Period
to

The following table provides summary statistics for permanent job vacancies with a requirement for Incident Response skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Incident Response over the 6 months to 12 August 2022 with a comparison to the same period in the previous 2 years.

Incident Response
UK
6 months to
12 Aug 2022
Same period 2021 Same period 2020
Rank 433 413 330
Rank change year-on-year -20 -83 +143
Permanent jobs citing Incident Response 1,361 851 617
As % of all permanent jobs advertised in the UK 0.81% 0.74% 0.97%
As % of the Processes & Methodologies category 0.84% 0.79% 1.05%
Number of salaries quoted 858 615 463
10th Percentile £38,795 £39,000 £45,000
25th Percentile £49,375 £48,000 £51,125
Median annual salary (50th Percentile) £65,000 £60,000 £62,500
Median % change year-on-year +8.33% -4.00% +13.64%
75th Percentile £85,000 £80,000 £81,250
90th Percentile £100,000 £90,000 £92,450
UK excluding London median annual salary £56,250 £54,250 £55,000
% change year-on-year +3.69% -1.36% +15.79%

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 161,721 107,622 58,944
As % of all permanent IT jobs advertised in the UK 95.75% 94.06% 93.09%
Number of salaries quoted 84,129 73,141 47,812
10th Percentile £34,207 £32,500 £32,500
25th Percentile £45,000 £42,500 £41,250
Median annual salary (50th Percentile) £60,000 £55,600 £55,000
Median % change year-on-year +7.91% +1.09% +4.76%
75th Percentile £80,000 £75,000 £73,750
90th Percentile £97,290 £92,500 £90,000
UK excluding London median annual salary £52,500 £50,000 £47,500
% change year-on-year +5.00% +5.26% +5.56%

Incident Response
Job Vacancy Trend

Job postings citing Incident Response as a proportion of all IT jobs advertised.

Job vacancy trend for Incident Response in the UK

Incident Response
Salary Trend

3-month moving average salary quoted in jobs citing Incident Response.

Salary trend for Incident Response in the UK

Incident Response
Salary Histogram

Salary distribution for jobs citing Incident Response over the 6 months to 12 August 2022.

Salary histogram for Incident Response in the UK

Incident Response
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Incident Response within the UK over the 6 months to 12 August 2022. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Jobs
England -20 1,128 £65,000 +8.33% 95
London -28 629 £75,000 +7.14% 40
Work from Home -49 582 £65,850 +5.36% 33
UK excluding London -13 555 £56,250 +3.69% 62
North of England +40 193 £60,000 +9.09% 14
North West +20 120 £65,000 +18.18% 11
South East -53 89 £52,500 -12.50% 20
Scotland -44 78 £48,000 -43.53% 5
Midlands -76 73 £62,500 +19.05% 11
Yorkshire -3 66 £52,000 -5.45% 3
West Midlands -63 60 £62,500 +19.05% 8
East of England -42 58 £57,744 +40.84% 1
South West -38 46 £50,000 +4.17% 8
Wales -2 21 £57,500 +27.78% 2
East Midlands -37 13 £63,750 +177.78% 3
North East -12 7 £40,858 -31.90%
Northern Ireland - 1 - - 1

For the 6 months to 12 August 2022, IT jobs citing Incident Response also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for Incident Response.

1 709 (52.09%) Cybersecurity
2 568 (41.73%) Information Security
3 537 (39.46%) SIEM
4 513 (37.69%) Security Operations
5 419 (30.79%) Azure
6 384 (28.21%) Finance
7 340 (24.98%) Social Skills
8 332 (24.39%) AWS
9 297 (21.82%) CISSP
10 284 (20.87%) Python
11 276 (20.28%) ISO/IEC 27001
12 272 (19.99%) Firewall
13 271 (19.91%) Microsoft
14 252 (18.52%) Windows
15 247 (18.15%) Threat Intelligence
15 247 (18.15%) DevOps
16 223 (16.39%) Problem-Solving
17 219 (16.09%) Vulnerability Management
17 219 (16.09%) Linux
18 214 (15.72%) NIST
19 201 (14.77%) Incident Management
20 189 (13.89%) Risk Management
21 185 (13.59%) Management Information System
22 181 (13.30%) Splunk
23 180 (13.23%) Cyber Threat Intelligence
24 177 (13.01%) PowerShell
25 166 (12.20%) Cyber Essentials
26 165 (12.12%) Penetration Testing
27 164 (12.05%) CISM
28 162 (11.90%) Network Security

Incident Response
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 27 (1.98%) CMS
1 27 (1.98%) Confluence
2 25 (1.84%) SharePoint
3 13 (0.96%) Headless CMS
4 9 (0.66%) MS Exchange
5 6 (0.44%) nginx
6 4 (0.29%) Apache
6 4 (0.29%) Apache Spark
7 3 (0.22%) IIS
7 3 (0.22%) WebSphere
8 1 (0.073%) Cloud Foundry
8 1 (0.073%) GemFire
8 1 (0.073%) Oracle Coherence
8 1 (0.073%) Tomcat
Applications
1 36 (2.65%) Microsoft Office
2 31 (2.28%) Microsoft Excel
3 18 (1.32%) MS Visio
3 18 (1.32%) Sketch
4 12 (0.88%) Microsoft PowerPoint
5 5 (0.37%) Microsoft Project
Business Applications
1 1 (0.073%) Veritas eDiscovery
Cloud Services
1 419 (30.79%) Azure
2 332 (24.39%) AWS
3 145 (10.65%) Microsoft 365
4 122 (8.96%) GCP
5 105 (7.71%) SaaS
6 94 (6.91%) Azure Sentinel
7 61 (4.48%) PaaS
8 52 (3.82%) IaaS
9 48 (3.53%) Datadog
10 47 (3.45%) Mimecast
11 42 (3.09%) Azure Active Directory
12 39 (2.87%) Serverless
13 32 (2.35%) AWS CloudFormation
13 32 (2.35%) GitHub
14 31 (2.28%) Azure DevOps
15 20 (1.47%) Amazon GuardDuty
16 19 (1.40%) Amazon CloudWatch
17 18 (1.32%) AWS Lambda
17 18 (1.32%) Virtual Private Cloud
18 17 (1.25%) Google Workspace
Communications & Networking
1 272 (19.99%) Firewall
2 162 (11.90%) Network Security
3 126 (9.26%) Intrusion Detection
4 82 (6.02%) TCP/IP
5 61 (4.48%) DNS
6 55 (4.04%) VPN
7 51 (3.75%) WAN
8 47 (3.45%) SSL
9 45 (3.31%) Internet
10 29 (2.13%) Wireshark
11 21 (1.54%) HTTP
11 21 (1.54%) Wireless
12 19 (1.40%) LAN
13 18 (1.32%) DHCP
14 17 (1.25%) HTTPS
15 15 (1.10%) SSH
16 13 (0.96%) SMS
17 12 (0.88%) SD-WAN
18 10 (0.73%) Wi-Fi
19 9 (0.66%) MPLS
Database & Business Intelligence
1 39 (2.87%) PostgreSQL
2 19 (1.40%) NoSQL
3 12 (0.88%) SQL Server
4 11 (0.81%) Big Data
4 11 (0.81%) Data Warehouse
5 10 (0.73%) Relational Database
6 7 (0.51%) Power BI
7 6 (0.44%) DB2
8 5 (0.37%) Sybase IQ
9 4 (0.29%) Amazon RDS
9 4 (0.29%) MySQL
10 2 (0.15%) Elasticsearch
10 2 (0.15%) MongoDB
11 1 (0.073%) Azure SQL Database
11 1 (0.073%) Metadata
11 1 (0.073%) SQL Server Integration Services
11 1 (0.073%) SQL Server Reporting Services
11 1 (0.073%) Tableau
11 1 (0.073%) Tableau Server
Development Applications
1 59 (4.34%) Git (software)
2 36 (2.65%) JIRA
3 34 (2.50%) Jenkins
4 18 (1.32%) webpack
5 16 (1.18%) GitLab
6 14 (1.03%) Atlassian Bamboo
6 14 (1.03%) Metasploit
6 14 (1.03%) Postman
7 12 (0.88%) Burp Suite
7 12 (0.88%) SonarQube
8 10 (0.73%) Bitbucket
9 6 (0.44%) sqlmap
10 4 (0.29%) git-flow
10 4 (0.29%) Team Foundation Server
11 3 (0.22%) TeamCity
12 1 (0.073%) Ant
12 1 (0.073%) JUnit
12 1 (0.073%) Octopus Deploy
12 1 (0.073%) Sonatype Nexus
12 1 (0.073%) VSS/SourceSafe
General
1 384 (28.21%) Finance
2 340 (24.98%) Social Skills
3 125 (9.18%) Analytical Skills
4 117 (8.60%) Legal
5 102 (7.49%) Retail
6 87 (6.39%) Inclusion and Diversity
7 85 (6.25%) Banking
8 75 (5.51%) Law
9 46 (3.38%) Manufacturing
9 46 (3.38%) Public Sector
10 30 (2.20%) Investment Banking
10 30 (2.20%) Marketing
11 28 (2.06%) Telecoms
12 24 (1.76%) Automotive
13 22 (1.62%) Influencing Skills
14 19 (1.40%) Games
14 19 (1.40%) Organisational Skills
15 18 (1.32%) Italian Language
16 16 (1.18%) Presentation Skills
17 15 (1.10%) Advertising
Job Titles
1 344 (25.28%) Analyst
2 215 (15.80%) Security Engineer
3 207 (15.21%) Security Analyst
4 138 (10.14%) Security Manager
5 86 (6.32%) Cybersecurity Analyst
6 78 (5.73%) Cloud Engineer
7 74 (5.44%) SOC Analyst
8 72 (5.29%) Software Engineer
9 69 (5.07%) DevOps Engineer
10 66 (4.85%) Senior Analyst
11 64 (4.70%) Incident Analyst
12 58 (4.26%) Consultant
12 58 (4.26%) Information Manager
13 54 (3.97%) Information Security Manager
14 50 (3.67%) Security Consultant
15 48 (3.53%) Information Analyst
15 48 (3.53%) Senior Security Engineer
16 47 (3.45%) Information Security Analyst
17 42 (3.09%) Cybersecurity Manager
17 42 (3.09%) Site Engineer
Libraries, Frameworks & Software Standards
1 74 (5.44%) Node.js
2 44 (3.23%) React
3 40 (2.94%) .NET
4 27 (1.98%) GraphQL
5 23 (1.69%) Velocity
6 20 (1.47%) CSS
7 19 (1.40%) HTML
8 17 (1.25%) .NET Framework
8 17 (1.25%) gRPC
8 17 (1.25%) Protocol Buffers
9 15 (1.10%) OAuth
9 15 (1.10%) REST
9 15 (1.10%) SAML
10 14 (1.03%) OAuth2
10 14 (1.03%) Swagger
11 12 (0.88%) React Native
12 10 (0.73%) COM
12 10 (0.73%) Elastic Stack
12 10 (0.73%) Middleware
12 10 (0.73%) Web Services
Miscellaneous
1 185 (13.59%) Management Information System
2 139 (10.21%) Security Operations Centre
3 104 (7.64%) Cyberthreat
4 82 (6.02%) Cyberattack
5 70 (5.14%) Data Centre
6 58 (4.26%) Cyber Defence
7 56 (4.11%) Self-Motivation
8 51 (3.75%) Distributed Denial-of-Service
9 41 (3.01%) Public Cloud
10 40 (2.94%) Legacy Systems
11 38 (2.79%) Cyber Kill Chain
12 35 (2.57%) Cloud Native
13 32 (2.35%) User Experience
14 28 (2.06%) Virtual Team
15 27 (1.98%) Insider Threat
16 26 (1.91%) Blog
17 25 (1.84%) CSOC
18 21 (1.54%) Data Protection Act
18 21 (1.54%) Hybrid Cloud
19 19 (1.40%) Mobile App
Operating Systems
1 252 (18.52%) Windows
2 219 (16.09%) Linux
3 49 (3.60%) Unix
4 37 (2.72%) Windows Server
5 17 (1.25%) Red Hat Enterprise Linux
6 12 (0.88%) Mac OS
7 6 (0.44%) Mac OS X
7 6 (0.44%) Windows 10
8 5 (0.37%) Kali Linux
8 5 (0.37%) Windows Server 2012
8 5 (0.37%) Windows Server 2016
9 4 (0.29%) Android
9 4 (0.29%) Windows Server 2003
10 3 (0.22%) CentOS
10 3 (0.22%) Windows Server 2019
11 2 (0.15%) AIX
11 2 (0.15%) Apple iOS
11 2 (0.15%) Ubuntu
11 2 (0.15%) Windows Server 2008
11 2 (0.15%) zOS
Processes & Methodologies
1 709 (52.09%) Cybersecurity
2 568 (41.73%) Information Security
3 537 (39.46%) SIEM
4 513 (37.69%) Security Operations
5 247 (18.15%) DevOps
5 247 (18.15%) Threat Intelligence
6 223 (16.39%) Problem-Solving
7 219 (16.09%) Vulnerability Management
8 201 (14.77%) Incident Management
9 189 (13.89%) Risk Management
10 180 (13.23%) Cyber Threat Intelligence
11 165 (12.12%) Penetration Testing
12 153 (11.24%) MITRE ATT&CK
13 149 (10.95%) Infrastructure as Code
14 142 (10.43%) Security Architecture
15 131 (9.63%) Mentoring
16 125 (9.18%) Security Monitoring
17 120 (8.82%) Agile
18 117 (8.60%) Data Protection
19 116 (8.52%) Software Engineering
Programming Languages
1 284 (20.87%) Python
2 177 (13.01%) PowerShell
3 141 (10.36%) Bash
4 107 (7.86%) Java
5 90 (6.61%) JavaScript
6 84 (6.17%) SQL
7 63 (4.63%) Go
8 51 (3.75%) C
9 50 (3.67%) C#
10 49 (3.60%) TypeScript
11 46 (3.38%) C++
12 36 (2.65%) Rust
13 19 (1.40%) Ruby
14 18 (1.32%) Elm
14 18 (1.32%) Haskell
14 18 (1.32%) Perl
15 9 (0.66%) R
16 8 (0.59%) PHP
17 4 (0.29%) Shell Script
18 3 (0.22%) Search Processing Language
Qualifications
1 297 (21.82%) CISSP
2 164 (12.05%) CISM
3 151 (11.09%) Degree
4 117 (8.60%) GCIH
5 95 (6.98%) Security Cleared
6 86 (6.32%) SANS
7 83 (6.10%) CEH
8 71 (5.22%) GIAC
9 58 (4.26%) CompTIA Security+
10 56 (4.11%) SC Cleared
11 49 (3.60%) GCFA
12 45 (3.31%) CISA
13 40 (2.94%) GREM
13 40 (2.94%) SSCP
14 39 (2.87%) Cisco Certification
15 38 (2.79%) GCIA
16 34 (2.50%) OSCP
17 31 (2.28%) DV Cleared
18 30 (2.20%) CISMP
18 30 (2.20%) Computer Science Degree
Quality Assurance & Compliance
1 276 (20.28%) ISO/IEC 27001
2 214 (15.72%) NIST
3 166 (12.20%) Cyber Essentials
4 154 (11.32%) GDPR
5 115 (8.45%) PCI DSS
6 80 (5.88%) GRC
7 59 (4.34%) SLA
8 49 (3.60%) Cyber Essentials PLUS
9 28 (2.06%) NCSC
10 27 (1.98%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
10 27 (1.98%) QA
11 20 (1.47%) SOC 2
12 15 (1.10%) Sarbanes-Oxley
13 14 (1.03%) HIPAA
13 14 (1.03%) NIST 800
14 8 (0.59%) FISMA
14 8 (0.59%) HITRUST
15 7 (0.51%) COBIT
15 7 (0.51%) ISO/IEC 27005
15 7 (0.51%) PMO
System Software
1 106 (7.79%) Active Directory
2 79 (5.80%) Docker
3 28 (2.06%) VMware Infrastructure
4 12 (0.88%) Hyper-V
5 9 (0.66%) Snort
6 7 (0.51%) Virtual Machines
7 5 (0.37%) Varnish
8 3 (0.22%) BitLocker
8 3 (0.22%) Firmware
8 3 (0.22%) Forefront TMG
8 3 (0.22%) Microsoft Virtual Server
8 3 (0.22%) Virtual Servers
8 3 (0.22%) VMware Workstation
8 3 (0.22%) XenApp
9 2 (0.15%) VMware NSX
10 1 (0.073%) iptables
10 1 (0.073%) OpenDJ
10 1 (0.073%) Squid
10 1 (0.073%) VMware ESXi
Systems Management
1 160 (11.76%) Terraform
2 80 (5.88%) Kubernetes
3 56 (4.11%) Nessus
4 49 (3.60%) Ansible
5 43 (3.16%) CSIRT
6 37 (2.72%) QRadar
7 31 (2.28%) CASB
8 28 (2.06%) Grafana
9 24 (1.76%) Prometheus
9 24 (1.76%) Puppet
10 21 (1.54%) Microsoft Intune
11 16 (1.18%) Single Sign-On
12 9 (0.66%) Nmap
12 9 (0.66%) ZABBIX
13 8 (0.59%) FortiGate
14 6 (0.44%) Rundeck
14 6 (0.44%) WSUS
15 5 (0.37%) HAProxy
15 5 (0.37%) Opscode Chef
16 4 (0.29%) Host Intrusion Detection System
Vendors
1 271 (19.91%) Microsoft
2 181 (13.30%) Splunk
3 61 (4.48%) CrowdStrike
4 58 (4.26%) SolarWinds
5 51 (3.75%) Cisco
6 46 (3.38%) Google
6 46 (3.38%) McAfee
7 42 (3.09%) Sun
7 42 (3.09%) VMware
8 34 (2.50%) Palo Alto
9 29 (2.13%) TrueLayer
10 28 (2.06%) IBM
10 28 (2.06%) Intel
10 28 (2.06%) ServiceNow
11 26 (1.91%) New Relic
11 26 (1.91%) Rapid7
12 24 (1.76%) Darktrace
13 23 (1.69%) FIS
14 22 (1.62%) CheckPoint
14 22 (1.62%) Zscaler