
17 32 (9.01%) Project Management
17 32 (9.01%) Security Architecture
Programming Languages
1 54 (15.21%) SQL
2 36 (10.14%) Python
3 32 (9.01%) JavaScript
4 31 (8.73%) Java
5 22 (6.20%) Kotlin
6 21 (5.92%) Bash Shell
7 20 (5.63%) T-SQL
8 17 (4.79%) C#
9 16 (4.51%) PowerShell
10 4 (1.13%) C
11 3 (0.85%) ABAP
12 2 (0.56%) C++
13 1 (0.28%) Perl
13 1 (0.28%) PHP
13 1 (0.28%) R
13 1 (0.28%) SAPscript
Qualifications
1 84 (23.66%) CISSP
2 70 (19.72%) CISM
3 47 (13.24%) Degree
4 41 (11.55%) CISA
5 22 (6.20%) CRISC
6 14 (3.94%) (ISC)2 CCSP
6 14 (3.94%) Cisco Certification
7 10 (2.82%) Security Cleared
8 9 (2.54%) IISP
9 8 (2.25%) CCSP
9 8 (2.25%) CLAS
9 8 (2.25%) CREST Certified
10 7 (1.97%) SANS
11 6 (1.69%) SAP Certification
12 5 (1.41%) CSSLP
12 5 (1.41%) Microsoft Certification
12 5 (1.41%) PCI QSA
12 5 (1.41%) SSCP
13 4 (1.13%) CESG Certified Professional
13 4 (1.13%) SC Cleared
Quality Assurance & Compliance
1 124 (34.93%) ISO/IEC 27001
2 71 (20.00%) GDPR
3 67 (18.87%) NIST
4 61 (17.18%) PCI DSS
5 45 (12.68%) COBIT
6 26 (7.32%) Cyber Essentials
7 23 (6.48%) Sarbanes-Oxley
8 14 (3.94%) NCSC
9 12 (3.38%) QA
10 9 (2.54%) ISO 31000
10 9 (2.54%) ISO 9001
10 9 (2.54%) ISO/IEC 27005
11 8 (2.25%) ISAE 3402
12 7 (1.97%) NIST 800
13 6 (1.69%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
14 5 (1.41%) Actionable Recommendations
14 5 (1.41%) COSO
14 5 (1.41%) PSD2
15 2 (0.56%) Cyber Essentials PLUS
15 2 (0.56%) ITGC
System Software
1 21 (5.92%) Docker
2 8 (2.25%) ISA Server
3 1 (0.28%) Active Directory
Systems Management
1 16 (4.51%) Kubernetes
2 12 (3.38%) Opscode Chef
2 12 (3.38%) Puppet
3 8 (2.25%) Nessus
3 8 (2.25%) RSA Archer
3 8 (2.25%) Trend Micro Deep Security
4 4 (1.13%) Single Sign-On
5 3 (0.85%) Computer Emergency Response Teams
Vendors
1 49 (13.80%) Microsoft
2 33 (9.30%) Splunk
3 29 (8.17%) ServiceNow
4 20 (5.63%) SAP
5 16 (4.51%) Oracle
6 9 (2.54%) Tripwire
7 8 (2.25%) Centrify
7 8 (2.25%) Cisco
7 8 (2.25%) CrowdStrike
7 8 (2.25%) F5
7 8 (2.25%) Google
7 8 (2.25%) Imperva
7 8 (2.25%) Okta
7 8 (2.25%) OneTrust
7 8 (2.25%) Trend Micro
8 5 (1.41%) Cubic Transportation
9 4 (1.13%) Alteryx
9 4 (1.13%) BMC
9 4 (1.13%) Remedy
10 3 (0.85%) HP