Period
to 16 July 2020

The following table provides summary statistics for permanent job vacancies with a requirement for HMG Security Policy Framework skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited HMG Security Policy Framework over the 6 months to 16 July 2020 with a comparison to the same period in the previous 2 years.

HMG Security Policy Framework (SPF)
UK
6 months to
16 Jul 2020
Same period 2019 Same period 2018
Rank 734 948 1102
Rank change year-on-year +214 +154 -9
Permanent jobs citing HMG Security Policy Framework 83 161 99
As % of all permanent jobs advertised in the UK 0.11% 0.11% 0.056%
As % of the Quality Assurance & Compliance category 0.92% 0.81% 0.43%
Number of salaries quoted 88 131 84
Median annual salary £75,000 £65,000 £67,500
Median salary % change year-on-year +15.38% -3.70% +22.73%
10th Percentile £41,110 £47,750 £38,750
90th Percentile £88,750 £75,000 £86,250
UK excluding London median annual salary £67,500 £65,000 £60,000
% change year-on-year +3.85% +8.33% +32.54%

HMG Security Policy Framework is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 9,070 19,853 22,912
As % of all permanent IT jobs advertised in the UK 12.19% 13.62% 13.02%
Number of salaries quoted 6,886 14,595 17,498
Median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +5.26%
10th Percentile £30,000 £28,250 £28,125
90th Percentile £85,000 £83,750 £80,000
UK excluding London median annual salary £47,500 £45,000 £45,000
% change year-on-year +5.56% - +8.43%

HMG Security Policy Framework
Job Vacancy Trend

Job postings citing HMG Security Policy Framework as a proportion of all IT jobs advertised.

Job vacancy trend for HMG Security Policy Framework in the UK

HMG Security Policy Framework
Salary Trend

3-month moving average salary quoted in jobs citing HMG Security Policy Framework.

Salary trend for HMG Security Policy Framework in the UK

HMG Security Policy Framework
Salary Histogram

Salary distribution for jobs citing HMG Security Policy Framework over the 6 months to 16 July 2020.

Salary histogram for HMG Security Policy Framework in the UK

HMG Security Policy Framework
Top 9 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing HMG Security Policy Framework within the UK over the 6 months to 16 July 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
UK excluding London +174 53 £67,500 +3.85%
England +169 41 £75,000 +15.38% 1
Wales +53 23 £42,000 +40.00%
Work from Home +72 19 £80,000 +8.47%
South West +51 16 £75,000 +7.14%
South East +124 12 £70,000 -
London +185 11 £75,000 +11.11% 1
Midlands +109 2 £60,500 -16.55%
West Midlands +92 2 £60,500 -16.55%

For the 6 months to 16 July 2020, IT jobs citing HMG Security Policy Framework also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for HMG Security Policy Framework.

1 54 (65.06%) Information Security
2 48 (57.83%) ISO/IEC 27001
3 46 (55.42%) Cybersecurity
4 44 (53.01%) JSP 440
5 42 (50.60%) CESG
6 40 (48.19%) Security Cleared
6 40 (48.19%) Azure
7 35 (42.17%) SABSA
8 34 (40.96%) Security Architecture
9 33 (39.76%) AWS
10 32 (38.55%) SC Cleared
10 32 (38.55%) CESG Certified Professional
11 30 (36.14%) Information Assurance
12 26 (31.33%) TOGAF
13 24 (28.92%) Firewall
14 23 (27.71%) SIEM
15 22 (26.51%) Cyberthreat
16 21 (25.30%) Vulnerability Scanning
16 21 (25.30%) CISSP
17 20 (24.10%) Sarbanes-Oxley
17 20 (24.10%) Web Services
17 20 (24.10%) Analytics
17 20 (24.10%) PCI DSS
17 20 (24.10%) Public Sector
18 19 (22.89%) Customer Requirements
18 19 (22.89%) COBIT
18 19 (22.89%) Risk Analysis
19 18 (21.69%) DV Cleared
20 17 (20.48%) SQL
20 17 (20.48%) Management Information System

HMG Security Policy Framework
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 12 (14.46%) IIS
2 6 (7.23%) Tomcat
2 6 (7.23%) WebSphere
3 2 (2.41%) SAS
Business Applications
1 15 (18.07%) Sentinel
Cloud Services
1 40 (48.19%) Azure
2 33 (39.76%) AWS
3 14 (16.87%) Logic Apps
3 14 (16.87%) Office 365
Communications & Networking
1 24 (28.92%) Firewall
2 14 (16.87%) DKIM
2 14 (16.87%) DMARC
2 14 (16.87%) DNS
2 14 (16.87%) TCP/IP
2 14 (16.87%) Wireshark
3 3 (3.61%) Internet
Database & Business Intelligence
1 6 (7.23%) SQL Server
1 6 (7.23%) SQL Server 2012
Development Applications
1 14 (16.87%) Metasploit
2 3 (3.61%) Git (software)
General
1 20 (24.10%) Public Sector
2 16 (19.28%) Manufacturing
3 15 (18.07%) Finance
4 4 (4.82%) Aerospace
5 1 (1.20%) Advertising
5 1 (1.20%) Electronics
5 1 (1.20%) Marketing
5 1 (1.20%) Telecoms
Job Titles
1 31 (37.35%) Architect
1 31 (37.35%) Security Architect
2 19 (22.89%) AWS Architect
2 19 (22.89%) Azure Architect
2 19 (22.89%) Cloud Architect
3 16 (19.28%) Analyst
3 16 (19.28%) Consultant
3 16 (19.28%) Security Analyst
3 16 (19.28%) Security Consultant
4 14 (16.87%) Enterprise Architect
4 14 (16.87%) Enterprise Security Architect
5 12 (14.46%) Cybersecurity Consultant
6 8 (9.64%) Cybersecurity Architect
6 8 (9.64%) Developer
7 6 (7.23%) Software Developer
8 5 (6.02%) Principal Architect
8 5 (6.02%) Principal Security Architect
9 4 (4.82%) Information Assurance Practitioner
10 3 (3.61%) Java Scala Developer
10 3 (3.61%) Security Assurance Coordinator
Libraries, Frameworks & Software Standards
1 20 (24.10%) Web Services
2 6 (7.23%) IBM Integration Bus
2 6 (7.23%) Java SE
2 6 (7.23%) Play Framework
2 6 (7.23%) REST
2 6 (7.23%) SOAP
2 6 (7.23%) Spring
3 1 (1.20%) ModSecurity
Miscellaneous
1 42 (50.60%) CESG
2 22 (26.51%) Cyberthreat
3 17 (20.48%) Management Information System
4 14 (16.87%) Security Operations Centre
5 8 (9.64%) Cyber Kill Chain
6 7 (8.43%) PKI
7 5 (6.02%) Cyberattack
8 3 (3.61%) Algorithms
8 3 (3.61%) Public Cloud
9 1 (1.20%) Analytical Skills
9 1 (1.20%) Self-Motivation
Operating Systems
1 14 (16.87%) Kali Linux
1 14 (16.87%) Linux
1 14 (16.87%) Windows
Processes & Methodologies
1 54 (65.06%) Information Security
2 46 (55.42%) Cybersecurity
3 35 (42.17%) SABSA
4 34 (40.96%) Security Architecture
5 30 (36.14%) Information Assurance
6 26 (31.33%) TOGAF
7 23 (27.71%) SIEM
8 21 (25.30%) Vulnerability Scanning
9 20 (24.10%) Analytics
10 19 (22.89%) Customer Requirements
10 19 (22.89%) Risk Analysis
11 16 (19.28%) Enterprise Architecture
12 14 (16.87%) Cyber Intelligence
12 14 (16.87%) Database Security
12 14 (16.87%) Ethical Hacking
12 14 (16.87%) Penetration Testing
12 14 (16.87%) Reverse Engineering
12 14 (16.87%) Security Operations
12 14 (16.87%) Security Testing
12 14 (16.87%) Threat Intelligence
Programming Languages
1 17 (20.48%) SQL
2 14 (16.87%) Bash Shell
3 6 (7.23%) Java
3 6 (7.23%) Scala
4 2 (2.41%) C
4 2 (2.41%) Python
4 2 (2.41%) R
Qualifications
1 40 (48.19%) Security Cleared
2 32 (38.55%) CESG Certified Professional
2 32 (38.55%) SC Cleared
3 21 (25.30%) CISSP
4 18 (21.69%) DV Cleared
5 15 (18.07%) SANS
6 14 (16.87%) CREST Certified
6 14 (16.87%) GCIA
6 14 (16.87%) GCIH
7 12 (14.46%) IISP
8 7 (8.43%) Degree
9 6 (7.23%) CISM
10 5 (6.02%) Master's Degree
11 3 (3.61%) CLAS
12 2 (2.41%) Computer Science Degree
12 2 (2.41%) CRISC
13 1 (1.20%) CCSP
13 1 (1.20%) CEH
13 1 (1.20%) CISA
13 1 (1.20%) Cisco Certification
Quality Assurance & Compliance
1 48 (57.83%) ISO/IEC 27001
2 44 (53.01%) JSP 440
3 20 (24.10%) PCI DSS
3 20 (24.10%) Sarbanes-Oxley
4 19 (22.89%) COBIT
5 6 (7.23%) Cyber Essentials
6 4 (4.82%) GDPR
7 3 (3.61%) Cyber Essentials PLUS
7 3 (3.61%) Government Security Classifications
7 3 (3.61%) NCSC
7 3 (3.61%) NIST
8 2 (2.41%) RMADS
9 1 (1.20%) Def Stans
9 1 (1.20%) HMG Infosec
9 1 (1.20%) ISO 9001
9 1 (1.20%) NIST 800
System Software
1 14 (16.87%) Active Directory
1 14 (16.87%) Snort
2 6 (7.23%) Docker
Systems Management
1 6 (7.23%) Kubernetes
2 1 (1.20%) QRadar
Vendors
1 14 (16.87%) Microsoft
2 6 (7.23%) IBM
3 2 (2.41%) Splunk
4 1 (1.20%) SAP