Period
to 19 April 2018

The following table provides summary statistics for permanent job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 19 April 2018 with a comparison to the same period in the previous 2 years.

ISO/IEC 27001
UK
6 months to
19 Apr 2018
Same period 2017 Same period 2016
Rank 216 254 227
Rank change year-on-year +38 -27 +64
Permanent jobs citing ISO/IEC 27001 2,823 2,327 3,154
As % of all permanent IT jobs advertised in the UK 1.59% 1.35% 1.54%
As % of the Quality Assurance & Compliance category 12.25% 11.12% 11.70%
Number of salaries quoted 2,293 1,961 2,652
UK median annual salary £57,500 £55,000 £55,000
Median salary % change year-on-year +4.55% - +10.00%
10th Percentile £36,250 £33,417 £36,250
90th Percentile £82,500 £81,250 £82,500
UK excluding London median annual salary £50,000 £47,500 £50,000
% change year-on-year +5.26% -5.00% +6.95%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 23,047 20,923 26,956
As % of all permanent IT jobs advertised in the UK 13.00% 12.16% 13.15%
Number of salaries quoted 17,901 16,536 21,339
UK median annual salary £50,000 £47,500 £47,500
Median salary % change year-on-year +5.26% - +5.56%
10th Percentile £28,000 £26,250 £26,250
90th Percentile £80,000 £77,500 £75,000
UK excluding London median annual salary £45,000 £40,000 £42,500
% change year-on-year +12.50% -5.88% +6.25%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a percentage of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing ISO/IEC 27001.

Salary trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Histogram

The salary distribution of IT jobs citing ISO/IEC 27001 over the 6 months to 19 April 2018.

Salary histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 19 April 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +45 2,674 £57,500 +4.55% 297
UK excluding London +45 1,602 £50,000 +5.26% 230
London +27 1,143 £64,500 +3.20% 80
South East +37 480 £55,000 - 52
North of England +47 438 £50,000 +11.11% 73
Midlands +8 259 £47,500 +4.40% 44
Yorkshire +72 225 £45,000 +12.50% 32
West Midlands -8 204 £50,000 +8.70% 33
East of England +33 203 £55,000 +15.79% 29
North West -10 183 £52,500 +16.67% 36
South West 0 149 £50,000 -13.04% 19
East Midlands +21 53 £44,500 +4.71% 11
Scotland -16 50 £45,500 -9.00% 7
North East -11 30 £55,000 +22.22% 5
Wales -47 18 £40,000 -11.64% 6
Northern Ireland +3 7 £67,500 +80.00%

For the 6 months to 19 April 2018, IT jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for ISO/IEC 27001.

1 1,795 (63.58%) Information Security
2 1,092 (38.68%) CISSP
3 874 (30.96%) PCI DSS
4 865 (30.64%) CISM
5 750 (26.57%) GDPR
6 716 (25.36%) Cybersecurity
7 664 (23.52%) Finance
8 663 (23.49%) ITIL
9 630 (22.32%) Firewall
10 567 (20.09%) Risk Management
11 565 (20.01%) Management Information System
12 527 (18.67%) Data Protection
13 524 (18.56%) Windows
14 456 (16.15%) SIEM
15 447 (15.83%) CISA
16 442 (15.66%) Microsoft
17 373 (13.21%) Security Management
18 357 (12.65%) Degree
19 334 (11.83%) Penetration Testing
20 327 (11.58%) Linux
21 294 (10.41%) Information Security Management
22 293 (10.38%) Network Security
23 284 (10.06%) ISMS
24 279 (9.88%) Security Architecture
25 268 (9.49%) Security Operations
26 266 (9.42%) Agile Software Development
27 258 (9.14%) COBIT
28 252 (8.93%) Amazon AWS
29 251 (8.89%) Analytical Skills
29 251 (8.89%) Vulnerability Management

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 55 (1.95%) MS Exchange
2 52 (1.84%) IIS
3 49 (1.74%) SharePoint
4 32 (1.13%) Apache
4 32 (1.13%) Skype for Business
5 22 (0.78%) Exchange Server 2013
6 18 (0.64%) Exchange Server 2010
7 15 (0.53%) Apache Spark
7 15 (0.53%) Elasticsearch
8 12 (0.43%) Oracle Service Bus
9 11 (0.39%) Exchange Server 2007
9 11 (0.39%) Tomcat
10 7 (0.25%) OpenStack
11 6 (0.21%) CMS
11 6 (0.21%) Exchange Server 2003
12 5 (0.18%) JBoss
13 4 (0.14%) Confluence
13 4 (0.14%) WordPress
14 3 (0.11%) nginx
14 3 (0.11%) WebSphere
Applications
1 83 (2.94%) Microsoft Office
2 27 (0.96%) Microsoft Excel
3 12 (0.43%) Microsoft PowerPoint
4 11 (0.39%) Microsoft Project
5 9 (0.32%) MS Visio
6 4 (0.14%) Spreadsheet
6 4 (0.14%) Stata
7 1 (0.035%) Adobe Illustrator
7 1 (0.035%) Maya
7 1 (0.035%) Photoshop
Business Applications
1 9 (0.32%) Dynamics CRM
2 5 (0.18%) Elite 3E
3 3 (0.11%) Magento
3 3 (0.11%) SAP ERP
4 2 (0.071%) Maximo
4 2 (0.071%) Primavera
4 2 (0.071%) Workfront
5 1 (0.035%) Cerner Millennium
5 1 (0.035%) Dynamics AX
5 1 (0.035%) Dynamics NAV
5 1 (0.035%) FLEXCUBE
5 1 (0.035%) Infor M3
5 1 (0.035%) NetSuite
5 1 (0.035%) Oracle EBS
5 1 (0.035%) Oracle Financials
5 1 (0.035%) Sage 200
Cloud Services
1 252 (8.93%) Amazon AWS
2 232 (8.22%) Microsoft Azure
3 176 (6.23%) SaaS
4 156 (5.53%) Office 365
5 74 (2.62%) PaaS
6 73 (2.59%) IaaS
7 23 (0.81%) Cloud Computing
8 21 (0.74%) Amazon EC2
9 12 (0.43%) Bluemix
9 12 (0.43%) IBM Cloud
10 11 (0.39%) Amazon S3
11 9 (0.32%) Mimecast
11 9 (0.32%) OneDrive
12 7 (0.25%) AWS CloudFormation
12 7 (0.25%) Dynamics 365
12 7 (0.25%) Serverless
13 6 (0.21%) Google Cloud Platform
14 5 (0.18%) Azure Active Directory
14 5 (0.18%) Virtual Private Cloud
15 3 (0.11%) Amazon CloudWatch
Communications & Networking
1 630 (22.32%) Firewall
2 293 (10.38%) Network Security
3 143 (5.07%) DNS
4 142 (5.03%) TCP/IP
5 137 (4.85%) VPN
6 120 (4.25%) WAN
7 115 (4.07%) Intrusion Detection
8 109 (3.86%) LAN
9 102 (3.61%) SSL
10 95 (3.37%) DHCP
11 89 (3.15%) SAN
12 87 (3.08%) Internet
13 72 (2.55%) IPsec
14 62 (2.20%) VoIP
15 47 (1.66%) HTTP
15 47 (1.66%) Wireless
16 45 (1.59%) MPLS
17 38 (1.35%) VLAN
18 29 (1.03%) Skype
19 27 (0.96%) OSPF
Database & Business Intelligence
1 148 (5.24%) SQL Server
2 52 (1.84%) Big Data
3 35 (1.24%) MySQL
4 21 (0.74%) SQL Server 2008
5 19 (0.67%) Hadoop
5 19 (0.67%) SQL Server Reporting Services
6 17 (0.60%) Oracle Database
6 17 (0.60%) PostgreSQL
6 17 (0.60%) SQL Server Integration Services
7 16 (0.57%) Relational Database
8 15 (0.53%) Oracle Database 11g
8 15 (0.53%) Oracle Database 12c
9 14 (0.50%) Apache Cassandra
10 11 (0.39%) MongoDB
10 11 (0.39%) SQL Server 2016
11 10 (0.35%) NoSQL
12 9 (0.32%) GIS
13 8 (0.28%) Data Warehouse
13 8 (0.28%) RDBMS
13 8 (0.28%) SQL Server 2012
Development Applications
1 21 (0.74%) Git (software)
2 19 (0.67%) Metasploit
3 17 (0.60%) Burp Suite
3 17 (0.60%) JIRA
3 17 (0.60%) Team Foundation Server
4 12 (0.43%) Jenkins
5 10 (0.35%) Octopus Deploy
6 9 (0.32%) Subversion
7 7 (0.25%) TeamCity
7 7 (0.25%) Visual Studio Team System
8 3 (0.11%) Grunt
8 3 (0.11%) gulp
8 3 (0.11%) Selenium
8 3 (0.11%) SonarQube
8 3 (0.11%) Sonatype Nexus
8 3 (0.11%) Visual Studio
9 2 (0.071%) HP UFT
9 2 (0.071%) JMeter
9 2 (0.071%) Phing
9 2 (0.071%) webpack
General
1 664 (23.52%) Finance
2 242 (8.57%) Legal
3 109 (3.86%) Banking
4 104 (3.68%) Retail
5 90 (3.19%) Telecoms
6 83 (2.94%) Marketing
7 77 (2.73%) Law
8 41 (1.45%) Publishing
9 39 (1.38%) Games
10 36 (1.28%) Manufacturing
11 22 (0.78%) Investment Banking
12 18 (0.64%) Electronics
12 18 (0.64%) Financial Institution
13 17 (0.60%) Advertising
14 13 (0.46%) Front Office
14 13 (0.46%) Local Government
15 11 (0.39%) Back Office
15 11 (0.39%) Retail Banking
16 9 (0.32%) Automotive
17 7 (0.25%) French Language
Job Titles
1 560 (19.84%) Analyst
2 512 (18.14%) Security Manager
3 422 (14.95%) Security Analyst
4 340 (12.04%) Consultant
5 287 (10.17%) Information Manager
6 277 (9.81%) Information Security Manager
7 259 (9.17%) Security Consultant
8 214 (7.58%) Architect
9 209 (7.40%) Information Analyst
10 202 (7.16%) Information Security Analyst
11 185 (6.55%) IT Manager
12 160 (5.67%) Security Officer
13 131 (4.64%) Security Architect
14 122 (4.32%) IT Security Manager
15 120 (4.25%) Information Security Officer
16 113 (4.00%) Information Officer
16 113 (4.00%) Security Engineer
17 111 (3.93%) Security Specialist
18 108 (3.83%) IT Analyst
19 95 (3.37%) Information Security Consultant
Libraries, Frameworks & Software Standards
1 43 (1.52%) Middleware
2 36 (1.28%) Web Services
3 34 (1.20%) .NET
4 29 (1.03%) JSON
5 27 (0.96%) HTML
6 22 (0.78%) SailPoint
7 20 (0.71%) Elastic Stack
8 19 (0.67%) CSS
8 19 (0.67%) LAMP
9 17 (0.60%) OAuth
10 16 (0.57%) Regular Expression
11 15 (0.53%) .NET Framework
11 15 (0.53%) SAML
12 12 (0.43%) Entity Framework
12 12 (0.43%) PCRE
13 11 (0.39%) LDAP
14 10 (0.35%) jQuery
14 10 (0.35%) Node.js
15 8 (0.28%) RESTful
16 6 (0.21%) OpenID
Miscellaneous
1 565 (20.01%) Management Information System
2 251 (8.89%) Analytical Skills
3 199 (7.05%) Data Protection Act
4 155 (5.49%) Data Centre
5 121 (4.29%) Computer Science
6 113 (4.00%) Self-Motivation
7 83 (2.94%) Fintech
8 74 (2.62%) Security Operations Centre
9 72 (2.55%) CESG
9 72 (2.55%) Cyberthreat
10 46 (1.63%) PKI
11 44 (1.56%) Cyberattack
11 44 (1.56%) Public Cloud
12 41 (1.45%) NHS
13 40 (1.42%) Greenfield Project
14 37 (1.31%) Clustering
15 35 (1.24%) Private Cloud
16 33 (1.17%) Driving Licence
17 28 (0.99%) Distributed Denial-of-Service
18 27 (0.96%) Cyber Defence
Operating Systems
1 524 (18.56%) Windows
2 327 (11.58%) Linux
3 240 (8.50%) Windows Server
4 88 (3.12%) Unix
5 58 (2.05%) Windows Server 2012
6 52 (1.84%) Windows Server 2008
7 34 (1.20%) Kali Linux
8 30 (1.06%) Apple iOS
8 30 (1.06%) Mac OS X
9 29 (1.03%) Windows 10
10 27 (0.96%) Red Hat Enterprise Linux
10 27 (0.96%) Windows 7
10 27 (0.96%) Windows Server 2003
11 26 (0.92%) Debian
12 23 (0.81%) CentOS
13 17 (0.60%) Ubuntu
14 16 (0.57%) Solaris
15 13 (0.46%) Windows 8
16 12 (0.43%) Android
17 9 (0.32%) AIX
Processes & Methodologies
1 1,795 (63.58%) Information Security
2 716 (25.36%) Cybersecurity
3 663 (23.49%) ITIL
4 567 (20.09%) Risk Management
5 527 (18.67%) Data Protection
6 456 (16.15%) SIEM
7 373 (13.21%) Security Management
8 334 (11.83%) Penetration Testing
9 294 (10.41%) Information Security Management
10 284 (10.06%) ISMS
11 279 (9.88%) Security Architecture
12 268 (9.49%) Security Operations
13 266 (9.42%) Agile Software Development
14 251 (8.89%) Vulnerability Management
15 228 (8.08%) Project Management
16 222 (7.86%) Problem-Solving
17 217 (7.69%) Incident Management
18 195 (6.91%) Stakeholder Management
19 183 (6.48%) Business Continuity
20 167 (5.92%) OWASP
Programming Languages
1 152 (5.38%) PowerShell
2 113 (4.00%) SQL
3 109 (3.86%) Python
4 65 (2.30%) C
5 58 (2.05%) Bash Shell
6 41 (1.45%) Java
7 39 (1.38%) JavaScript
7 39 (1.38%) Perl
8 31 (1.10%) C#
9 29 (1.03%) Ruby
10 28 (0.99%) PHP
11 19 (0.67%) Shell Script
12 16 (0.57%) T-SQL
13 13 (0.46%) C++
14 11 (0.39%) Go
15 6 (0.21%) VB
16 5 (0.18%) VBScript
17 4 (0.14%) TypeScript
17 4 (0.14%) VB.NET
18 3 (0.11%) Java 8
Qualifications
1 1,092 (38.68%) CISSP
2 865 (30.64%) CISM
3 447 (15.83%) CISA
4 357 (12.65%) Degree
5 212 (7.51%) Security Cleared
6 149 (5.28%) Cisco Certification
7 148 (5.24%) CRISC
8 145 (5.14%) CEH
9 132 (4.68%) Microsoft Certification
10 131 (4.64%) SANS
11 123 (4.36%) SC Cleared
12 112 (3.97%) MCSE
13 84 (2.98%) ISO 27001 Lead Auditor
14 81 (2.87%) CCNA
15 74 (2.62%) GIAC
16 68 (2.41%) CESG Certified Professional
17 67 (2.37%) MCSA
18 63 (2.23%) SSCP
19 59 (2.09%) Computer Science Degree
20 53 (1.88%) MCITP
Quality Assurance & Compliance
1 874 (30.96%) PCI DSS
2 750 (26.57%) GDPR
3 258 (9.14%) COBIT
4 247 (8.75%) Cyber Essentials
5 227 (8.04%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 213 (7.55%) ISO 9001
7 148 (5.24%) Sarbanes-Oxley
8 89 (3.15%) HMG Security Policy Framework
9 74 (2.62%) ISO 22301
10 73 (2.59%) Cyber Essentials PLUS
11 66 (2.34%) SLA
12 62 (2.20%) QA
13 50 (1.77%) ISO/IEC 20000
14 42 (1.49%) NIST 800
15 36 (1.28%) GPG13
15 36 (1.28%) JSP 440
16 34 (1.20%) HIPAA
16 34 (1.20%) ISO 31000
17 27 (0.96%) ISO/IEC 27005
17 27 (0.96%) RMADS
System Software
1 250 (8.86%) Active Directory
2 213 (7.55%) VMware Infrastructure
3 84 (2.98%) Hyper-V
4 50 (1.77%) VMware ESXi
5 41 (1.45%) vSphere
6 35 (1.24%) Xen
7 24 (0.85%) Snort
8 20 (0.71%) Docker
9 19 (0.67%) Virtual Machines
10 16 (0.57%) XenApp
10 16 (0.57%) XenDesktop
11 14 (0.50%) HDFS
12 11 (0.39%) KVM
13 9 (0.32%) Ceph
13 9 (0.32%) Firmware
14 7 (0.25%) iptables
14 7 (0.25%) pfSense
15 6 (0.21%) Terminal Services
16 5 (0.18%) Forefront TMG
17 4 (0.14%) Microsoft App-V
Systems Management
1 69 (2.44%) Ansible
2 63 (2.23%) SCCM
3 62 (2.20%) Nessus
4 54 (1.91%) Opscode Chef
5 52 (1.84%) Puppet
6 49 (1.74%) Single Sign-On
7 32 (1.13%) QRadar
8 28 (0.99%) Core Impact
8 28 (0.99%) Nagios
9 21 (0.74%) Terraform
10 19 (0.67%) vCenter Server
11 16 (0.57%) WSUS
12 15 (0.53%) OpenVAS
12 15 (0.53%) Suricata
13 14 (0.50%) Host Intrusion Detection System
14 13 (0.46%) CASB
14 13 (0.46%) Cisco CUCM
15 12 (0.43%) Kubernetes
15 12 (0.43%) Microsoft Intune
16 11 (0.39%) Icinga
Vendors
1 442 (15.66%) Microsoft
2 242 (8.57%) VMware
3 175 (6.20%) Cisco
4 90 (3.19%) Citrix
5 87 (3.08%) Oracle
6 80 (2.83%) CheckPoint
7 63 (2.23%) Juniper
8 54 (1.91%) Palo Alto
9 51 (1.81%) F5
9 51 (1.81%) Qualys
10 50 (1.77%) HP
11 46 (1.63%) Capita
12 45 (1.59%) McAfee
12 45 (1.59%) Sophos
12 45 (1.59%) Symantec
13 40 (1.42%) SAP
14 39 (1.38%) SolarWinds
15 35 (1.24%) Splunk
16 34 (1.20%) Fortinet
17 32 (1.13%) LogRhythm