ISO/IEC 27001 Jobs, Skill Sets & Salary Benchmarking

The following table provides summary statistics for permanent job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 21 October 2021 with a comparison to the same period in the previous 2 years.

ISO/IEC 27001 UK
Location	6 months to 21 Oct 2021	Same period 2020	Same period 2019
Rank	220	174	189
Rank change year-on-year	-46	+15	+21
Permanent jobs citing ISO/IEC 27001	2,024	989	2,681
As % of all permanent jobs advertised in the UK	1.60%	2.02%	1.96%
As % of the Quality Assurance & Compliance category	10.47%	16.16%	14.12%
Number of salaries quoted	1,560	799	1,954
10th Percentile	£36,250	£36,250	£29,250
25th Percentile	£42,500	£46,250	£41,250
Median annual salary (50th Percentile)	£57,542	£60,000	£55,000
Median % change year-on-year	-4.10%	+9.09%	-2.22%
75th Percentile	£72,500	£77,500	£70,000
90th Percentile	£85,000	£120,000	£85,000
UK excluding London median annual salary	£52,500	£52,500	£50,000
% change year-on-year	-	+5.00%	-

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills UK
Permanent vacancies with a requirement for quality assurance or compliance skills	19,338	6,119	18,987
As % of all permanent IT jobs advertised in the UK	15.33%	12.51%	13.85%
Number of salaries quoted	11,830	4,816	14,307
10th Percentile	£31,250	£31,250	£28,500
25th Percentile	£40,485	£41,250	£37,000
Median annual salary (50th Percentile)	£55,000	£55,000	£50,000
Median % change year-on-year	-	+10.00%	-
75th Percentile	£71,250	£70,000	£67,500
90th Percentile	£88,750	£85,000	£82,500
UK excluding London median annual salary	£47,000	£49,000	£45,000
% change year-on-year	-4.08%	+8.89%	-

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Trend

3-month moving average salary quoted in jobs citing ISO/IEC 27001.

Salary trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Salary Histogram

Salary distribution for jobs citing ISO/IEC 27001 over the 6 months to 21 October 2021.

Salary histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 21 October 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	-49	1,751	£60,000	-	315
UK excluding London	-21	1,194	£52,500	-	230
London	-81	713	£65,000	-3.70%	108
Work from Home	-57	370	£65,000	+18.18%	51
South East	-33	360	£53,000	+0.95%	59
North of England	-31	294	£50,000	-	68
Midlands	-54	175	£55,000	+4.76%	38
North West	-19	158	£52,500	+5.00%	33
South West	-11	149	£46,500	-28.46%	30
West Midlands	-66	121	£53,750	-6.52%	33
Yorkshire	-65	110	£49,500	+4.21%	21
Scotland	-5	97	£46,250	-2.63%	10
East of England	-71	55	£52,500	-	12
East Midlands	-52	52	£60,000	+41.18%	5
Wales	-16	49	£37,000	-7.50%	11
North East	-2	31	£56,250	+6.43%	14
Northern Ireland	-23	31	£65,000	+18.18%	2

ISO/IEC 27001
Top 30 Co-occurring IT Skills

For the 6 months to 21 October 2021, IT jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for ISO/IEC 27001.

1	1,085 (53.61%)	Information Security
2	802 (39.62%)	Cybersecurity
3	634 (31.32%)	Social Skills
4	588 (29.05%)	NIST
5	570 (28.16%)	GDPR
6	529 (26.14%)	Cyber Essentials
7	514 (25.40%)	Risk Management
8	513 (25.35%)	CISSP
9	494 (24.41%)	Azure
10	435 (21.49%)	Microsoft
11	398 (19.66%)	Management Information System
12	389 (19.22%)	CISM
13	380 (18.77%)	ITIL
14	373 (18.43%)	PCI DSS
15	364 (17.98%)	Finance

16	360 (17.79%)	Firewall
17	356 (17.59%)	Security Management
18	351 (17.34%)	Data Protection
19	350 (17.29%)	AWS
20	323 (15.96%)	Windows
21	319 (15.76%)	ISMS
22	265 (13.09%)	SIEM
23	263 (12.99%)	Microsoft 365
24	258 (12.75%)	Cyber Essentials PLUS
25	253 (12.50%)	Vulnerability Management
26	233 (11.51%)	Information Security Management
27	230 (11.36%)	Agile Software Development
28	219 (10.82%)	Degree
29	218 (10.77%)	CISA
30	211 (10.42%)	Legal

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	77 (3.80%)	SharePoint
2	47 (2.32%)	IIS
3	27 (1.33%)	MS Exchange
4	24 (1.19%)	Apache
5	17 (0.84%)	nginx
6	12 (0.59%)	CMS
6	12 (0.59%)	MTS
7	9 (0.44%)	Elasticsearch
8	8 (0.40%)	Skype for Business
9	6 (0.30%)	Exchange Server 2013
9	6 (0.30%)	OpenStack
10	5 (0.25%)	Confluence
10	5 (0.25%)	Drupal
10	5 (0.25%)	SAS
10	5 (0.25%)	SharePoint 2013
10	5 (0.25%)	WordPress
11	2 (0.099%)	BizTalk Server
11	2 (0.099%)	Exchange Server 2010
11	2 (0.099%)	JBoss
11	2 (0.099%)	Tomcat

Applications
1	86 (4.25%)	Microsoft Office
2	64 (3.16%)	Microsoft Excel
3	54 (2.67%)	Microsoft PowerPoint
4	25 (1.24%)	MS Visio
5	10 (0.49%)	Microsoft Project
6	4 (0.20%)	Figma

Business Applications
1	6 (0.30%)	Oracle EBS
1	6 (0.30%)	Oracle ERP
2	5 (0.25%)	SAP Business One
2	5 (0.25%)	Sentinel
3	4 (0.20%)	NetSuite
4	3 (0.15%)	Dynamics CRM
4	3 (0.15%)	Exchequer
4	3 (0.15%)	Salesforce.com CRM
5	2 (0.099%)	Cloudability
6	1 (0.049%)	Distributed Ledger
6	1 (0.049%)	Oracle Receivables
6	1 (0.049%)	Relativity
6	1 (0.049%)	SAP ERP
6	1 (0.049%)	SAP HR
6	1 (0.049%)	Unit4 Business World

Cloud Services
1	494 (24.41%)	Azure
2	350 (17.29%)	AWS
3	263 (12.99%)	Microsoft 365
4	141 (6.97%)	SaaS
5	79 (3.90%)	GCP
6	69 (3.41%)	Azure Active Directory
7	59 (2.92%)	IaaS
8	48 (2.37%)	PaaS
9	43 (2.12%)	Cloud Computing
10	32 (1.58%)	Power Platform
11	26 (1.28%)	GitHub
11	26 (1.28%)	OneDrive
12	20 (0.99%)	Serverless
13	19 (0.94%)	Mimecast
14	16 (0.79%)	PowerApps
15	15 (0.74%)	Azure Sentinel
16	14 (0.69%)	Amazon EC2
17	12 (0.59%)	Dynamics 365
18	11 (0.54%)	AWS CloudFormation
19	10 (0.49%)	Virtual Private Cloud

Communications & Networking
1	360 (17.79%)	Firewall
2	168 (8.30%)	Network Security
3	96 (4.74%)	VPN
4	85 (4.20%)	TCP/IP
5	79 (3.90%)	DNS
6	62 (3.06%)	WAN
7	50 (2.47%)	LAN
8	41 (2.03%)	DHCP
9	37 (1.83%)	Internet
10	33 (1.63%)	SAN
10	33 (1.63%)	VLAN
11	29 (1.43%)	Intrusion Detection
12	28 (1.38%)	Cisco ASA
12	28 (1.38%)	VoIP
13	20 (0.99%)	MPLS
14	19 (0.94%)	F5 BIG-IP GTM
14	19 (0.94%)	F5 BIG-IP LTM
14	19 (0.94%)	Wireless
15	18 (0.89%)	SSL
16	17 (0.84%)	HTTP

Database & Business Intelligence
1	92 (4.55%)	SQL Server
2	53 (2.62%)	MySQL
3	24 (1.19%)	Amazon RDS
4	23 (1.14%)	Relational Database
5	16 (0.79%)	SQL Server 2008
6	15 (0.74%)	Data Warehouse
6	15 (0.74%)	MongoDB
6	15 (0.74%)	RDBMS
6	15 (0.74%)	SQL Server 2012
7	14 (0.69%)	PostgreSQL
8	13 (0.64%)	NoSQL
9	11 (0.54%)	Power BI
10	10 (0.49%)	Blockchain
11	9 (0.44%)	SQL Server Integration Services
12	8 (0.40%)	Amazon DynamoDB
12	8 (0.40%)	Oracle Database
13	7 (0.35%)	Redis
13	7 (0.35%)	SQL Server Reporting Services
14	6 (0.30%)	SQL Server 2005
14	6 (0.30%)	SQL Server 2014

Development Applications
1	49 (2.42%)	JIRA
2	44 (2.17%)	Git (software)
3	30 (1.48%)	Visual Studio
4	20 (0.99%)	Jenkins
5	16 (0.79%)	Burp Suite
6	12 (0.59%)	Team Foundation Server
7	10 (0.49%)	Bitbucket
8	9 (0.44%)	CircleCI
8	9 (0.44%)	Mercurial
9	8 (0.40%)	Rational DOORS
9	8 (0.40%)	SoapUI
9	8 (0.40%)	SonarQube
9	8 (0.40%)	Subversion
10	6 (0.30%)	PHPUnit
11	5 (0.25%)	Ant
11	5 (0.25%)	TeamCity
12	4 (0.20%)	Artifactory
12	4 (0.20%)	Cypress.io
12	4 (0.20%)	Maven
13	3 (0.15%)	Appium

General
1	634 (31.32%)	Social Skills
2	364 (17.98%)	Finance
3	211 (10.42%)	Legal
4	158 (7.81%)	Analytical Skills
5	136 (6.72%)	Police
6	121 (5.98%)	Public Sector
7	108 (5.34%)	Banking
8	82 (4.05%)	Retail
9	79 (3.90%)	Law
10	73 (3.61%)	Influencing Skills
11	69 (3.41%)	Telecoms
12	54 (2.67%)	Presentation Skills
13	50 (2.47%)	Organisational Skills
14	49 (2.42%)	Marketing
15	38 (1.88%)	Back Office
16	36 (1.78%)	Manufacturing
17	28 (1.38%)	Games
18	27 (1.33%)	Documentation Skills
19	25 (1.24%)	Advertising
20	22 (1.09%)	Pharmaceutical

Job Titles
1	315 (15.56%)	Analyst
2	283 (13.98%)	Consultant
3	228 (11.26%)	Security Analyst
4	227 (11.22%)	Security Manager
5	207 (10.23%)	Security Consultant
6	200 (9.88%)	Architect
7	160 (7.91%)	Security Architect
8	141 (6.97%)	Information Manager
9	137 (6.77%)	Security Engineer
10	132 (6.52%)	Information Security Manager
11	112 (5.53%)	Information Analyst
12	111 (5.48%)	Cybersecurity Consultant
12	111 (5.48%)	IT Manager
13	109 (5.39%)	Information Security Analyst
14	91 (4.50%)	IT Analyst
15	85 (4.20%)	Security Officer
16	81 (4.00%)	Infrastructure Engineer
17	76 (3.75%)	Security Specialist
18	66 (3.26%)	Information Officer
19	63 (3.11%)	Information Security Officer

Libraries, Frameworks & Software Standards
1	51 (2.52%)	REST
2	42 (2.08%)	Web Services
3	39 (1.93%)	.NET
4	30 (1.48%)	CSS
4	30 (1.48%)	Middleware
5	28 (1.38%)	Node.js
6	20 (0.99%)	SOAP
7	19 (0.94%)	AngularJS
8	18 (0.89%)	HTML
8	18 (0.89%)	React
9	17 (0.84%)	.NET Framework
9	17 (0.84%)	ASP.NET
9	17 (0.84%)	SAML
10	14 (0.69%)	jQuery
10	14 (0.69%)	RESTful
11	12 (0.59%)	LAMP
11	12 (0.59%)	LDAP
11	12 (0.59%)	Redux
11	12 (0.59%)	Sass
11	12 (0.59%)	XML

Miscellaneous
1	398 (19.66%)	Management Information System
2	130 (6.42%)	Smart Meter
3	82 (4.05%)	Self-Motivation
4	72 (3.56%)	Cyberthreat
5	71 (3.51%)	Data Protection Act
6	64 (3.16%)	Data Centre
7	51 (2.52%)	Public Cloud
8	39 (1.93%)	Driving Licence
9	37 (1.83%)	NHS
10	34 (1.68%)	User Experience
11	23 (1.14%)	Distributed Denial-of-Service
12	22 (1.09%)	Hybrid Cloud
12	22 (1.09%)	PKI
13	21 (1.04%)	Enterprise Software
14	17 (0.84%)	Mobile App
15	16 (0.79%)	Cyberattack
16	14 (0.69%)	Security Operations Centre
17	12 (0.59%)	BYOD
18	10 (0.49%)	Cloud Native
18	10 (0.49%)	Greenfield Project

Operating Systems
1	323 (15.96%)	Windows
2	195 (9.63%)	Linux
3	127 (6.27%)	Windows Server
4	83 (4.10%)	Windows 10
5	45 (2.22%)	Unix
6	39 (1.93%)	Windows Server 2019
7	34 (1.68%)	Windows Server 2012
8	25 (1.24%)	Windows Server 2016
9	20 (0.99%)	Mac OS
9	20 (0.99%)	Solaris
10	14 (0.69%)	Windows Server 2008
11	13 (0.64%)	Android
12	12 (0.59%)	Red Hat Enterprise Linux
13	11 (0.54%)	CentOS
13	11 (0.54%)	VMS
13	11 (0.54%)	Windows 7
14	10 (0.49%)	Apple iOS
15	6 (0.30%)	Debian
16	5 (0.25%)	Ubuntu
17	4 (0.20%)	Windows Server 2003

Processes & Methodologies
1	1,085 (53.61%)	Information Security
2	802 (39.62%)	Cybersecurity
3	514 (25.40%)	Risk Management
4	380 (18.77%)	ITIL
5	356 (17.59%)	Security Management
6	351 (17.34%)	Data Protection
7	319 (15.76%)	ISMS
8	265 (13.09%)	SIEM
9	253 (12.50%)	Vulnerability Management
10	233 (11.51%)	Information Security Management
11	230 (11.36%)	Agile Software Development
12	185 (9.14%)	Continuous Improvement
13	180 (8.89%)	Security Testing
14	173 (8.55%)	Problem-Solving
15	171 (8.45%)	Security Architecture
16	170 (8.40%)	Risk Assessment
17	155 (7.66%)	Project Management
18	152 (7.51%)	DevOps
18	152 (7.51%)	Security Operations
19	149 (7.36%)	Stakeholder Management

Programming Languages
1	93 (4.59%)	SQL
2	66 (3.26%)	Python
3	61 (3.01%)	PowerShell
4	48 (2.37%)	Java
5	47 (2.32%)	C#
6	45 (2.22%)	Bash Shell
7	42 (2.08%)	JavaScript
8	34 (1.68%)	C
9	22 (1.09%)	PHP
10	15 (0.74%)	Perl
11	12 (0.59%)	TypeScript
12	11 (0.54%)	C++
12	11 (0.54%)	T-SQL
13	6 (0.30%)	VB
14	5 (0.25%)	VBScript
15	4 (0.20%)	Kotlin
15	4 (0.20%)	Ruby
16	3 (0.15%)	Go
16	3 (0.15%)	Scala
17	2 (0.099%)	Shell Script

Qualifications
1	513 (25.35%)	CISSP
2	389 (19.22%)	CISM
3	219 (10.82%)	Degree
4	218 (10.77%)	CISA
5	209 (10.33%)	Security Cleared
6	115 (5.68%)	Cisco Certification
7	85 (4.20%)	SC Cleared
8	68 (3.36%)	CRISC
9	67 (3.31%)	CEH
10	61 (3.01%)	Microsoft Certification
11	56 (2.77%)	CCNA
12	53 (2.62%)	CESG Certified Professional
13	51 (2.52%)	ISO 27001 Lead Auditor
14	47 (2.32%)	SSCP
15	45 (2.22%)	(ISC)2 CCSP
16	41 (2.03%)	CompTIA Security+
17	38 (1.88%)	GIAC
18	37 (1.83%)	SANS
19	32 (1.58%)	CCNP
20	29 (1.43%)	CCSP

Quality Assurance & Compliance
1	588 (29.05%)	NIST
2	570 (28.16%)	GDPR
3	529 (26.14%)	Cyber Essentials
4	373 (18.43%)	PCI DSS
5	258 (12.75%)	Cyber Essentials PLUS
6	156 (7.71%)	COBIT
7	137 (6.77%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
8	125 (6.18%)	GRC
9	95 (4.69%)	NCSC
10	92 (4.55%)	ISO 9001
11	82 (4.05%)	SOC 2
12	76 (3.75%)	SLA
13	59 (2.92%)	Sarbanes-Oxley
14	54 (2.67%)	ISO/IEC 20000
15	49 (2.42%)	ISO 22301
16	42 (2.08%)	ISO/IEC 27005
17	32 (1.58%)	HIPAA
17	32 (1.58%)	NIST 800
18	28 (1.38%)	HMG Security Policy Framework
19	25 (1.24%)	QA

System Software
1	210 (10.38%)	Active Directory
2	93 (4.59%)	VMware Infrastructure
3	72 (3.56%)	Hyper-V
4	36 (1.78%)	Docker
5	15 (0.74%)	vSphere
6	14 (0.69%)	Virtual Machines
7	11 (0.54%)	Firmware
7	11 (0.54%)	XenApp
7	11 (0.54%)	XenDesktop
8	10 (0.49%)	VMware ESXi
9	9 (0.44%)	BitLocker
10	8 (0.40%)	ISA Server
11	6 (0.30%)	Virtual Servers
12	5 (0.25%)	Virtual Desktop
13	4 (0.20%)	iptables
13	4 (0.20%)	Sendmail
14	3 (0.15%)	Terminal Services
14	3 (0.15%)	vCloud
15	2 (0.099%)	Microsoft App-V
15	2 (0.099%)	RACF

Systems Management
1	58 (2.87%)	Microsoft Intune
2	40 (1.98%)	Nessus
3	35 (1.73%)	SCCM
4	33 (1.63%)	Single Sign-On
4	33 (1.63%)	Terraform
5	26 (1.28%)	Kubernetes
6	25 (1.24%)	Ansible
7	11 (0.54%)	Puppet
8	9 (0.44%)	CASB
8	9 (0.44%)	HP Fortify
9	8 (0.40%)	HP ALM
9	8 (0.40%)	McAfee ePO
9	8 (0.40%)	Trend Micro Deep Security
9	8 (0.40%)	WSUS
10	7 (0.35%)	Jamf Pro
10	7 (0.35%)	WebInspect
11	6 (0.30%)	Active Directory Federation Services
12	5 (0.25%)	Istio
12	5 (0.25%)	QRadar
12	5 (0.25%)	Tivoli Storage Manager

Vendors
1	435 (21.49%)	Microsoft
2	158 (7.81%)	VMware
3	133 (6.57%)	Cisco
4	67 (3.31%)	Google
5	54 (2.67%)	Oracle
6	47 (2.32%)	Citrix
7	43 (2.12%)	CheckPoint
8	37 (1.83%)	HP
9	34 (1.68%)	F5
9	34 (1.68%)	Qualys
10	33 (1.63%)	Veeam
11	32 (1.58%)	Meraki
12	29 (1.43%)	Apple
12	29 (1.43%)	ServiceNow
13	26 (1.28%)	SAP
13	26 (1.28%)	Splunk
14	22 (1.09%)	Zscaler
15	20 (0.99%)	Palo Alto
16	19 (0.94%)	Salesforce.com
17	18 (0.89%)	Sophos

350 ISO/IEC 27001 job vacancies Nationwide

ISO/IEC 27001Job Vacancy Trend

ISO/IEC 27001Salary Trend

ISO/IEC 27001Salary Histogram

ISO/IEC 27001Top 17 Job Locations

ISO/IEC 27001Top 30 Co-occurring IT Skills