ISO/IEC 27001 jobs, average salaries and trends for ISO/IEC 27001 skills

The following table provides summary statistics for permanent job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 21 September 2017 with a comparison to the same period in the previous 2 years.

ISO/IEC 27001 UK
Location	6 months to 21 Sep 2017	Same period 2016	Same period 2015
Rank	226	196	280
Rank change year-on-year	-30	+84	+29
Permanent jobs citing ISO/IEC 27001	2739	3359	2533
As % of all permanent IT jobs advertised in the UK	1.55%	1.73%	1.15%
As % of the Quality Assurance & Compliance category	12.58%	13.16%	9.06%
Number of salaries quoted	2294	2697	2128
UK median annual salary	£55,000	£55,000	£50,000
Median salary % change year-on-year	-	+10.00%	-
10th Percentile	£35,000	£35,750	£32,500
90th Percentile	£80,000	£80,000	£77,500
UK excluding London median annual salary	£49,500	£50,000	£46,000
% change year-on-year	-1.00%	+8.70%	+2.22%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills UK
Permanent vacancies with a requirement for quality assurance or compliance skills	21779	25521	27972
As % of all permanent IT jobs advertised in the UK	12.34%	13.12%	12.75%
Number of salaries quoted	16165	20251	22167
UK median annual salary	£50,000	£49,375	£45,000
Median salary % change year-on-year	+1.27%	+9.72%	-
10th Percentile	£27,261	£27,250	£26,250
90th Percentile	£77,500	£77,500	£75,000
UK excluding London median annual salary	£42,500	£42,500	£40,000
% change year-on-year	-	+6.25%	-

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a percentage of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing ISO/IEC 27001.

Salary trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Histogram

The salary distribution of IT jobs citing ISO/IEC 27001 over the 6 months to 21 September 2017.

Salary histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 21 September 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	-36	2558	£55,000	-	145
UK excluding London	-31	1507	£49,500	-1.00%	96
London	+13	1163	£62,500	-3.85%	52
South East	-15	510	£52,500	-	23
North of England	-28	417	£47,500	-	42
North West	-1	216	£50,000	-	21
Midlands	-83	187	£50,000	-	11
Yorkshire	-43	166	£45,000	-6.25%	20
West Midlands	-88	148	£51,250	+2.50%	6
East of England	-47	138	£57,500	+27.78%	7
South West	-7	136	£50,000	-16.67%	9
Wales	+45	84	£45,000	-
East Midlands	-8	39	£47,500	-13.64%	4
Scotland	-31	38	£42,500	-19.05%	3
North East	+34	35	£47,500	+23.38%	1
Channel Islands	+2	1	£67,500	+35.00%
Isle of Man	-	1	£25,000	-	1

ISO/IEC 27001
Top 30 Co-occurring IT Skills

For the 6 months to 21 September 2017, IT jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for ISO/IEC 27001.

1	1764 (64.40%)	Information Security
2	1137 (41.51%)	CISSP
3	914 (33.37%)	PCI DSS
4	816 (29.79%)	CISM
5	678 (24.75%)	Finance
6	677 (24.72%)	Cybersecurity
7	670 (24.46%)	ITIL
8	655 (23.91%)	Risk Management
9	650 (23.73%)	Windows
10	607 (22.16%)	Firewall
11	557 (20.34%)	Data Protection
12	470 (17.16%)	SIEM
13	428 (15.63%)	Penetration Testing
14	405 (14.79%)	CISA
15	404 (14.75%)	Management Information System

16	396 (14.46%)	Degree
17	367 (13.40%)	GDPR
18	361 (13.18%)	Microsoft
19	344 (12.56%)	Security Architecture
20	335 (12.23%)	Active Directory
21	330 (12.05%)	Cisco
22	328 (11.98%)	Linux
23	324 (11.83%)	Windows Server
24	310 (11.32%)	Security Management
25	285 (10.41%)	Agile Software Development
26	279 (10.19%)	Network Security
27	277 (10.11%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
28	274 (10.00%)	Data Protection Act
29	271 (9.89%)	Risk Assessment
30	269 (9.82%)	ISO 9001

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	108 (3.94%)	MS Exchange
2	76 (2.77%)	IIS
3	48 (1.75%)	SharePoint
4	46 (1.68%)	Exchange Server 2010
5	34 (1.24%)	Exchange Server 2013
6	27 (0.99%)	WebSphere
7	21 (0.77%)	CMS
8	18 (0.66%)	Skype for Business
9	17 (0.62%)	Tomcat
10	8 (0.29%)	Apache
11	6 (0.22%)	Elasticsearch
12	5 (0.18%)	Oracle Service Bus
13	4 (0.15%)	BizTalk Server
13	4 (0.15%)	OpenStack
14	3 (0.11%)	nginx
14	3 (0.11%)	SharePoint 2013
14	3 (0.11%)	Umbraco
15	2 (0.073%)	Exchange Server 2003
15	2 (0.073%)	Exchange Server 2007
15	2 (0.073%)	MS Project Server

Applications
1	62 (2.26%)	Microsoft Office
2	52 (1.90%)	Microsoft Excel
3	34 (1.24%)	Microsoft PowerPoint
4	25 (0.91%)	MS Visio
5	15 (0.55%)	Microsoft Project
6	3 (0.11%)	Maya
7	2 (0.073%)	Spreadsheet

Business Applications
1	9 (0.33%)	Sentinel
2	8 (0.29%)	Oracle Applications
3	7 (0.26%)	Remedy ITSM
4	5 (0.18%)	Dynamics CRM
5	4 (0.15%)	Cognos TM1
6	3 (0.11%)	Dynamics NAV
7	2 (0.073%)	NetSuite
7	2 (0.073%)	SAP HCM
8	1 (0.037%)	Dynamics AX
8	1 (0.037%)	Magento
8	1 (0.037%)	Oracle Financials
8	1 (0.037%)	Sage 200
8	1 (0.037%)	Sage CRM
8	1 (0.037%)	SAP GRC
8	1 (0.037%)	SystmOne

Cloud Services
1	135 (4.93%)	SaaS
2	133 (4.86%)	Amazon AWS
3	118 (4.31%)	Microsoft Azure
4	91 (3.32%)	Office 365
5	48 (1.75%)	IaaS
6	29 (1.06%)	PaaS
7	22 (0.80%)	Cloud Computing
7	22 (0.80%)	Mimecast
8	8 (0.29%)	IBM Cloud
9	6 (0.22%)	Cloudflare
10	5 (0.18%)	Bluemix
10	5 (0.18%)	SoftLayer
11	4 (0.15%)	GitHub
12	3 (0.11%)	AWS CloudFormation
12	3 (0.11%)	G Suite
13	2 (0.073%)	Force.com
13	2 (0.073%)	OneDrive
13	2 (0.073%)	SuccessFactors
13	2 (0.073%)	Virtual Private Cloud
13	2 (0.073%)	Yammer

Communications & Networking
1	607 (22.16%)	Firewall
2	279 (10.19%)	Network Security
3	198 (7.23%)	TCP/IP
4	182 (6.64%)	VPN
5	152 (5.55%)	LAN
6	139 (5.07%)	WAN
7	132 (4.82%)	DNS
8	125 (4.56%)	Internet
9	101 (3.69%)	SAN
10	95 (3.47%)	DHCP
11	81 (2.96%)	Cisco ASA
12	78 (2.85%)	VoIP
13	61 (2.23%)	Wireless
14	53 (1.94%)	VLAN
15	50 (1.83%)	SSL
16	44 (1.61%)	Intrusion Detection
16	44 (1.61%)	IPsec
17	35 (1.28%)	SNMP
18	31 (1.13%)	HTTP
19	30 (1.10%)	Unified Communications

Database & Business Intelligence
1	197 (7.19%)	SQL Server
2	41 (1.50%)	MySQL
3	33 (1.20%)	SQL Server 2008
4	29 (1.06%)	Big Data
5	27 (0.99%)	SQL Server Integration Services
6	24 (0.88%)	SQL Server 2012
7	20 (0.73%)	SQL Server Reporting Services
8	15 (0.55%)	SQL Server Analysis Services
9	13 (0.47%)	Relational Database
10	11 (0.40%)	Hadoop
11	10 (0.37%)	Data Warehouse
11	10 (0.37%)	PostgreSQL
12	9 (0.33%)	Apache Cassandra
12	9 (0.33%)	Oracle Database
12	9 (0.33%)	Power BI
13	8 (0.29%)	RDBMS
14	7 (0.26%)	SQL Server 2005
15	6 (0.22%)	PerformancePoint
15	6 (0.22%)	PowerPivot
15	6 (0.22%)	SAP Data Services

Development Applications
1	27 (0.99%)	Metasploit
2	18 (0.66%)	Subversion
3	16 (0.58%)	Visual Studio
4	14 (0.51%)	Eclipse
4	14 (0.51%)	Maven
5	12 (0.44%)	Jenkins
6	7 (0.26%)	Git (software)
7	6 (0.22%)	Fiddler
8	5 (0.18%)	Burp Suite
8	5 (0.18%)	JIRA
8	5 (0.18%)	Sonatype Nexus
8	5 (0.18%)	WinDbg
9	4 (0.15%)	MSI
9	4 (0.15%)	Team Foundation Server
10	3 (0.11%)	PHPUnit
10	3 (0.11%)	Selenium
11	2 (0.073%)	Atlassian Bamboo
11	2 (0.073%)	Mocha
11	2 (0.073%)	Oracle APEX
11	2 (0.073%)	Visual Studio Team System

General
1	678 (24.75%)	Finance
2	191 (6.97%)	Legal
3	121 (4.42%)	Telecoms
4	117 (4.27%)	Banking
5	116 (4.24%)	Law
6	96 (3.50%)	Retail
7	82 (2.99%)	Marketing
8	44 (1.61%)	Manufacturing
9	32 (1.17%)	Electronics
10	29 (1.06%)	Back Office
11	19 (0.69%)	Military
12	18 (0.66%)	Advertising
12	18 (0.66%)	Financial Institution
13	17 (0.62%)	Games
13	17 (0.62%)	Publishing
14	16 (0.58%)	Automotive
15	9 (0.33%)	Digital Economy
16	8 (0.29%)	French Language
16	8 (0.29%)	Investment Banking
17	7 (0.26%)	German Language

Job Titles
1	589 (21.50%)	Analyst
2	488 (17.82%)	Security Analyst
3	410 (14.97%)	Consultant
4	394 (14.38%)	Security Manager
5	313 (11.43%)	Security Consultant
6	236 (8.62%)	Information Analyst
7	232 (8.47%)	Information Security Analyst
8	219 (8.00%)	Information Manager
9	210 (7.67%)	Information Security Manager
10	188 (6.86%)	IT Analyst
11	179 (6.54%)	Architect
12	154 (5.62%)	IT Manager
13	150 (5.48%)	IT Security Analyst
14	147 (5.37%)	Security Officer
15	135 (4.93%)	Security Engineer
16	128 (4.67%)	Information Security Consultant
17	124 (4.53%)	Security Architect
18	115 (4.20%)	Information Security Officer
19	112 (4.09%)	Security Specialist
20	108 (3.94%)	Information Officer

Libraries, Frameworks & Software Standards
1	82 (2.99%)	Web Services
2	78 (2.85%)	.NET
3	26 (0.95%)	ASP.NET
4	21 (0.77%)	LAMP
5	20 (0.73%)	Middleware
6	19 (0.69%)	.NET Framework
7	18 (0.66%)	Hibernate
7	18 (0.66%)	REST
7	18 (0.66%)	SOAP
8	17 (0.62%)	Java SE
9	16 (0.58%)	ASP.NET Web API
9	16 (0.58%)	RESTful
9	16 (0.58%)	Spring
10	15 (0.55%)	802.1X
11	14 (0.51%)	Ajax
11	14 (0.51%)	ASP.NET MVC
11	14 (0.51%)	CSS
11	14 (0.51%)	EJB
12	12 (0.44%)	jQuery
13	10 (0.37%)	XML

Miscellaneous
1	404 (14.75%)	Management Information System
2	274 (10.00%)	Data Protection Act
3	195 (7.12%)	Analytical Skills
4	131 (4.78%)	Computer Science
5	125 (4.56%)	Data Centre
6	88 (3.21%)	Cyberthreat
7	79 (2.88%)	CESG
8	67 (2.45%)	PKI
9	64 (2.34%)	Driving Licence
10	43 (1.57%)	Cyber Attack
11	40 (1.46%)	Security Operations Centre
11	40 (1.46%)	User Experience
12	36 (1.31%)	Clustering
12	36 (1.31%)	Smart Meter
13	34 (1.24%)	Distributed Denial-of-Service
13	34 (1.24%)	Mobile App
14	32 (1.17%)	Cyber Defence
15	28 (1.02%)	Virtual Team
16	24 (0.88%)	Greenfield Project
16	24 (0.88%)	Replication

Operating Systems
1	650 (23.73%)	Windows
2	328 (11.98%)	Linux
3	324 (11.83%)	Windows Server
4	123 (4.49%)	Unix
5	81 (2.96%)	Windows Server 2008
6	78 (2.85%)	Windows Server 2012
7	56 (2.04%)	Apple iOS
8	44 (1.61%)	CentOS
9	43 (1.57%)	Windows 10
10	42 (1.53%)	Mac OS X
11	34 (1.24%)	Windows 7
12	32 (1.17%)	Ubuntu
13	30 (1.10%)	Debian
13	30 (1.10%)	Red Hat Enterprise Linux
14	28 (1.02%)	Windows Server 2003
15	27 (0.99%)	Kali Linux
16	18 (0.66%)	Android
17	9 (0.33%)	Windows 8
18	8 (0.29%)	Mac OS
18	8 (0.29%)	Windows XP

Processes & Methodologies
1	1764 (64.40%)	Information Security
2	677 (24.72%)	Cybersecurity
3	670 (24.46%)	ITIL
4	655 (23.91%)	Risk Management
5	557 (20.34%)	Data Protection
6	470 (17.16%)	SIEM
7	428 (15.63%)	Penetration Testing
8	344 (12.56%)	Security Architecture
9	310 (11.32%)	Security Management
10	285 (10.41%)	Agile Software Development
11	271 (9.89%)	Risk Assessment
12	257 (9.38%)	ISMS
13	249 (9.09%)	Project Management
14	247 (9.02%)	Security Operations
15	236 (8.62%)	Information Security Management
16	214 (7.81%)	Vulnerability Management
17	201 (7.34%)	Stakeholder Management
18	195 (7.12%)	Service Management
19	185 (6.75%)	PRINCE2
20	175 (6.39%)	Business Continuity

Programming Languages
1	149 (5.44%)	SQL
2	77 (2.81%)	Java
2	77 (2.81%)	PowerShell
3	66 (2.41%)	Python
4	65 (2.37%)	C
5	47 (1.72%)	C#
6	32 (1.17%)	JavaScript
7	31 (1.13%)	Bash Shell
8	30 (1.10%)	Perl
9	24 (0.88%)	PHP
9	24 (0.88%)	Ruby
10	14 (0.51%)	VBScript
11	11 (0.40%)	C++
12	10 (0.37%)	T-SQL
12	10 (0.37%)	VB.NET
13	6 (0.22%)	Data Analysis Expressions (DAX)
13	6 (0.22%)	Shell Script
14	5 (0.18%)	C-shell
14	5 (0.18%)	Korn
15	3 (0.11%)	VB

Qualifications
1	1137 (41.51%)	CISSP
2	816 (29.79%)	CISM
3	405 (14.79%)	CISA
4	396 (14.46%)	Degree
5	188 (6.86%)	Cisco Certification
6	177 (6.46%)	CEH
7	155 (5.66%)	Security Cleared
8	149 (5.44%)	CRISC
9	120 (4.38%)	SC Cleared
10	114 (4.16%)	CCNA
11	93 (3.40%)	CCNP
12	92 (3.36%)	Microsoft Certification
13	89 (3.25%)	ISO 27001 Lead Auditor
14	86 (3.14%)	SANS
15	82 (2.99%)	CESG Certified Professional
16	78 (2.85%)	SSCP
17	70 (2.56%)	MCSE
18	67 (2.45%)	GIAC
19	63 (2.30%)	CREST Certified
20	59 (2.15%)	CISMP

Quality Assurance & Compliance
1	914 (33.37%)	PCI DSS
2	367 (13.40%)	GDPR
3	277 (10.11%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
4	269 (9.82%)	ISO 9001
5	238 (8.69%)	Cyber Essentials
6	150 (5.48%)	COBIT
7	145 (5.29%)	Sarbanes-Oxley
8	101 (3.69%)	SLA
9	97 (3.54%)	HMG Security Policy Framework
10	95 (3.47%)	ISO 22301
11	83 (3.03%)	ISO/IEC 20000
12	81 (2.96%)	ISO/IEC 27005
13	72 (2.63%)	NIST 800
14	66 (2.41%)	Cyber Essentials PLUS
15	57 (2.08%)	ISO 14001
16	35 (1.28%)	QA
17	32 (1.17%)	BS25999
18	30 (1.10%)	Data Quality
19	20 (0.73%)	PMO
20	18 (0.66%)	HIPAA

System Software
1	335 (12.23%)	Active Directory
2	197 (7.19%)	VMware Infrastructure
3	116 (4.24%)	Hyper-V
4	43 (1.57%)	VMware ESXi
4	43 (1.57%)	vSphere
5	22 (0.80%)	Virtual Machines
6	16 (0.58%)	XenApp
7	15 (0.55%)	Snort
8	14 (0.51%)	pfSense
9	13 (0.47%)	Docker
9	13 (0.47%)	XenDesktop
10	9 (0.33%)	Xen
11	8 (0.29%)	Virtual Servers
12	6 (0.22%)	Terminal Services
13	5 (0.18%)	ISA Server
13	5 (0.18%)	KVM
14	4 (0.15%)	Citrix Presentation Server
14	4 (0.15%)	MetaFrame
14	4 (0.15%)	XenServer
15	3 (0.11%)	VMware Server

Systems Management
1	68 (2.48%)	Nessus
2	55 (2.01%)	SCCM
3	25 (0.91%)	Puppet
4	20 (0.73%)	Opscode Chef
5	17 (0.62%)	Ansible
5	17 (0.62%)	Host Intrusion Detection System
5	17 (0.62%)	McAfee ePO
5	17 (0.62%)	SCOM
6	16 (0.58%)	Computer Emergency Response Teams
6	16 (0.58%)	QRadar
7	14 (0.51%)	WSUS
8	13 (0.47%)	FortiGate
9	12 (0.44%)	Nmap
9	12 (0.44%)	OSSEC
10	10 (0.37%)	Kubernetes
10	10 (0.37%)	WMI
11	9 (0.33%)	Backup Exec
11	9 (0.33%)	FTK
12	8 (0.29%)	Failover Clustering
12	8 (0.29%)	Microsoft Intune

Vendors
1	361 (13.18%)	Microsoft
2	330 (12.05%)	Cisco
3	267 (9.75%)	VMware
4	132 (4.82%)	CheckPoint
5	88 (3.21%)	HP
6	84 (3.07%)	Oracle
7	83 (3.03%)	Citrix
8	66 (2.41%)	Juniper
9	60 (2.19%)	McAfee
9	60 (2.19%)	NetApp
10	52 (1.90%)	IBM
11	49 (1.79%)	Splunk
12	46 (1.68%)	Apple
13	45 (1.64%)	Dell
14	44 (1.61%)	Palo Alto
15	42 (1.53%)	SAP
16	41 (1.50%)	Red Hat
17	40 (1.46%)	LogRhythm
18	38 (1.39%)	FireEye
19	29 (1.06%)	Qualys

151 ISO/IEC 27001 job vacancies Nationwide

ISO/IEC 27001Job Vacancy Trend

ISO/IEC 27001Salary Trend

ISO/IEC 27001Salary Histogram

ISO/IEC 27001Top 17 Job Locations

ISO/IEC 27001Top 30 Co-occurring IT Skills