Period
to 1 August 2021

The following table provides summary statistics for permanent job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 1 August 2021 with a comparison to the same period in the previous 2 years.

ISO/IEC 27001
UK
6 months to
1 Aug 2021
Same period 2020 Same period 2019
Rank 225 178 182
Rank change year-on-year -47 +4 +34
Permanent jobs citing ISO/IEC 27001 1,733 1,305 2,853
As % of all permanent jobs advertised in the UK 1.53% 1.92% 1.99%
As % of the Quality Assurance & Compliance category 10.64% 14.91% 14.17%
Number of salaries quoted 1,349 1,041 1,994
10th Percentile £36,250 £36,250 £31,000
25th Percentile £42,500 £42,500 £41,250
Median annual salary (50th Percentile) £57,500 £56,514 £54,250
Median % change year-on-year +1.75% +4.17% -3.13%
75th Percentile £72,500 £73,750 £72,500
90th Percentile £86,500 £91,250 £87,500
UK excluding London median annual salary £51,000 £50,000 £48,098
% change year-on-year +2.00% +3.96% -6.19%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 16,286 8,754 20,130
As % of all permanent IT jobs advertised in the UK 14.41% 12.88% 14.05%
Number of salaries quoted 10,085 6,739 14,975
10th Percentile £31,250 £30,000 £28,476
25th Percentile £40,500 £40,000 £37,500
Median annual salary (50th Percentile) £53,500 £52,500 £50,000
Median % change year-on-year +1.90% +5.00% -
75th Percentile £71,250 £70,000 £67,500
90th Percentile £87,500 £85,000 £83,750
UK excluding London median annual salary £47,500 £47,500 £45,000
% change year-on-year - +5.56% -

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Trend

3-month moving average salary quoted in jobs citing ISO/IEC 27001.

Salary trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Histogram

Salary distribution for jobs citing ISO/IEC 27001 over the 6 months to 1 August 2021.

Salary histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 1 August 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -48 1,515 £57,500 - 308
UK excluding London -22 1,039 £51,000 +2.00% 240
London -67 581 £67,500 +3.85% 94
South East -6 319 £52,000 +0.94% 61
Work from Home -81 296 £65,000 +18.18% 66
North of England -40 250 £51,000 +2.00% 78
Midlands -68 167 £55,000 +10.00% 33
North West -34 137 £55,000 +10.00% 43
South West -54 122 £45,000 -18.18% 24
West Midlands -76 112 £54,500 -0.91% 22
Scotland +24 106 £47,500 - 16
Yorkshire -53 87 £48,000 -4.00% 27
East Midlands -19 54 £57,500 +35.29% 11
East of England -41 51 £60,000 +33.33% 18
North East -3 29 £48,750 -0.36% 8
Wales -25 21 £41,111 -0.68% 9
Northern Ireland -19 13 - - 1

For the 6 months to 1 August 2021, IT jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for ISO/IEC 27001.

1 945 (54.53%) Information Security
2 628 (36.24%) Cybersecurity
3 519 (29.95%) Social Skills
4 477 (27.52%) Azure
5 444 (25.62%) NIST
6 431 (24.87%) GDPR
7 405 (23.37%) CISSP
7 405 (23.37%) Risk Management
8 393 (22.68%) Cyber Essentials
9 335 (19.33%) Microsoft
10 334 (19.27%) ITIL
11 328 (18.93%) AWS
12 314 (18.12%) PCI DSS
13 312 (18.00%) Management Information System
14 310 (17.89%) CISM
15 297 (17.14%) Firewall
16 296 (17.08%) Security Management
17 289 (16.68%) Finance
18 277 (15.98%) Windows
19 276 (15.93%) Microsoft 365
20 268 (15.46%) ISMS
21 244 (14.08%) Data Protection
22 215 (12.41%) Information Security Management
23 208 (12.00%) SIEM
24 201 (11.60%) Agile Software Development
25 197 (11.37%) Vulnerability Management
26 190 (10.96%) Degree
27 186 (10.73%) Security Architecture
27 186 (10.73%) CISA
28 176 (10.16%) Active Directory

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 55 (3.17%) SharePoint
2 28 (1.62%) MS Exchange
3 21 (1.21%) IIS
4 15 (0.87%) Apache
5 14 (0.81%) Elasticsearch
6 11 (0.63%) Confluence
6 11 (0.63%) MTS
7 8 (0.46%) nginx
8 7 (0.40%) Skype for Business
9 6 (0.35%) CMS
10 5 (0.29%) Exchange Server 2013
10 5 (0.29%) SharePoint 2013
11 4 (0.23%) OpenStack
12 2 (0.12%) Adobe Experience Manager
12 2 (0.12%) Apache Pig
12 2 (0.12%) Apache Spark
12 2 (0.12%) Exchange Server 2003
12 2 (0.12%) JBoss
12 2 (0.12%) Tomcat
13 1 (0.058%) BizTalk Server
Applications
1 55 (3.17%) Microsoft Office
2 52 (3.00%) Microsoft Excel
3 38 (2.19%) Microsoft PowerPoint
4 26 (1.50%) MS Visio
5 6 (0.35%) Microsoft Project
Business Applications
1 9 (0.52%) SAP Business One
2 7 (0.40%) Sentinel
3 4 (0.23%) NetSuite
4 3 (0.17%) Exchequer
4 3 (0.17%) SAP GRC
5 2 (0.12%) Cloudability
5 2 (0.12%) Distributed Ledger
5 2 (0.12%) Dynamics CRM
5 2 (0.12%) Relativity
5 2 (0.12%) Salesforce.com CRM
6 1 (0.058%) Infor M3
6 1 (0.058%) Oracle Receivables
6 1 (0.058%) Temenos T24
Cloud Services
1 477 (27.52%) Azure
2 328 (18.93%) AWS
3 276 (15.93%) Microsoft 365
4 140 (8.08%) SaaS
5 63 (3.64%) PaaS
6 60 (3.46%) GCP
7 59 (3.40%) Azure Active Directory
8 55 (3.17%) IaaS
9 49 (2.83%) Cloud Computing
10 28 (1.62%) Power Platform
11 21 (1.21%) Dynamics 365
12 20 (1.15%) Serverless
13 19 (1.10%) GitHub
14 18 (1.04%) Azure Sentinel
15 17 (0.98%) Amazon EC2
16 12 (0.69%) Mimecast
16 12 (0.69%) OneDrive
17 11 (0.63%) Google Workspace
18 10 (0.58%) AWS CloudFormation
18 10 (0.58%) Azure Service Bus
Communications & Networking
1 297 (17.14%) Firewall
2 171 (9.87%) Network Security
3 85 (4.90%) TCP/IP
4 77 (4.44%) VPN
5 61 (3.52%) DNS
6 47 (2.71%) WAN
7 44 (2.54%) LAN
8 35 (2.02%) Internet
9 32 (1.85%) DHCP
10 30 (1.73%) SAN
11 29 (1.67%) Intrusion Detection
12 26 (1.50%) VoIP
13 23 (1.33%) BGP
13 23 (1.33%) OSPF
14 20 (1.15%) Cisco ASA
15 18 (1.04%) MPLS
15 18 (1.04%) VLAN
16 16 (0.92%) Wi-Fi
17 15 (0.87%) F5 BIG-IP GTM
17 15 (0.87%) F5 BIG-IP LTM
Database & Business Intelligence
1 66 (3.81%) SQL Server
2 40 (2.31%) MySQL
3 26 (1.50%) Amazon RDS
4 21 (1.21%) SQL Server 2008
5 16 (0.92%) Data Warehouse
6 15 (0.87%) PostgreSQL
7 12 (0.69%) Relational Database
8 11 (0.63%) SQL Server 2012
9 10 (0.58%) Azure SQL Database
9 10 (0.58%) MongoDB
9 10 (0.58%) NoSQL
10 9 (0.52%) Oracle Database
10 9 (0.52%) RDBMS
11 8 (0.46%) Amazon DynamoDB
11 8 (0.46%) Redis
12 7 (0.40%) SQL Server 2014
13 6 (0.35%) Amazon Aurora
13 6 (0.35%) Blockchain
13 6 (0.35%) Data Lake
13 6 (0.35%) SQL Server 2016
Development Applications
1 44 (2.54%) JIRA
2 29 (1.67%) Git (software)
3 17 (0.98%) Visual Studio
4 11 (0.63%) Bitbucket
5 7 (0.40%) Jenkins
6 6 (0.35%) PHPUnit
6 6 (0.35%) SoapUI
7 4 (0.23%) Burp Suite
7 4 (0.23%) CircleCI
7 4 (0.23%) Metasploit
7 4 (0.23%) TeamCity
8 3 (0.17%) Android Studio
8 3 (0.17%) Appium
8 3 (0.17%) git-flow
8 3 (0.17%) Mercurial
8 3 (0.17%) Travis CI
9 2 (0.12%) JUnit
9 2 (0.12%) Selenium
9 2 (0.12%) Serenity BDD
9 2 (0.12%) Team Foundation Server
General
1 519 (29.95%) Social Skills
2 289 (16.68%) Finance
3 161 (9.29%) Legal
4 132 (7.62%) Analytical Skills
5 119 (6.87%) Public Sector
6 95 (5.48%) Retail
7 81 (4.67%) Law
8 68 (3.92%) Influencing Skills
9 63 (3.64%) Organisational Skills
10 56 (3.23%) Police
11 55 (3.17%) Telecoms
12 53 (3.06%) Marketing
13 50 (2.89%) Banking
14 48 (2.77%) Manufacturing
15 43 (2.48%) Presentation Skills
16 37 (2.14%) Games
17 30 (1.73%) Documentation Skills
18 20 (1.15%) Electronics
18 20 (1.15%) Local Government
19 19 (1.10%) Advertising
Job Titles
1 276 (15.93%) Analyst
2 234 (13.50%) Consultant
3 193 (11.14%) Security Analyst
4 180 (10.39%) Architect
5 176 (10.16%) Security Consultant
6 163 (9.41%) Security Manager
7 157 (9.06%) Security Engineer
8 124 (7.16%) Security Architect
9 101 (5.83%) Information Manager
10 99 (5.71%) IT Analyst
11 98 (5.65%) Information Analyst
12 95 (5.48%) IT Manager
13 93 (5.37%) Information Security Analyst
14 87 (5.02%) Information Security Manager
15 83 (4.79%) Security Specialist
16 75 (4.33%) Security Officer
17 73 (4.21%) Infrastructure Engineer
18 64 (3.69%) IT Engineer
18 64 (3.69%) IT Security Analyst
19 61 (3.52%) Information Security Officer
Libraries, Frameworks & Software Standards
1 43 (2.48%) Web Services
2 35 (2.02%) REST
3 34 (1.96%) Middleware
4 33 (1.90%) .NET
5 32 (1.85%) CSS
6 25 (1.44%) XML
7 20 (1.15%) HTML
7 20 (1.15%) Node.js
8 19 (1.10%) jQuery
9 18 (1.04%) HTML5
10 15 (0.87%) ASP.NET
10 15 (0.87%) EDI
11 14 (0.81%) RESTful
11 14 (0.81%) Sass
12 13 (0.75%) SOAP
13 12 (0.69%) React
14 11 (0.63%) AngularJS
15 10 (0.58%) Flask
15 10 (0.58%) SAML
16 9 (0.52%) Redux
Miscellaneous
1 312 (18.00%) Management Information System
2 69 (3.98%) Cyberthreat
3 65 (3.75%) Self-Motivation
4 55 (3.17%) Data Protection Act
5 52 (3.00%) Smart Meter
6 51 (2.94%) Public Cloud
7 39 (2.25%) Data Centre
8 35 (2.02%) User Experience
9 32 (1.85%) NHS
10 31 (1.79%) Driving Licence
11 29 (1.67%) Cloud Native
12 23 (1.33%) CESG
13 19 (1.10%) Distributed Denial-of-Service
14 16 (0.92%) Hybrid Cloud
15 15 (0.87%) Security Operations Centre
16 13 (0.75%) Clustering
17 12 (0.69%) Private Cloud
18 11 (0.63%) Enterprise Cloud
18 11 (0.63%) Mobile App
18 11 (0.63%) Replication
Operating Systems
1 277 (15.98%) Windows
2 173 (9.98%) Linux
3 99 (5.71%) Windows Server
4 66 (3.81%) Windows 10
5 48 (2.77%) Unix
6 44 (2.54%) Windows Server 2012
7 33 (1.90%) Windows Server 2019
8 24 (1.38%) Windows Server 2016
9 22 (1.27%) Red Hat Enterprise Linux
10 21 (1.21%) Mac OS
11 19 (1.10%) Android
12 13 (0.75%) Apple iOS
13 11 (0.63%) Windows Server 2008
14 10 (0.58%) CentOS
14 10 (0.58%) Solaris
15 6 (0.35%) VMS
16 5 (0.29%) SUSE
16 5 (0.29%) Windows 7
17 4 (0.23%) Debian
17 4 (0.23%) Ubuntu
Processes & Methodologies
1 945 (54.53%) Information Security
2 628 (36.24%) Cybersecurity
3 405 (23.37%) Risk Management
4 334 (19.27%) ITIL
5 296 (17.08%) Security Management
6 268 (15.46%) ISMS
7 244 (14.08%) Data Protection
8 215 (12.41%) Information Security Management
9 208 (12.00%) SIEM
10 201 (11.60%) Agile Software Development
11 197 (11.37%) Vulnerability Management
12 186 (10.73%) Security Architecture
13 169 (9.75%) Security Operations
14 158 (9.12%) Penetration Testing
15 155 (8.94%) Continuous Improvement
16 135 (7.79%) Problem-Solving
17 131 (7.56%) Project Management
18 125 (7.21%) DevOps
19 124 (7.16%) Incident Management
20 121 (6.98%) Stakeholder Management
Programming Languages
1 84 (4.85%) Python
2 81 (4.67%) SQL
3 68 (3.92%) PowerShell
4 49 (2.83%) Java
5 39 (2.25%) Bash Shell
6 35 (2.02%) JavaScript
7 31 (1.79%) C#
8 28 (1.62%) C
9 14 (0.81%) PHP
10 12 (0.69%) Perl
11 11 (0.63%) TypeScript
12 10 (0.58%) C++
13 9 (0.52%) Ruby
14 7 (0.40%) VB
15 6 (0.35%) Go
16 5 (0.29%) Apex Code
16 5 (0.29%) VBA
16 5 (0.29%) VBScript
17 4 (0.23%) Kotlin
18 2 (0.12%) VB.NET
Qualifications
1 405 (23.37%) CISSP
2 310 (17.89%) CISM
3 190 (10.96%) Degree
4 186 (10.73%) CISA
5 167 (9.64%) Security Cleared
6 85 (4.90%) SC Cleared
7 82 (4.73%) Cisco Certification
8 71 (4.10%) CRISC
9 58 (3.35%) CEH
10 48 (2.77%) CompTIA Security+
10 48 (2.77%) GIAC
11 37 (2.14%) CCNP
12 35 (2.02%) CESG Certified Professional
12 35 (2.02%) ISO 27001 Lead Auditor
12 35 (2.02%) SSCP
13 30 (1.73%) Microsoft Certification
14 27 (1.56%) (ISC)2 CCSP
14 27 (1.56%) CCNA
15 26 (1.50%) DV Cleared
16 25 (1.44%) OSCP
Quality Assurance & Compliance
1 444 (25.62%) NIST
2 431 (24.87%) GDPR
3 393 (22.68%) Cyber Essentials
4 314 (18.12%) PCI DSS
5 145 (8.37%) Cyber Essentials PLUS
6 120 (6.92%) GRC
7 118 (6.81%) COBIT
8 97 (5.60%) ISO 9001
9 91 (5.25%) SLA
10 88 (5.08%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
11 84 (4.85%) NCSC
12 58 (3.35%) ISO/IEC 20000
13 57 (3.29%) SOC 2
14 46 (2.65%) NIST 800
15 45 (2.60%) Sarbanes-Oxley
16 36 (2.08%) QA
17 34 (1.96%) HMG Security Policy Framework
18 30 (1.73%) ISO 22301
18 30 (1.73%) ISO/IEC 27005
19 27 (1.56%) JSP 440
System Software
1 176 (10.16%) Active Directory
2 67 (3.87%) VMware Infrastructure
3 50 (2.89%) Hyper-V
4 27 (1.56%) Docker
5 17 (0.98%) Virtual Machines
5 17 (0.98%) vSphere
6 13 (0.75%) XenDesktop
7 11 (0.63%) Virtual Desktop
8 10 (0.58%) XenApp
9 7 (0.40%) VMware ESXi
10 6 (0.35%) Virtual Servers
11 4 (0.23%) BitLocker
11 4 (0.23%) Sendmail
12 3 (0.17%) Firmware
12 3 (0.17%) Microsoft App-V
12 3 (0.17%) Terminal Services
13 2 (0.12%) iptables
13 2 (0.12%) Postfix
13 2 (0.12%) Snort
14 1 (0.058%) Microsoft Virtual Server
Systems Management
1 44 (2.54%) Microsoft Intune
2 42 (2.42%) Terraform
3 41 (2.37%) Ansible
4 32 (1.85%) SCCM
5 27 (1.56%) Nessus
6 22 (1.27%) Kubernetes
7 19 (1.10%) Puppet
8 12 (0.69%) Single Sign-On
9 11 (0.63%) FortiGate
10 10 (0.58%) CASB
10 10 (0.58%) Jamf Pro
11 8 (0.46%) HP Fortify
12 6 (0.35%) HP ALM
12 6 (0.35%) Opscode Chef
12 6 (0.35%) Rundeck
12 6 (0.35%) SCOM
12 6 (0.35%) WebInspect
12 6 (0.35%) WSUS
13 5 (0.29%) Prometheus
13 5 (0.29%) Tivoli Storage Manager
Vendors
1 335 (19.33%) Microsoft
2 137 (7.91%) VMware
3 111 (6.41%) Cisco
4 63 (3.64%) Google
5 48 (2.77%) SAP
6 36 (2.08%) Citrix
7 35 (2.02%) CheckPoint
7 35 (2.02%) Oracle
8 34 (1.96%) ServiceNow
9 30 (1.73%) HP
10 29 (1.67%) Apple
10 29 (1.67%) Meraki
11 25 (1.44%) Palo Alto
12 22 (1.27%) Splunk
12 22 (1.27%) Veeam
13 20 (1.15%) Qualys
13 20 (1.15%) Salesforce.com
13 20 (1.15%) SonicWALL
13 20 (1.15%) Sophos
13 20 (1.15%) Zscaler