Period
to 2 April 2020

The following table provides summary statistics for permanent job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 2 April 2020 with a comparison to the same period in the previous 2 years.

ISO/IEC 27001
UK
6 months to
2 Apr 2020
Same period 2019 Same period 2018
Rank 188 200 219
Rank change year-on-year +12 +19 +39
Permanent jobs citing ISO/IEC 27001 2,155 2,591 2,802
As % of all permanent jobs advertised in the UK 1.84% 1.75% 1.58%
As % of the Quality Assurance & Compliance category 14.98% 12.50% 12.40%
Number of salaries quoted 1,878 2,013 2,363
Median annual salary £55,000 £55,000 £57,500
Median salary % change year-on-year - -4.35% +4.55%
10th Percentile £35,375 £33,750 £36,250
90th Percentile £85,000 £87,500 £83,750
UK excluding London median annual salary £52,500 £50,000 £50,000
% change year-on-year +5.00% - +5.26%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 14,383 20,731 22,590
As % of all permanent IT jobs advertised in the UK 12.28% 14.00% 12.76%
Number of salaries quoted 11,041 15,053 17,581
Median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +5.26%
10th Percentile £28,750 £27,625 £27,500
90th Percentile £85,000 £81,250 £80,000
UK excluding London median annual salary £45,000 £45,000 £43,750
% change year-on-year - +2.86% +6.06%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Trend

3-month moving average salary quoted in jobs citing ISO/IEC 27001.

Salary trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Histogram

Salary distribution for jobs citing ISO/IEC 27001 over the 6 months to 2 April 2020.

Salary histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 2 April 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +4 1,986 £55,000 - 199
UK excluding London +6 1,359 £52,500 +5.00% 156
London +29 708 £61,500 -5.38% 49
South East +53 444 £55,000 +2.80% 31
Midlands +28 296 £49,000 -6.67% 25
North of England -41 283 £50,000 +11.11% 43
West Midlands +32 239 £47,750 -9.05% 20
North West -39 173 £47,500 -5.00% 29
South West -1 149 £52,500 +16.67% 28
Work from Home +40 139 £63,750 -1.92% 5
East of England +7 106 £50,000 -9.09% 23
Yorkshire -29 104 £55,000 +37.50% 13
East Midlands +28 55 £48,750 -8.88% 5
Scotland +45 43 £55,000 +15.79% 2
Wales -2 42 £41,391 -13.32% 4
North East +4 6 £43,750 +2.94% 1
Northern Ireland +12 5 £37,500 -62.50%

For the 6 months to 2 April 2020, IT jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for ISO/IEC 27001.

1 1,303 (60.46%) Information Security
2 757 (35.13%) Cybersecurity
3 730 (33.87%) CISSP
4 574 (26.64%) GDPR
5 536 (24.87%) CISM
6 493 (22.88%) PCI DSS
7 464 (21.53%) Azure
8 447 (20.74%) Risk Management
9 446 (20.70%) ITIL
10 438 (20.32%) Firewall
11 395 (18.33%) Finance
12 377 (17.49%) NIST
13 376 (17.45%) Microsoft
14 368 (17.08%) Management Information System
15 360 (16.71%) Windows
16 304 (14.11%) Security Management
17 288 (13.36%) Security Cleared
18 277 (12.85%) CISA
19 273 (12.67%) Degree
20 272 (12.62%) SIEM
21 269 (12.48%) AWS
22 268 (12.44%) Active Directory
23 255 (11.83%) Office 365
24 253 (11.74%) Data Protection
25 245 (11.37%) Security Architecture
26 243 (11.28%) Cyber Essentials
27 232 (10.77%) ISMS
28 230 (10.67%) Agile Software Development
29 228 (10.58%) Information Security Management
30 227 (10.53%) Penetration Testing

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 59 (2.74%) IIS
1 59 (2.74%) SharePoint
2 58 (2.69%) MS Exchange
3 37 (1.72%) Exchange Server 2013
4 17 (0.79%) Apache
5 16 (0.74%) Skype for Business
6 9 (0.42%) Exchange Server 2010
7 7 (0.32%) Apache Spark
7 7 (0.32%) Tomcat
8 6 (0.28%) Confluence
8 6 (0.28%) WebSphere
9 5 (0.23%) SharePoint 2010
10 4 (0.19%) Apache Airflow
10 4 (0.19%) Elasticsearch
10 4 (0.19%) OpenStack
10 4 (0.19%) SAS
11 3 (0.14%) ColdFusion
11 3 (0.14%) IBM Domino
11 3 (0.14%) IBM Notes
12 2 (0.093%) CMS
Applications
1 67 (3.11%) Microsoft Office
2 21 (0.97%) Microsoft Excel
3 9 (0.42%) Spreadsheet
4 4 (0.19%) Microsoft PowerPoint
4 4 (0.19%) Microsoft Project
4 4 (0.19%) MS Visio
5 1 (0.046%) Adobe Creative Suite
5 1 (0.046%) AutoCAD
5 1 (0.046%) InfoPath
5 1 (0.046%) Revit
Business Applications
1 8 (0.37%) Elite 3E
2 6 (0.28%) Carpe Diem
3 4 (0.19%) Dynamics CRM
3 4 (0.19%) Oracle Financials
3 4 (0.19%) Sentinel
4 3 (0.14%) Distributed Ledger
5 2 (0.093%) Dynamics NAV
6 1 (0.046%) Infor M3
6 1 (0.046%) NetSuite
6 1 (0.046%) Salesforce.com CRM
6 1 (0.046%) Sparx Enterprise Architect
Cloud Services
1 464 (21.53%) Azure
2 269 (12.48%) AWS
3 255 (11.83%) Office 365
4 110 (5.10%) SaaS
5 78 (3.62%) IaaS
6 75 (3.48%) PaaS
7 44 (2.04%) Cloud Computing
8 37 (1.72%) GCP
9 28 (1.30%) Power Platform
10 27 (1.25%) Serverless
11 24 (1.11%) Azure Active Directory
12 20 (0.93%) Mimecast
13 15 (0.70%) PowerApps
14 12 (0.56%) G Suite
15 11 (0.51%) Amazon EC2
15 11 (0.51%) AWS Lambda
15 11 (0.51%) Azure Functions
15 11 (0.51%) Virtual Private Cloud
16 9 (0.42%) GitHub
17 8 (0.37%) Amazon S3
Communications & Networking
1 438 (20.32%) Firewall
2 159 (7.38%) Network Security
3 136 (6.31%) LAN
4 134 (6.22%) DNS
5 133 (6.17%) VPN
6 123 (5.71%) WAN
7 117 (5.43%) TCP/IP
8 90 (4.18%) Intrusion Detection
9 83 (3.85%) DHCP
10 76 (3.53%) Internet
11 50 (2.32%) SAN
12 40 (1.86%) VLAN
13 33 (1.53%) MPLS
13 33 (1.53%) Wireless
13 33 (1.53%) Wireshark
14 29 (1.35%) HTTP
15 26 (1.21%) VoIP
16 24 (1.11%) Cisco ASA
16 24 (1.11%) Wi-Fi
17 21 (0.97%) IPsec
Database & Business Intelligence
1 131 (6.08%) SQL Server
2 57 (2.65%) Relational Database
3 33 (1.53%) MySQL
4 22 (1.02%) SQL Server 2012
5 18 (0.84%) Power BI
6 17 (0.79%) Big Data
6 17 (0.79%) PostgreSQL
7 14 (0.65%) Amazon RDS
7 14 (0.65%) SQL Server 2008
8 11 (0.51%) Hadoop
9 9 (0.42%) NoSQL
10 7 (0.32%) Apache Hive
10 7 (0.32%) Data Warehouse
10 7 (0.32%) RDBMS
10 7 (0.32%) SQL Server 2014
11 6 (0.28%) Blockchain
11 6 (0.28%) Maltego
11 6 (0.28%) QlikView
11 6 (0.28%) Redis
11 6 (0.28%) SQL Server Reporting Services
Development Applications
1 34 (1.58%) Visual Studio
2 32 (1.48%) JIRA
3 25 (1.16%) Git (software)
3 25 (1.16%) Team Foundation Server
4 16 (0.74%) Metasploit
5 14 (0.65%) Jenkins
6 12 (0.56%) Burp Suite
7 10 (0.46%) Selenium
8 7 (0.32%) WinDbg
9 5 (0.23%) Bitbucket
9 5 (0.23%) Subversion
10 4 (0.19%) PHPUnit
11 3 (0.14%) GitLab
11 3 (0.14%) RSpec
12 2 (0.093%) Snyk
12 2 (0.093%) Vagrant
13 1 (0.046%) Atlassian Bamboo
13 1 (0.046%) Cucumber
13 1 (0.046%) SonarQube
13 1 (0.046%) SpecFlow
General
1 395 (18.33%) Finance
2 225 (10.44%) Legal
3 140 (6.50%) Public Sector
4 109 (5.06%) Law
5 105 (4.87%) Retail
6 87 (4.04%) Telecoms
7 60 (2.78%) Manufacturing
8 53 (2.46%) Banking
9 24 (1.11%) Marketing
10 18 (0.84%) Financial Institution
11 17 (0.79%) Automotive
12 16 (0.74%) Electronics
13 14 (0.65%) Aerospace
14 12 (0.56%) Advertising
15 11 (0.51%) Back Office
16 9 (0.42%) Games
17 8 (0.37%) Pharmaceutical
18 7 (0.32%) Police
19 5 (0.23%) Local Government
20 3 (0.14%) Military
Job Titles
1 386 (17.91%) Analyst
2 286 (13.27%) Security Analyst
3 283 (13.13%) Security Manager
4 200 (9.28%) Consultant
5 199 (9.23%) Information Manager
6 195 (9.05%) Information Security Manager
7 173 (8.03%) Security Engineer
8 168 (7.80%) Architect
9 166 (7.70%) Information Analyst
10 163 (7.56%) Information Security Analyst
11 153 (7.10%) Security Consultant
12 124 (5.75%) IT Manager
12 124 (5.75%) Security Architect
13 112 (5.20%) Security Officer
14 82 (3.81%) Cybersecurity Consultant
15 81 (3.76%) Information Security Officer
15 81 (3.76%) Infrastructure Engineer
16 75 (3.48%) Security Specialist
17 69 (3.20%) Information Officer
18 66 (3.06%) Cloud Architect
Libraries, Frameworks & Software Standards
1 65 (3.02%) .NET
2 46 (2.13%) Web Services
3 45 (2.09%) CSS
4 44 (2.04%) OAuth
5 43 (2.00%) HTML
6 37 (1.72%) OpenID
7 34 (1.58%) HTML5
8 33 (1.53%) AngularJS
8 33 (1.53%) SAML
8 33 (1.53%) Twitter Bootstrap
9 32 (1.48%) .NET Framework
10 31 (1.44%) jQuery
11 29 (1.35%) CSS3
12 28 (1.30%) Entity Framework
12 28 (1.30%) SailPoint
13 24 (1.11%) ADO.NET
13 24 (1.11%) WinForms
14 16 (0.74%) RESTful
15 13 (0.60%) ASP.NET
15 13 (0.60%) REST
Miscellaneous
1 368 (17.08%) Management Information System
2 107 (4.97%) Analytical Skills
3 91 (4.22%) Self-Motivation
4 89 (4.13%) Data Centre
5 68 (3.16%) Data Protection Act
6 62 (2.88%) CESG
7 60 (2.78%) Cyberthreat
8 49 (2.27%) Driving Licence
9 41 (1.90%) PKI
10 40 (1.86%) Greenfield Project
11 37 (1.72%) Clustering
11 37 (1.72%) Public Cloud
12 30 (1.39%) Enterprise Storage
12 30 (1.39%) Security Operations Centre
13 26 (1.21%) Cloud Native
14 22 (1.02%) Cyberattack
15 21 (0.97%) Hybrid Cloud
16 19 (0.88%) Distributed Denial-of-Service
17 17 (0.79%) Private Cloud
18 14 (0.65%) User Experience
Operating Systems
1 360 (16.71%) Windows
2 202 (9.37%) Linux
3 172 (7.98%) Windows Server
4 69 (3.20%) Windows Server 2012
5 64 (2.97%) Windows 10
6 46 (2.13%) Windows Server 2016
7 38 (1.76%) Windows Server 2008
8 32 (1.48%) Unix
9 20 (0.93%) Windows 7
10 17 (0.79%) Windows Server 2019
11 13 (0.60%) Red Hat Enterprise Linux
12 10 (0.46%) CentOS
12 10 (0.46%) Mac OS
13 9 (0.42%) Windows Server 2003
13 9 (0.42%) Windows XP
14 8 (0.37%) Apple iOS
14 8 (0.37%) VMS
15 6 (0.28%) AIX
15 6 (0.28%) Android
15 6 (0.28%) Debian
Processes & Methodologies
1 1,303 (60.46%) Information Security
2 757 (35.13%) Cybersecurity
3 447 (20.74%) Risk Management
4 446 (20.70%) ITIL
5 304 (14.11%) Security Management
6 272 (12.62%) SIEM
7 253 (11.74%) Data Protection
8 245 (11.37%) Security Architecture
9 232 (10.77%) ISMS
10 230 (10.67%) Agile Software Development
11 228 (10.58%) Information Security Management
12 227 (10.53%) Penetration Testing
13 187 (8.68%) Vulnerability Management
14 179 (8.31%) Problem-Solving
15 168 (7.80%) Stakeholder Management
16 162 (7.52%) Incident Management
17 161 (7.47%) Risk Assessment
18 160 (7.42%) Continuous Improvement
19 155 (7.19%) Project Management
20 146 (6.77%) Security Operations
Programming Languages
1 142 (6.59%) PowerShell
2 131 (6.08%) Python
3 94 (4.36%) SQL
4 52 (2.41%) C#
5 50 (2.32%) JavaScript
6 42 (1.95%) C
7 29 (1.35%) Ruby
7 29 (1.35%) VB.NET
8 27 (1.25%) Java
9 25 (1.16%) VB
10 24 (1.11%) VB6
11 23 (1.07%) PHP
12 20 (0.93%) C++
13 19 (0.88%) Data Analysis Expressions (DAX)
14 17 (0.79%) Bash Shell
15 15 (0.70%) T-SQL
16 9 (0.42%) Scala
16 9 (0.42%) Shell Script
17 8 (0.37%) VBScript
18 6 (0.28%) Perl
Qualifications
1 730 (33.87%) CISSP
2 536 (24.87%) CISM
3 288 (13.36%) Security Cleared
4 277 (12.85%) CISA
5 273 (12.67%) Degree
6 199 (9.23%) SC Cleared
7 181 (8.40%) Cisco Certification
8 102 (4.73%) CRISC
9 97 (4.50%) CEH
10 90 (4.18%) CESG Certified Professional
11 80 (3.71%) CCNA
12 79 (3.67%) Microsoft Certification
13 70 (3.25%) (ISC)2 CCSP
13 70 (3.25%) ISO 27001 Lead Auditor
14 67 (3.11%) CCNP
15 57 (2.65%) CISMP
16 51 (2.37%) ISO 27001 Lead Implementer
16 51 (2.37%) MCSE
17 47 (2.18%) CCSP
17 47 (2.18%) DV Cleared
Quality Assurance & Compliance
1 574 (26.64%) GDPR
2 493 (22.88%) PCI DSS
3 377 (17.49%) NIST
4 243 (11.28%) Cyber Essentials
5 169 (7.84%) COBIT
6 148 (6.87%) ISO 9001
7 116 (5.38%) HMG Security Policy Framework
7 116 (5.38%) SLA
8 112 (5.20%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 98 (4.55%) Sarbanes-Oxley
10 88 (4.08%) NCSC
11 84 (3.90%) ISO/IEC 20000
12 80 (3.71%) QA
13 70 (3.25%) JSP 440
14 61 (2.83%) ISO 22301
15 60 (2.78%) NIST 800
16 56 (2.60%) Cyber Essentials PLUS
17 33 (1.53%) RMADS
18 25 (1.16%) Data Quality
19 24 (1.11%) BS25999
System Software
1 268 (12.44%) Active Directory
2 163 (7.56%) VMware Infrastructure
3 112 (5.20%) Hyper-V
4 30 (1.39%) Docker
5 25 (1.16%) BitLocker
5 25 (1.16%) XenApp
6 21 (0.97%) XenDesktop
7 19 (0.88%) vSphere
8 18 (0.84%) NFS
9 15 (0.70%) Virtual Machines
10 14 (0.65%) VMware ESXi
11 10 (0.46%) Virtual Desktop
12 7 (0.32%) HDFS
13 6 (0.28%) Firmware
13 6 (0.28%) Microsoft Virtual Server
13 6 (0.28%) Virtual Servers
14 5 (0.23%) KVM
14 5 (0.23%) Squid
15 3 (0.14%) Veritas Cluster Server
15 3 (0.14%) VMware NSX
Systems Management
1 47 (2.18%) Nessus
2 35 (1.62%) SCCM
3 24 (1.11%) Nmap
4 23 (1.07%) Terraform
5 21 (0.97%) Ansible
6 19 (0.88%) Backup Exec
7 18 (0.84%) Microsoft Intune
8 16 (0.74%) Kubernetes
9 14 (0.65%) Puppet
10 13 (0.60%) CASB
10 13 (0.60%) SCOM
11 12 (0.56%) FortiGate
12 11 (0.51%) Norton AntiVirus
13 9 (0.42%) HP Fortify
13 9 (0.42%) WebInspect
14 8 (0.37%) Single Sign-On
15 7 (0.32%) OpenVAS
16 6 (0.28%) Cisco CUCM
16 6 (0.28%) Nagios
16 6 (0.28%) Opscode Chef
Vendors
1 376 (17.45%) Microsoft
2 208 (9.65%) VMware
3 157 (7.29%) Cisco
4 85 (3.94%) Citrix
5 50 (2.32%) HP
6 42 (1.95%) Juniper
7 38 (1.76%) Qualys
8 34 (1.58%) Veeam
9 31 (1.44%) Sophos
10 30 (1.39%) CheckPoint
10 30 (1.39%) CyberArk
10 30 (1.39%) Fortinet
11 29 (1.35%) Oracle
12 28 (1.30%) ForgeRock
12 28 (1.30%) Splunk
13 27 (1.25%) Red Hat
14 25 (1.16%) NetApp
14 25 (1.16%) Palo Alto
15 24 (1.11%) Google
15 24 (1.11%) Xamarin