Period
to 25 September 2020

The following table provides summary statistics for permanent job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 25 September 2020 with a comparison to the same period in the previous 2 years.

ISO/IEC 27001
UK
6 months to
25 Sep 2020
Same period 2019 Same period 2018
Rank 169 180 205
Rank change year-on-year +11 +25 +33
Permanent jobs citing ISO/IEC 27001 1,001 2,796 2,917
As % of all permanent jobs advertised in the UK 2.05% 1.99% 1.74%
As % of the Quality Assurance & Compliance category 17.18% 14.94% 13.25%
Number of salaries quoted 827 2,075 2,521
Median annual salary £60,000 £52,945 £57,500
Median salary % change year-on-year +13.33% -7.92% +4.55%
10th Percentile £36,250 £28,500 £34,900
90th Percentile £105,000 £85,000 £82,500
UK excluding London median annual salary £52,500 £47,500 £51,500
% change year-on-year +10.53% -7.77% +3.00%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 5,825 18,715 22,007
As % of all permanent IT jobs advertised in the UK 11.93% 13.30% 13.14%
Number of salaries quoted 4,517 13,832 16,716
Median annual salary £55,000 £50,000 £50,000
Median salary % change year-on-year +10.00% - -
10th Percentile £31,250 £27,750 £28,500
90th Percentile £86,250 £82,950 £80,000
UK excluding London median annual salary £50,000 £45,000 £45,000
% change year-on-year +11.11% - +5.88%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Trend

3-month moving average salary quoted in jobs citing ISO/IEC 27001.

Salary trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Histogram

Salary distribution for jobs citing ISO/IEC 27001 over the 6 months to 25 September 2020.

Salary histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 25 September 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +7 927 £60,000 +9.09% 157
UK excluding London -21 554 £52,500 +10.53% 136
London +82 400 £65,000 - 36
South East +53 175 £52,500 -10.26% 36
North of England -63 150 £50,000 +5.26% 38
Midlands +39 109 £52,500 +5.00% 9
West Midlands +29 85 £57,500 +15.00% 7
North West +51 78 £50,000 - 21
South West +77 69 £65,000 +30.00% 20
Work from Home +4 64 £55,000 +15.79% 20
Yorkshire -67 64 £52,500 +16.67% 16
East Midlands +78 24 £42,500 -20.19% 2
East of England +12 24 £40,000 -27.27% 16
Scotland +79 12 £47,500 -26.92% 6
Wales +6 12 £40,361 -10.31% 10
North East +19 8 £45,000 -7.69% 1
Northern Ireland -11 6 £55,000 +51.72% 1

For the 6 months to 25 September 2020, IT jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for ISO/IEC 27001.

1 620 (61.94%) Information Security
2 368 (36.76%) CISSP
3 355 (35.46%) Cybersecurity
4 256 (25.57%) NIST
5 245 (24.48%) Azure
6 232 (23.18%) Risk Management
7 220 (21.98%) CISM
8 216 (21.58%) Firewall
9 207 (20.68%) PCI DSS
10 206 (20.58%) Microsoft
11 203 (20.28%) GDPR
12 195 (19.48%) Finance
13 175 (17.48%) Management Information System
14 167 (16.68%) ITIL
15 160 (15.98%) Security Architecture
16 155 (15.48%) Identity Access Management
17 151 (15.08%) ISMS
18 147 (14.69%) AWS
19 145 (14.49%) Office 365
20 142 (14.19%) Windows
21 134 (13.39%) Security Management
22 130 (12.99%) Cisco Certification
23 124 (12.39%) Active Directory
24 121 (12.09%) Agile Software Development
25 115 (11.49%) Cyber Essentials
26 109 (10.89%) SaaS
27 107 (10.69%) Security Cleared
28 105 (10.49%) Linux
29 102 (10.19%) CISA
29 102 (10.19%) Data Protection

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 34 (3.40%) SharePoint
2 20 (2.00%) IIS
3 10 (1.00%) MS Exchange
4 9 (0.90%) Exchange Server 2013
5 5 (0.50%) OpenStack
6 4 (0.40%) Confluence
7 3 (0.30%) SAS
7 3 (0.30%) Skype for Business
8 2 (0.20%) ColdFusion
8 2 (0.20%) Elasticsearch
8 2 (0.20%) Gluu
9 1 (0.100%) Apache
9 1 (0.100%) Apache Spark
9 1 (0.100%) CMS
9 1 (0.100%) Exchange Server 2010
9 1 (0.100%) Tomcat
9 1 (0.100%) WebSphere
Applications
1 26 (2.60%) Microsoft Office
2 9 (0.90%) Microsoft Excel
3 8 (0.80%) Microsoft PowerPoint
4 1 (0.100%) InfoPath
Business Applications
1 2 (0.20%) Oracle Applications
2 1 (0.100%) Maximo
2 1 (0.100%) Oracle Financials
2 1 (0.100%) Salesforce.com CRM
2 1 (0.100%) SAP MM
2 1 (0.100%) SAP R/3
2 1 (0.100%) SAP Retail
Cloud Services
1 245 (24.48%) Azure
2 147 (14.69%) AWS
3 145 (14.49%) Office 365
4 109 (10.89%) SaaS
5 75 (7.49%) IaaS
6 58 (5.79%) PaaS
7 28 (2.80%) Azure Active Directory
8 16 (1.60%) OneDrive
8 16 (1.60%) Serverless
9 14 (1.40%) Azure Functions
9 14 (1.40%) Cloud Computing
10 13 (1.30%) AWS Lambda
11 12 (1.20%) Power Platform
12 11 (1.10%) PowerApps
13 9 (0.90%) GCP
14 8 (0.80%) Mimecast
15 7 (0.70%) Amazon EC2
15 7 (0.70%) Amazon S3
15 7 (0.70%) GitHub
16 5 (0.50%) Route 53
Communications & Networking
1 216 (21.58%) Firewall
2 67 (6.69%) VPN
3 62 (6.19%) Intrusion Detection
4 53 (5.29%) Network Security
5 52 (5.19%) DNS
6 48 (4.80%) LAN
7 44 (4.40%) WAN
8 43 (4.30%) TCP/IP
9 25 (2.50%) Internet
10 23 (2.30%) SAN
11 21 (2.10%) MPLS
12 17 (1.70%) Wi-Fi
13 15 (1.50%) Wireless
14 13 (1.30%) VoIP
15 12 (1.20%) DHCP
16 10 (1.00%) OSPF
17 9 (0.90%) Cisco ASA
17 9 (0.90%) HTTP
17 9 (0.90%) iSCSI
17 9 (0.90%) VLAN
Database & Business Intelligence
1 48 (4.80%) SQL Server
2 20 (2.00%) MySQL
3 16 (1.60%) Big Data
3 16 (1.60%) PostgreSQL
4 11 (1.10%) Redis
5 8 (0.80%) Relational Database
6 6 (0.60%) DB2
6 6 (0.60%) Hadoop
7 5 (0.50%) Amazon RDS
8 4 (0.40%) Azure SQL Database
9 3 (0.30%) GIS
9 3 (0.30%) MongoDB
9 3 (0.30%) NoSQL
10 2 (0.20%) Amazon DynamoDB
10 2 (0.20%) Data Warehouse
10 2 (0.20%) Electronic Patient Records
10 2 (0.20%) RDBMS
10 2 (0.20%) SQL Server 2008
10 2 (0.20%) SQL Server 2019
11 1 (0.100%) Data Lake
Development Applications
1 23 (2.30%) Git (software)
2 22 (2.20%) JIRA
3 10 (1.00%) Jenkins
4 8 (0.80%) Selenium
5 4 (0.40%) SonarQube
5 4 (0.40%) Visual Studio
6 3 (0.30%) Chocolatey
6 3 (0.30%) RSpec
7 2 (0.20%) Ant
7 2 (0.20%) Vagrant
7 2 (0.20%) VSS/SourceSafe
8 1 (0.100%) Burp Suite
8 1 (0.100%) GitLab
8 1 (0.100%) IntelliJ
8 1 (0.100%) JUnit
8 1 (0.100%) Maven
8 1 (0.100%) Ranorex
8 1 (0.100%) Snyk
8 1 (0.100%) Subversion
8 1 (0.100%) Xcode
General
1 195 (19.48%) Finance
2 88 (8.79%) Legal
3 53 (5.29%) Telecoms
4 41 (4.10%) Manufacturing
5 34 (3.40%) Public Sector
6 29 (2.90%) Law
7 21 (2.10%) Marketing
8 20 (2.00%) Back Office
9 19 (1.90%) Banking
10 14 (1.40%) Retail
11 6 (0.60%) Advertising
11 6 (0.60%) Games
12 5 (0.50%) Pharmaceutical
13 3 (0.30%) Electronics
14 2 (0.20%) Automotive
14 2 (0.20%) French Language
14 2 (0.20%) Local Government
14 2 (0.20%) Mandarin Language
14 2 (0.20%) Spanish Language
15 1 (0.100%) Digital Economy
Job Titles
1 185 (18.48%) Consultant
2 138 (13.79%) Analyst
3 118 (11.79%) Security Manager
4 93 (9.29%) Security Analyst
5 92 (9.19%) Security Consultant
6 72 (7.19%) Architect
7 68 (6.79%) Security Engineer
8 67 (6.69%) Information Manager
9 61 (6.09%) IT Manager
10 56 (5.59%) Information Analyst
10 56 (5.59%) Information Security Manager
11 55 (5.49%) Cybersecurity Consultant
12 51 (5.09%) Information Security Analyst
13 50 (5.00%) Security Officer
14 41 (4.10%) Security Architect
15 36 (3.60%) Senior Consultant
16 34 (3.40%) Information Security Officer
17 33 (3.30%) Security Specialist
18 32 (3.20%) Infrastructure Manager
18 32 (3.20%) Network Engineer
Libraries, Frameworks & Software Standards
1 87 (8.69%) OAuth
2 86 (8.59%) OpenID
3 85 (8.49%) SAML
4 38 (3.80%) SailPoint
5 20 (2.00%) Web Services
6 16 (1.60%) .NET
7 11 (1.10%) Node.js
8 10 (1.00%) CSS
9 9 (0.90%) REST
10 8 (0.80%) ASP.NET
10 8 (0.80%) SOAP
11 7 (0.70%) HTML
12 6 (0.60%) ASP.NET MVC
12 6 (0.60%) HTML5
12 6 (0.60%) jQuery
12 6 (0.60%) JSON
12 6 (0.60%) Middleware
12 6 (0.60%) RESTful
12 6 (0.60%) WCF
12 6 (0.60%) WebRTC
Miscellaneous
1 175 (17.48%) Management Information System
2 82 (8.19%) Cyberthreat
3 63 (6.29%) Analytical Skills
4 42 (4.20%) Cyberattack
5 32 (3.20%) Data Centre
6 31 (3.10%) Cloud Native
7 29 (2.90%) Data Protection Act
8 28 (2.80%) Self-Motivation
9 26 (2.60%) PKI
10 21 (2.10%) Public Cloud
11 16 (1.60%) Blog
12 12 (1.20%) Driving Licence
13 9 (0.90%) Enterprise Storage
13 9 (0.90%) Security Operations Centre
14 8 (0.80%) Enterprise Software
15 7 (0.70%) CESG
15 7 (0.70%) PMI
16 6 (0.60%) Life Science
16 6 (0.60%) SWIFT
16 6 (0.60%) Virtual Team
Operating Systems
1 142 (14.19%) Windows
2 105 (10.49%) Linux
3 82 (8.19%) Windows Server
4 17 (1.70%) Mac OS
5 15 (1.50%) Unix
5 15 (1.50%) Windows Server 2012
6 12 (1.20%) Windows Server 2016
7 11 (1.10%) CentOS
7 11 (1.10%) Windows 10
8 9 (0.90%) Windows Server 2008
9 6 (0.60%) Amazon Linux
10 5 (0.50%) Windows Server 2019
11 3 (0.30%) Red Hat Enterprise Linux
11 3 (0.30%) SUSE
11 3 (0.30%) Ubuntu
12 2 (0.20%) Debian
12 2 (0.20%) Oracle Linux
13 1 (0.100%) Android
13 1 (0.100%) Apple iOS
13 1 (0.100%) Mac OS X
Processes & Methodologies
1 620 (61.94%) Information Security
2 355 (35.46%) Cybersecurity
3 232 (23.18%) Risk Management
4 167 (16.68%) ITIL
5 160 (15.98%) Security Architecture
6 155 (15.48%) Identity Access Management
7 151 (15.08%) ISMS
8 134 (13.39%) Security Management
9 121 (12.09%) Agile Software Development
10 102 (10.19%) Data Protection
11 85 (8.49%) SIEM
12 81 (8.09%) Data Privacy
12 81 (8.09%) Information Security Management
13 79 (7.89%) DevOps
14 75 (7.49%) Security Operations
15 74 (7.39%) Penetration Testing
16 72 (7.19%) Disaster Recovery
16 72 (7.19%) Problem-Solving
17 67 (6.69%) Stakeholder Management
18 65 (6.49%) GAP Analysis
Programming Languages
1 82 (8.19%) PowerShell
2 57 (5.69%) Python
3 44 (4.40%) SQL
4 19 (1.90%) C
5 15 (1.50%) Bash Shell
5 15 (1.50%) Java
5 15 (1.50%) Ruby
6 13 (1.30%) C#
6 13 (1.30%) JavaScript
7 9 (0.90%) PHP
8 8 (0.80%) Go
8 8 (0.80%) Perl
8 8 (0.80%) T-SQL
9 7 (0.70%) TypeScript
10 5 (0.50%) Elixir
11 4 (0.40%) R
12 3 (0.30%) Shell Script
12 3 (0.30%) VBScript
13 2 (0.20%) AWK
13 2 (0.20%) VB.NET
Qualifications
1 368 (36.76%) CISSP
2 220 (21.98%) CISM
3 130 (12.99%) Cisco Certification
4 107 (10.69%) Security Cleared
5 102 (10.19%) CISA
6 95 (9.49%) CCNA
7 89 (8.89%) CCNP
8 84 (8.39%) Degree
9 77 (7.69%) SC Cleared
10 59 (5.89%) CRISC
11 49 (4.90%) CompTIA Security+
12 36 (3.60%) DV Cleared
13 33 (3.30%) ISO 27001 Lead Implementer
14 32 (3.20%) ISO 27001 Lead Auditor
15 27 (2.70%) (ISC)2 CCSP
15 27 (2.70%) CESG Certified Professional
16 25 (2.50%) GIAC
17 23 (2.30%) Microsoft Certification
18 20 (2.00%) CEH
19 16 (1.60%) CREST Certified
Quality Assurance & Compliance
1 256 (25.57%) NIST
2 207 (20.68%) PCI DSS
3 203 (20.28%) GDPR
4 115 (11.49%) Cyber Essentials
5 76 (7.59%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 61 (6.09%) ISO 9001
7 51 (5.09%) COBIT
7 51 (5.09%) SLA
8 49 (4.90%) NIST 800
9 39 (3.90%) NCSC
10 33 (3.30%) ISO/IEC 20000
11 30 (3.00%) ISO 31000
12 28 (2.80%) ISO 22301
13 25 (2.50%) Sarbanes-Oxley
14 21 (2.10%) Cyber Essentials PLUS
15 19 (1.90%) HMG Security Policy Framework
16 15 (1.50%) ISO/IEC 27005
17 13 (1.30%) JSP 440
18 12 (1.20%) QA
19 10 (1.00%) RMADS
System Software
1 124 (12.39%) Active Directory
2 39 (3.90%) VMware Infrastructure
3 32 (3.20%) Docker
4 31 (3.10%) Hyper-V
5 10 (1.00%) BitLocker
5 10 (1.00%) XenApp
5 10 (1.00%) XenDesktop
6 9 (0.90%) NFS
6 9 (0.90%) Virtual Servers
7 8 (0.80%) VMware ESXi
8 3 (0.30%) Virtual Machines
9 2 (0.20%) DFS Replication
9 2 (0.20%) Firmware
9 2 (0.20%) iptables
9 2 (0.20%) Microsoft Virtual Server
9 2 (0.20%) vSphere
10 1 (0.100%) ProxySG
10 1 (0.100%) Terminal Services
Systems Management
1 45 (4.50%) Terraform
2 37 (3.70%) Microsoft Intune
3 25 (2.50%) Ansible
3 25 (2.50%) Kubernetes
4 16 (1.60%) SCCM
5 12 (1.20%) Host Intrusion Detection System
6 9 (0.90%) Backup Exec
7 8 (0.80%) Computer Emergency Response Teams
7 8 (0.80%) Puppet
8 7 (0.70%) Network Intrusion Detection System
8 7 (0.70%) Opscode Chef
8 7 (0.70%) Single Sign-On
9 6 (0.60%) FortiGate
10 5 (0.50%) Computer Incident Response Team
10 5 (0.50%) Failover Clustering
11 4 (0.40%) Microsoft Data Protection Manager
12 3 (0.30%) HP Fortify
12 3 (0.30%) Jamf Pro
12 3 (0.30%) Nessus
12 3 (0.30%) yum
Vendors
1 206 (20.58%) Microsoft
2 78 (7.79%) VMware
3 59 (5.89%) ForgeRock
4 50 (5.00%) Cisco
5 39 (3.90%) CyberArk
6 26 (2.60%) Citrix
6 26 (2.60%) Google
7 16 (1.60%) Palo Alto
8 15 (1.50%) CheckPoint
8 15 (1.50%) Splunk
9 14 (1.40%) Salesforce.com
9 14 (1.40%) Sophos
10 13 (1.30%) Meraki
11 12 (1.20%) Fortinet
11 12 (1.20%) HP
11 12 (1.20%) Oracle
12 11 (1.10%) Veeam
13 10 (1.00%) LogRhythm
13 10 (1.00%) SAP
14 9 (0.90%) Red Hat