Period
to 29 January 2020

The following table provides summary statistics for permanent job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 29 January 2020 with a comparison to the same period in the previous 2 years.

ISO/IEC 27001
UK
6 months to
29 Jan 2020
Same period 2019 Same period 2018
Rank 193 193 227
Rank change year-on-year 0 +34 +19
Permanent jobs citing ISO/IEC 27001 2,214 2,756 2,717
As % of all permanent IT jobs advertised in the UK 1.77% 1.81% 1.57%
As % of the Quality Assurance & Compliance category 14.07% 13.07% 12.42%
Number of salaries quoted 1,807 2,124 2,239
UK median annual salary £57,000 £55,000 £56,000
Median salary % change year-on-year +3.64% -1.79% +1.82%
10th Percentile £35,000 £33,750 £36,250
90th Percentile £85,000 £80,875 £82,500
UK excluding London median annual salary £52,500 £50,000 £50,000
% change year-on-year +5.00% - -

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 15,733 21,088 21,873
As % of all permanent IT jobs advertised in the UK 12.55% 13.87% 12.61%
Number of salaries quoted 12,113 15,452 16,927
UK median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +5.26%
10th Percentile £28,500 £27,500 £27,500
90th Percentile £83,750 £80,000 £80,000
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% -

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a percentage of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing ISO/IEC 27001.

Salary trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Histogram

The salary distribution of IT jobs citing ISO/IEC 27001 over the 6 months to 29 January 2020.

Salary histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 29 January 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -2 2,042 £57,000 +3.64% 345
UK excluding London -4 1,442 £52,500 +5.00% 290
London +5 703 £62,500 -3.85% 80
South East +47 514 £60,000 +9.09% 63
Midlands +27 315 £52,500 - 64
West Midlands +16 253 £52,500 +0.39% 49
North of England -92 252 £50,000 +11.11% 76
North West -88 146 £47,500 - 35
South West -7 138 £52,500 +16.67% 25
East of England +38 117 £50,000 -9.09% 37
Yorkshire -12 99 £52,500 +31.25% 38
East Midlands +50 61 £47,500 -12.04% 15
Scotland +57 60 £66,986 +35.33% 12
Wales +18 44 £47,250 +6.18% 12
Northern Ireland +4 9 £40,000 -11.11% 1
North East +10 7 £42,500 - 3

For the 6 months to 29 January 2020, IT jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for ISO/IEC 27001.

1 1,336 (60.34%) Information Security
2 856 (38.66%) Cybersecurity
3 812 (36.68%) CISSP
4 639 (28.86%) CISM
5 570 (25.75%) GDPR
6 508 (22.94%) PCI DSS
7 503 (22.72%) ITIL
8 460 (20.78%) NIST
9 421 (19.02%) Firewall
10 410 (18.52%) Management Information System
11 400 (18.07%) Risk Management
12 388 (17.52%) Finance
13 385 (17.39%) Azure
14 347 (15.67%) Windows
15 341 (15.40%) Degree
16 337 (15.22%) SIEM
17 322 (14.54%) Microsoft
18 298 (13.46%) Security Management
19 295 (13.32%) CISA
20 276 (12.47%) Security Cleared
21 259 (11.70%) Security Architecture
22 251 (11.34%) Agile Software Development
23 247 (11.16%) Cyber Essentials
24 244 (11.02%) Data Protection
25 241 (10.89%) Active Directory
26 240 (10.84%) ISMS
27 235 (10.61%) Penetration Testing
28 227 (10.25%) Vulnerability Management
29 225 (10.16%) Office 365
29 225 (10.16%) Linux

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 64 (2.89%) SharePoint
2 59 (2.66%) IIS
3 42 (1.90%) MS Exchange
4 23 (1.04%) Skype for Business
5 20 (0.90%) Apache
6 14 (0.63%) Exchange Server 2013
7 11 (0.50%) Apache Spark
7 11 (0.50%) IBM Domino
7 11 (0.50%) IBM Notes
8 8 (0.36%) Confluence
9 6 (0.27%) Exchange Server 2010
10 5 (0.23%) Apache Airflow
10 5 (0.23%) nginx
11 4 (0.18%) SAS
11 4 (0.18%) SharePoint 2013
12 3 (0.14%) Elasticsearch
12 3 (0.14%) OpenStack
12 3 (0.14%) Tomcat
13 2 (0.090%) DNN
13 2 (0.090%) Drupal
Applications
1 76 (3.43%) Microsoft Office
2 26 (1.17%) Microsoft Excel
3 16 (0.72%) Spreadsheet
4 5 (0.23%) Microsoft PowerPoint
5 4 (0.18%) Microsoft Project
5 4 (0.18%) MS Visio
6 1 (0.045%) Adobe Creative Suite
6 1 (0.045%) AutoCAD
6 1 (0.045%) InfoPath
6 1 (0.045%) Revit
Business Applications
1 5 (0.23%) Salesforce.com CRM
2 4 (0.18%) Dynamics CRM
2 4 (0.18%) Oracle Financials
3 3 (0.14%) Sparx Enterprise Architect
4 2 (0.090%) Distributed Ledger
4 2 (0.090%) Dynamics NAV
5 1 (0.045%) Infor M3
5 1 (0.045%) NetSuite
5 1 (0.045%) Sentinel
Cloud Services
1 385 (17.39%) Azure
2 225 (10.16%) Office 365
3 223 (10.07%) AWS
4 96 (4.34%) SaaS
5 59 (2.66%) Cloud Computing
5 59 (2.66%) IaaS
6 48 (2.17%) PaaS
7 42 (1.90%) GCP
8 28 (1.26%) Power Platform
9 25 (1.13%) Azure Active Directory
10 18 (0.81%) Serverless
11 15 (0.68%) PowerApps
12 13 (0.59%) Virtual Private Cloud
13 12 (0.54%) Amazon EC2
14 11 (0.50%) Amazon S3
15 10 (0.45%) Dynamics 365
16 8 (0.36%) Amazon GuardDuty
16 8 (0.36%) AWS CloudTrail
16 8 (0.36%) G Suite
16 8 (0.36%) OneDrive
Communications & Networking
1 421 (19.02%) Firewall
2 201 (9.08%) Network Security
3 145 (6.55%) LAN
4 144 (6.50%) WAN
5 128 (5.78%) TCP/IP
6 115 (5.19%) DNS
7 112 (5.06%) VPN
8 98 (4.43%) Intrusion Detection
9 80 (3.61%) DHCP
10 77 (3.48%) Internet
11 40 (1.81%) HTTP
12 36 (1.63%) SAN
12 36 (1.63%) VLAN
13 27 (1.22%) RTP
14 26 (1.17%) Wireless
15 25 (1.13%) SSL
16 24 (1.08%) Skype
16 24 (1.08%) WLAN
17 23 (1.04%) Wireshark
18 22 (0.99%) Cisco ASA
Database & Business Intelligence
1 117 (5.28%) SQL Server
2 47 (2.12%) Relational Database
3 30 (1.36%) Big Data
4 24 (1.08%) MySQL
5 18 (0.81%) Power BI
6 17 (0.77%) Hadoop
6 17 (0.77%) PostgreSQL
7 14 (0.63%) Amazon RDS
7 14 (0.63%) Data Warehouse
7 14 (0.63%) SQL Server 2012
8 13 (0.59%) NoSQL
9 11 (0.50%) Apache Hive
9 11 (0.50%) SQL Server 2008
10 10 (0.45%) Maltego
11 9 (0.41%) SQL Server 2014
12 8 (0.36%) BigQuery
12 8 (0.36%) HDInsight
12 8 (0.36%) Neo4j
12 8 (0.36%) QlikView
13 7 (0.32%) SQL Server Integration Services
Development Applications
1 28 (1.26%) JIRA
1 28 (1.26%) Visual Studio
2 22 (0.99%) Team Foundation Server
3 16 (0.72%) Metasploit
4 14 (0.63%) Burp Suite
4 14 (0.63%) Git (software)
5 12 (0.54%) Jenkins
6 6 (0.27%) Bitbucket
7 5 (0.23%) WinDbg
8 4 (0.18%) Subversion
9 3 (0.14%) GitLab
9 3 (0.14%) PHPUnit
9 3 (0.14%) Selenium
10 2 (0.090%) Snyk
10 2 (0.090%) SQL Server Management Studio (SSMS)
11 1 (0.045%) Mercurial
11 1 (0.045%) SonarQube
11 1 (0.045%) TestRail
General
1 388 (17.52%) Finance
2 219 (9.89%) Legal
3 159 (7.18%) Public Sector
4 116 (5.24%) Retail
5 100 (4.52%) Telecoms
6 92 (4.16%) Law
7 62 (2.80%) Manufacturing
8 48 (2.17%) Banking
9 27 (1.22%) Automotive
9 27 (1.22%) Marketing
10 18 (0.81%) Financial Institution
11 16 (0.72%) Aerospace
11 16 (0.72%) Electronics
12 14 (0.63%) Games
13 13 (0.59%) Advertising
14 12 (0.54%) Investment Banking
15 10 (0.45%) Back Office
15 10 (0.45%) Pharmaceutical
16 8 (0.36%) Military
17 5 (0.23%) Local Government
Job Titles
1 384 (17.34%) Analyst
2 305 (13.78%) Security Manager
3 295 (13.32%) Security Analyst
4 231 (10.43%) Consultant
5 221 (9.98%) Information Manager
6 216 (9.76%) Information Security Manager
7 187 (8.45%) Security Engineer
8 178 (8.04%) Information Analyst
8 178 (8.04%) Security Consultant
9 174 (7.86%) Information Security Analyst
10 151 (6.82%) Architect
11 117 (5.28%) Security Architect
12 106 (4.79%) Security Officer
13 100 (4.52%) IT Manager
14 89 (4.02%) Information Security Officer
15 82 (3.70%) Cybersecurity Consultant
16 81 (3.66%) Information Officer
17 74 (3.34%) Head of Security
18 70 (3.16%) Cybersecurity Engineer
19 69 (3.12%) IT Support
Libraries, Frameworks & Software Standards
1 62 (2.80%) .NET
2 35 (1.58%) HTML
3 34 (1.54%) CSS
4 32 (1.45%) OAuth
5 31 (1.40%) Web Services
6 28 (1.26%) AngularJS
7 27 (1.22%) .NET Framework
8 26 (1.17%) Entity Framework
8 26 (1.17%) HTML5
8 26 (1.17%) jQuery
8 26 (1.17%) Twitter Bootstrap
9 24 (1.08%) CSS3
10 23 (1.04%) OpenID
11 21 (0.95%) ADO.NET
11 21 (0.95%) SAML
11 21 (0.95%) WinForms
12 18 (0.81%) LDAP
13 16 (0.72%) SailPoint
14 14 (0.63%) ASP.NET
15 11 (0.50%) RESTful
Miscellaneous
1 410 (18.52%) Management Information System
2 141 (6.37%) Analytical Skills
3 109 (4.92%) Self-Motivation
4 77 (3.48%) Data Protection Act
5 63 (2.85%) Data Centre
6 61 (2.76%) CESG
7 55 (2.48%) Cyberthreat
7 55 (2.48%) Security Operations Centre
8 48 (2.17%) PKI
9 41 (1.85%) Cyberattack
10 37 (1.67%) Greenfield Project
11 35 (1.58%) Clustering
12 28 (1.26%) Driving Licence
13 26 (1.17%) Distributed Denial-of-Service
14 25 (1.13%) User Experience
15 23 (1.04%) CCTV
16 19 (0.86%) Public Cloud
17 17 (0.77%) Client/Server
17 17 (0.77%) Cyber Kill Chain
17 17 (0.77%) Private Cloud
Operating Systems
1 347 (15.67%) Windows
2 225 (10.16%) Linux
3 155 (7.00%) Windows Server
4 72 (3.25%) Windows Server 2012
5 69 (3.12%) Windows 10
6 46 (2.08%) Windows Server 2008
7 23 (1.04%) Unix
8 16 (0.72%) Windows Server 2003
9 15 (0.68%) CentOS
9 15 (0.68%) Red Hat Enterprise Linux
9 15 (0.68%) Windows 7
10 14 (0.63%) Apple iOS
10 14 (0.63%) Mac OS
11 9 (0.41%) VMS
12 8 (0.36%) Android
12 8 (0.36%) Windows XP
13 7 (0.32%) HPUX
14 5 (0.23%) Solaris
14 5 (0.23%) Windows 8
15 3 (0.14%) Mac OS X
Processes & Methodologies
1 1,336 (60.34%) Information Security
2 856 (38.66%) Cybersecurity
3 503 (22.72%) ITIL
4 400 (18.07%) Risk Management
5 337 (15.22%) SIEM
6 298 (13.46%) Security Management
7 259 (11.70%) Security Architecture
8 251 (11.34%) Agile Software Development
9 244 (11.02%) Data Protection
10 240 (10.84%) ISMS
11 235 (10.61%) Penetration Testing
12 227 (10.25%) Vulnerability Management
13 209 (9.44%) Stakeholder Management
14 204 (9.21%) Information Security Management
15 203 (9.17%) Problem-Solving
16 200 (9.03%) Security Operations
17 199 (8.99%) Project Management
18 196 (8.85%) Continuous Improvement
19 183 (8.27%) Incident Management
20 154 (6.96%) Service Delivery
Programming Languages
1 115 (5.19%) Python
2 104 (4.70%) PowerShell
3 103 (4.65%) SQL
4 49 (2.21%) C
5 45 (2.03%) C#
6 39 (1.76%) JavaScript
7 26 (1.17%) Ruby
8 25 (1.13%) VB.NET
9 22 (0.99%) VB
10 21 (0.95%) VB6
11 18 (0.81%) Java
12 16 (0.72%) Bash Shell
13 14 (0.63%) Data Analysis Expressions (DAX)
14 13 (0.59%) C++
14 13 (0.59%) PHP
15 7 (0.32%) T-SQL
16 6 (0.27%) Perl
16 6 (0.27%) VBScript
17 5 (0.23%) Scala
18 4 (0.18%) RPG
Qualifications
1 812 (36.68%) CISSP
2 639 (28.86%) CISM
3 341 (15.40%) Degree
4 295 (13.32%) CISA
5 276 (12.47%) Security Cleared
6 192 (8.67%) SC Cleared
7 154 (6.96%) Cisco Certification
8 109 (4.92%) CRISC
9 97 (4.38%) CEH
10 84 (3.79%) CESG Certified Professional
10 84 (3.79%) ISO 27001 Lead Auditor
11 83 (3.75%) Microsoft Certification
12 65 (2.94%) (ISC)2 CCSP
13 63 (2.85%) CCNA
14 61 (2.76%) CISMP
15 55 (2.48%) GIAC
16 54 (2.44%) CREST Certified
17 51 (2.30%) MCSE
17 51 (2.30%) SANS
18 50 (2.26%) SSCP
Quality Assurance & Compliance
1 570 (25.75%) GDPR
2 508 (22.94%) PCI DSS
3 460 (20.78%) NIST
4 247 (11.16%) Cyber Essentials
5 163 (7.36%) COBIT
6 147 (6.64%) ISO 9001
7 143 (6.46%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
8 134 (6.05%) SLA
9 111 (5.01%) HMG Security Policy Framework
10 108 (4.88%) Sarbanes-Oxley
11 97 (4.38%) NCSC
12 76 (3.43%) QA
13 73 (3.30%) ISO 22301
14 67 (3.03%) Cyber Essentials PLUS
15 64 (2.89%) ISO/IEC 20000
16 56 (2.53%) NIST 800
17 43 (1.94%) JSP 440
18 30 (1.36%) HIPAA
19 27 (1.22%) Data Quality
20 25 (1.13%) RMADS
System Software
1 241 (10.89%) Active Directory
2 152 (6.87%) VMware Infrastructure
3 96 (4.34%) Hyper-V
4 28 (1.26%) Virtual Machines
5 26 (1.17%) vSphere
6 19 (0.86%) VMware ESXi
7 17 (0.77%) Docker
8 13 (0.59%) Virtual Desktop
9 11 (0.50%) HDFS
10 8 (0.36%) BitLocker
11 7 (0.32%) KVM
12 6 (0.27%) XenApp
13 5 (0.23%) Firmware
13 5 (0.23%) pfSense
13 5 (0.23%) Squid
13 5 (0.23%) VMware NSX
14 4 (0.18%) Virtual Servers
15 3 (0.14%) Sendmail
15 3 (0.14%) XenDesktop
16 2 (0.090%) Citrix Hypervisor
Systems Management
1 45 (2.03%) Nessus
2 42 (1.90%) SCCM
3 32 (1.45%) Ansible
4 21 (0.95%) Nmap
5 19 (0.86%) Microsoft Intune
6 18 (0.81%) Kubernetes
7 16 (0.72%) Norton AntiVirus
8 15 (0.68%) Forefront Identity Manager
9 14 (0.63%) CASB
10 13 (0.59%) Puppet
11 12 (0.54%) FortiGate
11 12 (0.54%) Single Sign-On
12 11 (0.50%) Nagios
12 11 (0.50%) OpenVAS
12 11 (0.50%) Terraform
13 9 (0.41%) HP Fortify
13 9 (0.41%) WebInspect
14 8 (0.36%) Opscode Chef
15 6 (0.27%) Jamf Pro
15 6 (0.27%) SCOM
Vendors
1 322 (14.54%) Microsoft
2 194 (8.76%) VMware
3 156 (7.05%) Cisco
4 40 (1.81%) Juniper
5 37 (1.67%) Citrix
5 37 (1.67%) Google
6 36 (1.63%) Fortinet
6 36 (1.63%) Oracle
7 35 (1.58%) CheckPoint
8 34 (1.54%) Qualys
8 34 (1.54%) Splunk
9 30 (1.36%) NetApp
10 28 (1.26%) Palo Alto
11 27 (1.22%) HP
11 27 (1.22%) McAfee
11 27 (1.22%) Veeam
12 25 (1.13%) Symantec
13 23 (1.04%) Meraki
14 22 (0.99%) Apple
14 22 (0.99%) CA