Period
to 25 July 2021

The following table provides summary statistics for permanent job vacancies with a requirement for GRC skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited GRC over the 6 months to 25 July 2021 with a comparison to the same period in the previous 2 years.

Governance, Risk Management and Compliance (GRC)
UK
6 months to
25 Jul 2021
Same period 2020 Same period 2019
Rank 676 616 746
Rank change year-on-year -60 +130 -9
Permanent jobs citing GRC 328 189 381
As % of all permanent jobs advertised in the UK 0.29% 0.27% 0.26%
As % of the Quality Assurance & Compliance category 2.04% 2.07% 1.87%
Number of salaries quoted 249 132 288
10th Percentile £46,250 £42,500 £40,175
25th Percentile £54,375 £45,250 £50,000
Median annual salary (50th Percentile) £65,000 £62,500 £68,500
Median % change year-on-year +4.00% -8.76% +5.38%
75th Percentile £80,000 £80,000 £84,063
90th Percentile £95,000 £85,000 £95,000
UK excluding London median annual salary £58,750 £60,000 £60,000
% change year-on-year -2.08% - -

GRC is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 16,068 9,126 20,360
As % of all permanent IT jobs advertised in the UK 14.29% 12.90% 14.12%
Number of salaries quoted 9,939 7,046 15,115
10th Percentile £31,250 £30,000 £28,500
25th Percentile £41,185 £40,000 £37,500
Median annual salary (50th Percentile) £53,500 £52,500 £50,000
Median % change year-on-year +1.90% +5.00% -
75th Percentile £71,250 £70,000 £67,500
90th Percentile £87,500 £85,000 £83,750
UK excluding London median annual salary £47,500 £47,500 £45,000
% change year-on-year - +5.56% -

GRC
Job Vacancy Trend

Job postings citing GRC as a proportion of all IT jobs advertised.

Job vacancy trend for GRC in the UK

GRC
Salary Trend

3-month moving average salary quoted in jobs citing GRC.

Salary trend for GRC in the UK

GRC
Salary Histogram

Salary distribution for jobs citing GRC over the 6 months to 25 July 2021.

Salary histogram for GRC in the UK

GRC
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing GRC within the UK over the 6 months to 25 July 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -43 302 £65,000 +4.00% 56
UK excluding London -43 158 £58,750 -2.08% 27
London -70 148 £75,000 +9.09% 29
Work from Home -192 70 £70,000 -9.68% 11
South East -38 55 £60,000 -17.24% 8
Midlands -25 50 £53,750 +2.38% 8
West Midlands -28 38 £52,500 +10.53% 7
North of England -80 20 £58,750 +11.90% 3
East of England -29 19 £75,000 +5.26% 4
Yorkshire - 12 £58,750 - 1
East Midlands -34 10 £60,000 -14.29% 1
Scotland -61 6 - -
North West -69 6 £51,750 -1.43% 2
South West -64 5 £57,500 +24.66% 3
Wales - 3 £47,500 -
North East - 2 £80,000 -

For the 6 months to 25 July 2021, IT jobs citing GRC also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for GRC.

1 187 (57.01%) Information Security
2 121 (36.89%) Risk Management
3 117 (35.67%) Cybersecurity
4 113 (34.45%) ISO/IEC 27001
5 85 (25.91%) CISSP
6 77 (23.48%) Azure
7 70 (21.34%) Finance
8 67 (20.43%) Social Skills
9 61 (18.60%) CISM
10 60 (18.29%) SQL
10 60 (18.29%) GDPR
11 57 (17.38%) SaaS
12 56 (17.07%) PCI DSS
12 56 (17.07%) NIST
13 54 (16.46%) Security Operations
14 53 (16.16%) ITIL
15 50 (15.24%) Agile Software Development
16 48 (14.63%) Degree
17 45 (13.72%) Stakeholder Management
17 45 (13.72%) Management Information System
17 45 (13.72%) ISMS
18 44 (13.41%) DevOps
19 42 (12.80%) JavaScript
19 42 (12.80%) CISA
19 42 (12.80%) Analytical Skills
19 42 (12.80%) ServiceNow
20 41 (12.50%) Continuous Improvement
21 40 (12.20%) Security Management
22 39 (11.89%) AWS
23 35 (10.67%) Vulnerability Assessment

GRC
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 17 (5.18%) Apache Airflow
1 17 (5.18%) Gunicorn
2 11 (3.35%) SharePoint
3 8 (2.44%) IIS
4 6 (1.83%) Confluence
5 3 (0.91%) Elasticsearch
5 3 (0.91%) NetWeaver
5 3 (0.91%) OpenStack
6 1 (0.30%) Appian
Applications
1 18 (5.49%) Microsoft Excel
2 17 (5.18%) MS Visio
3 12 (3.66%) Microsoft PowerPoint
4 2 (0.61%) Microsoft Project
Business Applications
1 7 (2.13%) SAP GRC
2 3 (0.91%) Remedy ITSM
2 3 (0.91%) SAP BPC
2 3 (0.91%) SAP FI
2 3 (0.91%) SAP S/4HANA
2 3 (0.91%) Sparx Enterprise Architect
3 2 (0.61%) Elite 3E
3 2 (0.61%) NetSuite
3 2 (0.61%) SAP CO
3 2 (0.61%) SAP FI/CO
4 1 (0.30%) Oracle ERP
4 1 (0.30%) Oracle Financials
4 1 (0.30%) Oracle Procure-to-Pay
4 1 (0.30%) SAP Oil and Gas
Cloud Services
1 77 (23.48%) Azure
2 57 (17.38%) SaaS
3 39 (11.89%) AWS
4 18 (5.49%) GCP
5 16 (4.88%) Microsoft 365
6 14 (4.27%) Power Platform
7 11 (3.35%) Cloud Computing
8 8 (2.44%) Azure Cosmos DB
9 6 (1.83%) IaaS
9 6 (1.83%) PaaS
10 4 (1.22%) BPaaS
11 2 (0.61%) Dynamics 365
12 1 (0.30%) IBM Cloud
12 1 (0.30%) PowerApps
Communications & Networking
1 28 (8.54%) Firewall
2 11 (3.35%) Internet
3 10 (3.05%) SSL
4 9 (2.74%) TCP/IP
4 9 (2.74%) VPN
5 7 (2.13%) Network Security
6 4 (1.22%) DMZ
6 4 (1.22%) Reverse Proxy
6 4 (1.22%) WAAS
7 3 (0.91%) BGP
7 3 (0.91%) Cisco ASA
7 3 (0.91%) Cisco Nexus
7 3 (0.91%) DNS
7 3 (0.91%) F5 BIG-IP GTM
7 3 (0.91%) F5 BIG-IP LTM
7 3 (0.91%) IPsec
7 3 (0.91%) MPLS
7 3 (0.91%) OSPF
7 3 (0.91%) Unified Communications
7 3 (0.91%) Wireless
Database & Business Intelligence
1 22 (6.71%) Data Warehouse
2 17 (5.18%) SQL Server
3 14 (4.27%) Power BI
4 5 (1.52%) Data Mining
4 5 (1.52%) MongoDB
4 5 (1.52%) NoSQL
4 5 (1.52%) SQL Server Analysis Services
4 5 (1.52%) SQL Server Integration Services
4 5 (1.52%) SQL Server Reporting Services
5 4 (1.22%) SAP HANA
6 3 (0.91%) Big Data
6 3 (0.91%) PostgreSQL
6 3 (0.91%) Relational Database
6 3 (0.91%) SAP BW
7 1 (0.30%) Oracle Reports
7 1 (0.30%) Tableau
Development Applications
1 22 (6.71%) Git (software)
2 6 (1.83%) JIRA
3 2 (0.61%) Eclipse
4 1 (0.30%) Bitbucket
General
1 70 (21.34%) Finance
2 67 (20.43%) Social Skills
3 42 (12.80%) Analytical Skills
4 33 (10.06%) Legal
4 33 (10.06%) Public Sector
5 15 (4.57%) Russian Language
6 14 (4.27%) Retail
7 12 (3.66%) Banking
7 12 (3.66%) Inclusion and Diversity
8 11 (3.35%) Manufacturing
9 10 (3.05%) Law
10 2 (0.61%) Presentation Skills
11 1 (0.30%) Aerospace
11 1 (0.30%) Environmental Health
11 1 (0.30%) Influencing Skills
11 1 (0.30%) Investment Banking
11 1 (0.30%) Polish Language
11 1 (0.30%) Publishing
11 1 (0.30%) Retail Banking
11 1 (0.30%) Telecoms
Job Titles
1 50 (15.24%) Consultant
2 47 (14.33%) Analyst
3 44 (13.41%) Security Consultant
4 38 (11.59%) Developer
5 34 (10.37%) Security Analyst
6 31 (9.45%) Security Specialist
7 27 (8.23%) Information Analyst
7 27 (8.23%) Information Security Analyst
7 27 (8.23%) Security Officer
8 26 (7.93%) Information Officer
8 26 (7.93%) Information Security Officer
8 26 (7.93%) Security Manager
9 20 (6.10%) Senior Consultant
9 20 (6.10%) Senior Security Consultant
10 18 (5.49%) Information Security Specialist
10 18 (5.49%) Information Specialist
11 17 (5.18%) Data Engineer
11 17 (5.18%) Senior Data Engineer
11 17 (5.18%) Software Developer
12 15 (4.57%) Senior Developer
Libraries, Frameworks & Software Standards
1 33 (10.06%) .NET
2 31 (9.45%) REST
3 21 (6.40%) AngularJS
4 20 (6.10%) jQuery
5 17 (5.18%) Kafka
5 17 (5.18%) NumPy
5 17 (5.18%) Pandas
5 17 (5.18%) pytest
6 12 (3.66%) Middleware
6 12 (3.66%) RESTful
6 12 (3.66%) XML
7 10 (3.05%) HTML
7 10 (3.05%) Web Services
8 9 (2.74%) .NET Framework
9 8 (2.44%) .NET Core
10 7 (2.13%) JSON
10 7 (2.13%) LDAP
11 6 (1.83%) SOAP
12 3 (0.91%) SAML
12 3 (0.91%) WSDL
Miscellaneous
1 45 (13.72%) Management Information System
2 21 (6.40%) Cyberthreat
3 20 (6.10%) Algorithms
3 20 (6.10%) Data Structures
3 20 (6.10%) Mobile App
4 16 (4.88%) Greenfield Project
5 11 (3.35%) Public Cloud
6 10 (3.05%) Enterprise Software
7 9 (2.74%) Self-Motivation
8 8 (2.44%) Linux Command Line
9 7 (2.13%) SCADA
10 6 (1.83%) Cyberattack
11 4 (1.22%) Data Centre
12 3 (0.91%) Cybercrime
12 3 (0.91%) Enterprise Storage
12 3 (0.91%) Internet of Things
12 3 (0.91%) N-Tier
12 3 (0.91%) Reinsurance
12 3 (0.91%) Security Operations Centre
13 2 (0.61%) Data Protection Act
Operating Systems
1 28 (8.54%) Linux
2 20 (6.10%) Windows
3 8 (2.44%) Windows Server
4 7 (2.13%) Unix
Processes & Methodologies
1 187 (57.01%) Information Security
2 121 (36.89%) Risk Management
3 117 (35.67%) Cybersecurity
4 54 (16.46%) Security Operations
5 53 (16.16%) ITIL
6 50 (15.24%) Agile Software Development
7 45 (13.72%) ISMS
7 45 (13.72%) Stakeholder Management
8 44 (13.41%) DevOps
9 41 (12.50%) Continuous Improvement
10 40 (12.20%) Security Management
11 35 (10.67%) Vulnerability Assessment
12 32 (9.76%) Data Protection
12 32 (9.76%) Workflow
13 30 (9.15%) Information Security Management
14 29 (8.84%) Business Continuity
14 29 (8.84%) Project Management
14 29 (8.84%) Risk Assessment
15 25 (7.62%) Mentoring
16 24 (7.32%) SIEM
Programming Languages
1 60 (18.29%) SQL
2 42 (12.80%) JavaScript
3 32 (9.76%) Python
4 26 (7.93%) C#
5 24 (7.32%) Java
6 20 (6.10%) Kotlin
7 13 (3.96%) T-SQL
8 12 (3.66%) PowerShell
9 11 (3.35%) C
10 9 (2.74%) Bash Shell
11 8 (2.44%) PHP
12 5 (1.52%) VBA
13 4 (1.22%) VB.NET
13 4 (1.22%) VBScript
14 3 (0.91%) ABAP
15 2 (0.61%) C++
16 1 (0.30%) Perl
16 1 (0.30%) R
16 1 (0.30%) SAPscript
Qualifications
1 85 (25.91%) CISSP
2 61 (18.60%) CISM
3 48 (14.63%) Degree
4 42 (12.80%) CISA
5 26 (7.93%) CRISC
6 13 (3.96%) Security Cleared
7 11 (3.35%) ISO 27001 Lead Auditor
8 8 (2.44%) Cisco Certification
9 6 (1.83%) Computer Science Degree
9 6 (1.83%) ISACA
10 5 (1.52%) (ISC)2 CCSP
11 4 (1.22%) CISMP
11 4 (1.22%) DV Cleared
11 4 (1.22%) ITIL Certification
11 4 (1.22%) MCSE
11 4 (1.22%) Microsoft Certification
11 4 (1.22%) SC Cleared
12 3 (0.91%) ISSAP
12 3 (0.91%) JNCIP
12 3 (0.91%) SAP Certification
Quality Assurance & Compliance
1 113 (34.45%) ISO/IEC 27001
2 60 (18.29%) GDPR
3 56 (17.07%) NIST
3 56 (17.07%) PCI DSS
4 32 (9.76%) COBIT
5 29 (8.84%) Cyber Essentials
6 23 (7.01%) QA
7 9 (2.74%) ISO 22301
8 8 (2.44%) Sarbanes-Oxley
9 7 (2.13%) Cyber Essentials PLUS
9 7 (2.13%) NIST 800
10 6 (1.83%) COSO
10 6 (1.83%) ISO 9001
10 6 (1.83%) SOC 2
11 5 (1.52%) ISO/IEC 20000
12 4 (1.22%) 21 CFR Part 11
12 4 (1.22%) HIPAA
12 4 (1.22%) ITGC
12 4 (1.22%) SLA
13 3 (0.91%) FedRAMP
System Software
1 26 (7.93%) Docker
2 12 (3.66%) Active Directory
3 3 (0.91%) Firmware
3 3 (0.91%) VMware Infrastructure
Systems Management
1 18 (5.49%) Kubernetes
2 16 (4.88%) Opscode Chef
2 16 (4.88%) Puppet
3 12 (3.66%) RSA Archer
4 7 (2.13%) Single Sign-On
5 1 (0.30%) Oracle Identity Management
5 1 (0.30%) Oracle Identity Manager
Vendors
1 42 (12.80%) ServiceNow
2 29 (8.84%) Microsoft
3 19 (5.79%) SAP
4 13 (3.96%) Google
5 8 (2.44%) Oracle
6 7 (2.13%) BMC
6 7 (2.13%) HP
6 7 (2.13%) Ivanti
7 4 (1.22%) VMware
8 3 (0.91%) BiZZdesign
8 3 (0.91%) Broadcom
8 3 (0.91%) Cisco
8 3 (0.91%) Citrix
8 3 (0.91%) F5
8 3 (0.91%) Juniper
8 3 (0.91%) Mellanox
8 3 (0.91%) Remedy
8 3 (0.91%) Sparx
9 2 (0.61%) JD Edwards
10 1 (0.30%) Red Hat