MITRE ATT&CK Jobs, Co-occurring Skills & Salary Benchmarking

MITRE ATT&CK
UK

The table below provides summary statistics for permanent job vacancies requiring MITRE ATT&CK skills. It includes a benchmarking guide to the annual salaries offered in vacancies that cited MITRE ATT&CK over the 6 months leading up to 26 July 2024, comparing them to the same period in the previous two years.

Location	6 months to 26 Jul 2024	Same period 2023	Same period 2022
Rank	753	713	990
Rank change year-on-year	-40	+277	-104
Permanent jobs citing MITRE ATT&CK	89	174	286
As % of all permanent jobs advertised in the UK	0.098%	0.22%	0.16%
As % of the Processes & Methodologies category	0.12%	0.23%	0.17%
Number of salaries quoted	59	131	220
10^th Percentile	£49,750	£39,294	£38,750
25^th Percentile	£56,563	£50,625	£51,250
Median annual salary (50^th Percentile)	£65,000	£60,000	£65,000
Median % change year-on-year	+8.33%	-7.69%	-
75^th Percentile	£83,750	£77,500	£78,750
90^th Percentile	£114,000	£88,750	£100,000
UK excluding London median annual salary	£58,750	£58,000	£65,000
% change year-on-year	+1.29%	-10.77%	+6.12%

All Process and Methodology Skills
UK

MITRE ATT&CK falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills	73,969	76,929	168,958
As % of all permanent jobs advertised in the UK	81.84%	95.34%	96.40%
Number of salaries quoted	48,628	50,249	85,709
10^th Percentile	£30,000	£33,750	£33,750
25^th Percentile	£40,000	£45,000	£44,250
Median annual salary (50^th Percentile)	£55,000	£60,000	£60,000
Median % change year-on-year	-8.33%	-	+9.09%
75^th Percentile	£73,750	£80,000	£80,000
90^th Percentile	£93,750	£100,000	£96,250
UK excluding London median annual salary	£50,000	£55,000	£52,500
% change year-on-year	-9.09%	+4.76%	+6.06%

MITRE ATT&CK
Job Vacancy Trend

Job postings citing MITRE ATT&CK as a proportion of all IT jobs advertised.

Job vacancy trend for MITRE ATT&amp;CK in the UK

MITRE ATT&CK
Salary Trend

3-month moving average salary quoted in jobs citing MITRE ATT&CK.

Salary trend for MITRE ATT&amp;CK in the UK

MITRE ATT&CK
Salary Histogram

Salary distribution for jobs citing MITRE ATT&CK over the 6 months to 26 July 2024.

Salary histogram for MITRE ATT&amp;CK in the UK

MITRE ATT&CK
Top 12 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing MITRE ATT&CK within the UK over the 6 months to 26 July 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Jobs
England	-28	72	£67,000	+11.67%	7
UK excluding London	-52	44	£58,750	+1.29%	7
London	+38	41	£75,000	+20.00%	3
Work from Home	0	28	£72,500	+11.54%	3
Scotland	-35	15	£50,300	+0.60%	3
South East	+13	13	£58,875	+2.39%	1
North of England	-9	8	£60,000	-
North West	-27	7	£60,000	-
South West	-6	5	£57,500	+34.44%	2
Midlands	-23	3	£70,000	+2.94%	1
West Midlands	-7	2	£70,000	+2.94%	1
Yorkshire	-	1	-	-

MITRE ATT&CK
Top 30 Co-occurring Skills and Capabilities

For the 6 months to 26 July 2024, job vacancies citing MITRE ATT&CK also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for MITRE ATT&CK.

1	57 (64.04%)	NIST
2	55 (61.80%)	Cybersecurity
3	40 (44.94%)	Azure
4	36 (40.45%)	Incident Response
5	33 (37.08%)	SIEM
6	30 (33.71%)	Finance
7	29 (32.58%)	Information Security
8	28 (31.46%)	Vulnerability Management
9	27 (30.34%)	CISSP
10	26 (29.21%)	CISM
10	26 (29.21%)	Firewall
11	25 (28.09%)	Social Skills
12	24 (26.97%)	Threat Intelligence
12	24 (26.97%)	Cyber Kill Chain
12	24 (26.97%)	ISO/IEC 27001

13	23 (25.84%)	Cyber Threat Intelligence
13	23 (25.84%)	Security Operations
13	23 (25.84%)	Cloud Security
14	22 (24.72%)	Application Security
15	20 (22.47%)	AWS
15	20 (22.47%)	Microsoft
16	18 (20.22%)	OWASP
16	18 (20.22%)	Threat Modelling
16	18 (20.22%)	DevSecOps
17	17 (19.10%)	Cyber Threat
17	17 (19.10%)	Identity Access Management
18	16 (17.98%)	Banking
19	15 (16.85%)	Risk Management
20	14 (15.73%)	SOAR
20	14 (15.73%)	Inclusion and Diversity

MITRE ATT&CK
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	1 (1.12%)	SharePoint

Applications
1	2 (2.25%)	Microsoft Office
2	1 (1.12%)	Microsoft Excel
2	1 (1.12%)	MS Visio

Cloud Services
1	40 (44.94%)	Azure
2	20 (22.47%)	AWS
3	13 (14.61%)	GCP
3	13 (14.61%)	Microsoft 365
4	12 (13.48%)	IaaS
4	12 (13.48%)	PaaS
4	12 (13.48%)	SaaS
5	8 (8.99%)	Azure Sentinel
6	7 (7.87%)	Azure AKS
6	7 (7.87%)	Google Kubernetes Engine
7	5 (5.62%)	Entra ID
8	4 (4.49%)	Amazon S3
9	2 (2.25%)	Azure Service Fabric
9	2 (2.25%)	Power Platform
10	1 (1.12%)	Azure Monitor
10	1 (1.12%)	Cloud Computing
10	1 (1.12%)	Google Workspace

Communications & Networking
1	26 (29.21%)	Firewall
2	5 (5.62%)	LAN
2	5 (5.62%)	Network Security
2	5 (5.62%)	WAN
3	4 (4.49%)	HTTP
3	4 (4.49%)	SMTP
3	4 (4.49%)	SSL
4	2 (2.25%)	802.11
4	2 (2.25%)	Bluetooth
4	2 (2.25%)	ZigBee
5	1 (1.12%)	Cisco IPT
5	1 (1.12%)	DHCP
5	1 (1.12%)	DNS
5	1 (1.12%)	Intrusion Detection
5	1 (1.12%)	TCP/IP
5	1 (1.12%)	Wireshark

Database & Business Intelligence
1	4 (4.49%)	SQL Server
2	2 (2.25%)	Azure SQL Database
2	2 (2.25%)	Power BI

Development Applications
1	7 (7.87%)	Metasploit
2	6 (6.74%)	Burp Suite

General
1	30 (33.71%)	Finance
2	25 (28.09%)	Social Skills
3	16 (17.98%)	Banking
4	14 (15.73%)	Inclusion and Diversity
5	7 (7.87%)	Law
5	7 (7.87%)	Marketing
5	7 (7.87%)	Retail Banking
6	5 (5.62%)	Legal
7	4 (4.49%)	Analytical Skills
7	4 (4.49%)	Investment Banking
7	4 (4.49%)	Manufacturing
8	2 (2.25%)	Cyber-Physical System
8	2 (2.25%)	Public Sector
8	2 (2.25%)	Retail
9	1 (1.12%)	Automotive
9	1 (1.12%)	Financial Institution
9	1 (1.12%)	Games
9	1 (1.12%)	Organisational Skills
9	1 (1.12%)	Presentation Skills

Job Titles
1	30 (33.71%)	Analyst
2	19 (21.35%)	Security Analyst
3	17 (19.10%)	Architect
4	16 (17.98%)	Senior
5	13 (14.61%)	Security Engineer
6	12 (13.48%)	Lead
7	10 (11.24%)	Senior Analyst
8	9 (10.11%)	Security Manager
8	9 (10.11%)	Senior Security Analyst
9	8 (8.99%)	Cloud Architect
9	8 (8.99%)	Cybersecurity Analyst
10	7 (7.87%)	Lead Architect
11	6 (6.74%)	Cybersecurity Architect
11	6 (6.74%)	Senior Architect
11	6 (6.74%)	SOC Engineer
12	4 (4.49%)	Cybersecurity Manager
12	4 (4.49%)	Data Engineer
12	4 (4.49%)	Information Manager
12	4 (4.49%)	Information Security Manager
12	4 (4.49%)	Operations Engineer

Libraries, Frameworks & Software Standards
1	10 (11.24%)	OAuth
1	10 (11.24%)	SAML
2	9 (10.11%)	REST
3	4 (4.49%)	Kafka
4	2 (2.25%)	802.1X
4	2 (2.25%)	Elastic Stack
4	2 (2.25%)	SOAP
4	2 (2.25%)	Web Services

Miscellaneous
1	24 (26.97%)	Cyber Kill Chain
2	17 (19.10%)	Cyber Threat
3	13 (14.61%)	Cyberattack
4	11 (12.36%)	Public Cloud
5	10 (11.24%)	Cyber Defence
6	8 (8.99%)	Management Information System
6	8 (8.99%)	Operational Technology
7	7 (7.87%)	Cloud Native
7	7 (7.87%)	Security Operations Centre
7	7 (7.87%)	Security Posture
8	4 (4.49%)	SCADA
9	2 (2.25%)	CAN bus
9	2 (2.25%)	Distributed Systems
9	2 (2.25%)	Insider Threat
9	2 (2.25%)	IoT
9	2 (2.25%)	NHS
9	2 (2.25%)	Self-Motivation
10	1 (1.12%)	Cloud Security Posture
10	1 (1.12%)	Cyber Security Posture
10	1 (1.12%)	Product Ownership

Operating Systems
1	13 (14.61%)	Windows
2	8 (8.99%)	Unix
3	6 (6.74%)	Linux
4	4 (4.49%)	CentOS
4	4 (4.49%)	Solaris
4	4 (4.49%)	Ubuntu
4	4 (4.49%)	Windows Server
4	4 (4.49%)	Windows XP
4	4 (4.49%)	zOS
5	1 (1.12%)	Mac OS X

Processes & Methodologies
1	55 (61.80%)	Cybersecurity
2	36 (40.45%)	Incident Response
3	33 (37.08%)	SIEM
4	29 (32.58%)	Information Security
5	28 (31.46%)	Vulnerability Management
6	24 (26.97%)	Threat Intelligence
7	23 (25.84%)	Cloud Security
7	23 (25.84%)	Cyber Threat Intelligence
7	23 (25.84%)	Security Operations
8	22 (24.72%)	Application Security
9	18 (20.22%)	DevSecOps
9	18 (20.22%)	OWASP
9	18 (20.22%)	Threat Modelling
10	17 (19.10%)	Identity Access Management
11	15 (16.85%)	Risk Management
12	14 (15.73%)	SOAR
13	13 (14.61%)	Use Case
14	12 (13.48%)	Security Management
15	10 (11.24%)	Penetration Testing
15	10 (11.24%)	Security Architecture

Programming Languages
1	4 (4.49%)	Kusto Query Language
2	3 (3.37%)	SQL
3	1 (1.12%)	C
3	1 (1.12%)	Java
3	1 (1.12%)	PowerShell
3	1 (1.12%)	Python
3	1 (1.12%)	R
3	1 (1.12%)	Scala

Qualifications
1	27 (30.34%)	CISSP
2	26 (29.21%)	CISM
3	11 (12.36%)	GIAC
4	9 (10.11%)	Degree
5	8 (8.99%)	Security Cleared
6	7 (7.87%)	AWS Certification
7	6 (6.74%)	AWS Certified Cloud Practitioner
8	5 (5.62%)	CREST Certified
9	4 (4.49%)	CEH
9	4 (4.49%)	CISA
9	4 (4.49%)	Computer Science Degree
9	4 (4.49%)	CRISC
9	4 (4.49%)	SANS
9	4 (4.49%)	SC Cleared
10	3 (3.37%)	CompTIA Security+
10	3 (3.37%)	DV Cleared
10	3 (3.37%)	GPEN
11	2 (2.25%)	CASP
11	2 (2.25%)	ECSA
11	2 (2.25%)	Master's Degree

Quality Assurance & Compliance
1	57 (64.04%)	NIST
2	24 (26.97%)	ISO/IEC 27001
3	11 (12.36%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
3	11 (12.36%)	PCI DSS
4	9 (10.11%)	NCSC
5	8 (8.99%)	GDPR
5	8 (8.99%)	GRC
6	5 (5.62%)	Cyber Essentials
7	4 (4.49%)	Cyber Essentials PLUS
7	4 (4.49%)	NIST 800
8	3 (3.37%)	COBIT
9	2 (2.25%)	ISO 22301
9	2 (2.25%)	SOC 2
9	2 (2.25%)	Web Application Security Consortium
10	1 (1.12%)	California Consumer Privacy Act
10	1 (1.12%)	COSO
10	1 (1.12%)	HIPAA
10	1 (1.12%)	ISO/IEC 27005
10	1 (1.12%)	PSD2
10	1 (1.12%)	Sarbanes-Oxley

System Software
1	7 (7.87%)	Docker
2	2 (2.25%)	Active Directory
3	1 (1.12%)	Hyper-V
3	1 (1.12%)	Virtual Machines

Systems Management
1	8 (8.99%)	Terraform
2	6 (6.74%)	Kubernetes
2	6 (6.74%)	Nmap
3	2 (2.25%)	Computer Emergency Response Teams
3	2 (2.25%)	logstash
3	2 (2.25%)	Microsoft Intune
3	2 (2.25%)	QRadar
4	1 (1.12%)	Host Intrusion Detection System
4	1 (1.12%)	Kibana
4	1 (1.12%)	Nessus
4	1 (1.12%)	SCCM

Vendors
1	20 (22.47%)	Microsoft
2	8 (8.99%)	Qualys
3	5 (5.62%)	Splunk
4	3 (3.37%)	Intel
5	1 (1.12%)	Carbon Black
5	1 (1.12%)	CrowdStrike
5	1 (1.12%)	Darktrace
5	1 (1.12%)	Google
5	1 (1.12%)	IBM
5	1 (1.12%)	LogRhythm
5	1 (1.12%)	McAfee
5	1 (1.12%)	Netskope
5	1 (1.12%)	Palo Alto
5	1 (1.12%)	Tanium
5	1 (1.12%)	VMware
5	1 (1.12%)	Zscaler

MITRE ATT&CKUK

All Process and Methodology SkillsUK

MITRE ATT&CKJob Vacancy Trend

MITRE ATT&CKSalary Trend

MITRE ATT&CKSalary Histogram

MITRE ATT&CKTop 12 Job Locations

MITRE ATT&CKTop 30 Co-occurring Skills and Capabilities

MITRE ATT&CKCo-occurring Skills and Capabilities by Category