Period
to 22 October 2019

The following table provides summary statistics for permanent job vacancies with a requirement for NIST skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited NIST over the 6 months to 22 October 2019 with a comparison to the same period in the previous 2 years.

National Institute of Standards and Technology (NIST)
UK
6 months to
22 Oct 2019
Same period 2018 Same period 2017
Rank 506 656 898
Rank change year-on-year +150 +242 +96
Permanent jobs citing NIST 697 596 323
As % of all permanent IT jobs advertised in the UK 0.51% 0.36% 0.19%
As % of the Quality Assurance & Compliance category 3.86% 2.74% 1.48%
Number of salaries quoted 512 423 248
UK median annual salary £65,000 £62,500 £65,500
Median salary % change year-on-year +4.00% -4.58% -2.96%
10th Percentile £42,500 £45,500 £45,000
90th Percentile £97,500 £92,500 £94,125
UK excluding London median annual salary £62,500 £60,000 £57,500
% change year-on-year +4.17% +4.35% -4.17%

NIST is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 18,069 21,740 21,805
As % of all permanent IT jobs advertised in the UK 13.21% 13.19% 12.50%
Number of salaries quoted 13,523 16,505 16,158
UK median annual salary £50,000 £50,000 £50,000
10th Percentile £28,250 £28,000 £27,500
90th Percentile £82,500 £80,000 £77,500
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% -

NIST
Job Vacancy Trend

Job postings citing NIST as a percentage of all IT jobs advertised.

Job vacancy trend for NIST in the UK

NIST
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing NIST.

Salary trend for NIST in the UK

NIST
Salary Histogram

The salary distribution of IT jobs citing NIST over the 6 months to 22 October 2019.

Salary histogram for NIST in the UK

NIST
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing NIST within the UK over the 6 months to 22 October 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +127 661 £65,000 +4.00% 88
UK excluding London +109 365 £62,500 +4.17% 57
London +111 309 £75,000 +7.14% 36
South East +53 139 £70,000 +21.74% 19
North of England +24 85 £51,363 -14.39% 17
South West +64 56 £60,000 -5.88% 5
North West +20 54 £46,000 -23.33% 13
Midlands +78 51 £55,000 -4.35% 8
West Midlands +53 32 £52,945 -7.92% 4
Yorkshire +17 30 £55,000 -8.33% 3
East Midlands +40 19 £70,000 - 4
East of England +53 17 £65,000 -7.14% 3
Scotland +19 15 £70,000 +14.29% 4
Wales +18 2 £49,000 +20.99% 1
North East +21 1 £90,000 +140.00% 1

For the 6 months to 22 October 2019, IT jobs citing NIST also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for NIST.

1 478 (68.58%) ISO/IEC 27001
2 439 (62.98%) Information Security
3 384 (55.09%) CISSP
4 373 (53.52%) Cybersecurity
5 310 (44.48%) CISM
6 209 (29.99%) PCI DSS
7 204 (29.27%) CISA
8 202 (28.98%) Security Architecture
9 168 (24.10%) GDPR
10 165 (23.67%) Finance
11 163 (23.39%) Degree
12 156 (22.38%) SIEM
13 149 (21.38%) Management Information System
14 140 (20.09%) Risk Management
15 129 (18.51%) Security Operations
16 114 (16.36%) COBIT
17 113 (16.21%) TOGAF
18 112 (16.07%) Firewall
19 107 (15.35%) SABSA
20 99 (14.20%) Vulnerability Management
21 97 (13.92%) CRISC
21 97 (13.92%) ITIL
22 96 (13.77%) Azure
23 93 (13.34%) OWASP
23 93 (13.34%) Data Protection
24 91 (13.06%) Penetration Testing
25 87 (12.48%) AWS
26 82 (11.76%) Security Management
27 80 (11.48%) Agile Software Development
28 76 (10.90%) Sarbanes-Oxley

NIST
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 17 (2.44%) SharePoint
2 8 (1.15%) IIS
3 5 (0.72%) Elasticsearch
4 4 (0.57%) MediaWiki
5 3 (0.43%) MS Exchange
6 2 (0.29%) Apache
6 2 (0.29%) Confluence
6 2 (0.29%) nginx
6 2 (0.29%) Tomcat
Applications
1 7 (1.00%) Microsoft Office
2 5 (0.72%) Microsoft Excel
3 3 (0.43%) Microsoft PowerPoint
4 1 (0.14%) Microsoft Project
4 1 (0.14%) MS Visio
Business Applications
1 8 (1.15%) Sparx Enterprise Architect
2 1 (0.14%) Relativity
2 1 (0.14%) SAP GRC
Cloud Services
1 96 (13.77%) Azure
2 87 (12.48%) AWS
3 42 (6.03%) SaaS
4 30 (4.30%) GCP
5 25 (3.59%) PaaS
6 24 (3.44%) IaaS
7 20 (2.87%) Office 365
8 18 (2.58%) Azure Active Directory
9 13 (1.87%) Cloud Computing
10 10 (1.43%) Power Platform
11 4 (0.57%) Microsoft Flow
12 2 (0.29%) Amazon CloudWatch
12 2 (0.29%) Amazon EC2
12 2 (0.29%) Amazon ELB
12 2 (0.29%) Amazon S3
12 2 (0.29%) AWS CloudFormation
12 2 (0.29%) OneDrive
12 2 (0.29%) Route 53
12 2 (0.29%) Virtual Private Cloud
13 1 (0.14%) Akamai
Communications & Networking
1 112 (16.07%) Firewall
2 68 (9.76%) Network Security
3 41 (5.88%) Intrusion Detection
4 31 (4.45%) LAN
5 29 (4.16%) Internet
6 27 (3.87%) WAN
7 22 (3.16%) TCP/IP
8 17 (2.44%) VPN
9 15 (2.15%) RTP
10 8 (1.15%) Wireless
11 6 (0.86%) DNS
11 6 (0.86%) PPP
11 6 (0.86%) SAN
12 5 (0.72%) Intranet
12 5 (0.72%) tcpdump
12 5 (0.72%) Wireshark
13 4 (0.57%) HTTP
14 3 (0.43%) DHCP
14 3 (0.43%) SMTP
14 3 (0.43%) WLAN
Database & Business Intelligence
1 7 (1.00%) Power BI
1 7 (1.00%) SQL Server
2 4 (0.57%) Geospatial Data
3 2 (0.29%) Amazon RDS
4 1 (0.14%) Apache Cassandra
4 1 (0.14%) Big Data
4 1 (0.14%) Data Lake
4 1 (0.14%) Relational Database
Development Applications
1 10 (1.43%) JIRA
2 7 (1.00%) SonarQube
3 5 (0.72%) IDA Disassembler
4 4 (0.57%) Git (software)
4 4 (0.57%) Octopus Deploy
5 2 (0.29%) Jenkins
5 2 (0.29%) Subversion
5 2 (0.29%) Visual Studio
6 1 (0.14%) Metasploit
General
1 165 (23.67%) Finance
2 69 (9.90%) Legal
3 45 (6.46%) Retail
4 37 (5.31%) Public Sector
5 30 (4.30%) Banking
6 29 (4.16%) Law
7 18 (2.58%) Financial Institution
8 16 (2.30%) Games
9 13 (1.87%) Telecoms
10 12 (1.72%) Marketing
11 9 (1.29%) Aerospace
12 8 (1.15%) Billing
12 8 (1.15%) Manufacturing
13 2 (0.29%) Back Office
14 1 (0.14%) Electronics
Job Titles
1 132 (18.94%) Architect
2 126 (18.08%) Security Architect
3 111 (15.93%) Consultant
4 110 (15.78%) Analyst
5 102 (14.63%) Security Analyst
6 89 (12.77%) Security Consultant
7 68 (9.76%) Security Manager
8 63 (9.04%) Information Analyst
8 63 (9.04%) Information Security Analyst
9 52 (7.46%) Security Engineer
10 41 (5.88%) Information Security Consultant
11 29 (4.16%) Information Architect
11 29 (4.16%) Information Security Architect
11 29 (4.16%) Risk Analyst
12 28 (4.02%) Security Risk Analyst
13 27 (3.87%) Head of Security
13 27 (3.87%) IT Architect
13 27 (3.87%) IT Security Architect
14 26 (3.73%) Senior Consultant
15 25 (3.59%) Security Specialist
Libraries, Frameworks & Software Standards
1 30 (4.30%) OAuth
2 16 (2.30%) SAML
3 15 (2.15%) OAuth2
3 15 (2.15%) OpenID
4 11 (1.58%) XACML
5 8 (1.15%) SailPoint
6 6 (0.86%) Web Services
7 4 (0.57%) OLE
8 2 (0.29%) jQuery
8 2 (0.29%) LDAP
9 1 (0.14%) D3.js
9 1 (0.14%) EDI
9 1 (0.14%) Regular Expression
9 1 (0.14%) RESTful
9 1 (0.14%) Spring
9 1 (0.14%) Spring Boot
9 1 (0.14%) XSL
Miscellaneous
1 149 (21.38%) Management Information System
2 58 (8.32%) Data Protection Act
3 52 (7.46%) Analytical Skills
4 48 (6.89%) Cyberthreat
5 29 (4.16%) Security Operations Centre
6 27 (3.87%) Self-Motivation
7 23 (3.30%) CESG
8 20 (2.87%) Internet of Things
9 19 (2.73%) Cyberattack
10 15 (2.15%) Cyber Defence
11 14 (2.01%) Cyber Kill Chain
11 14 (2.01%) Data Centre
11 14 (2.01%) Public Cloud
12 13 (1.87%) Distributed Denial-of-Service
12 13 (1.87%) Mobile App
12 13 (1.87%) PKI
13 11 (1.58%) Smart Meter
14 10 (1.43%) Enterprise Software
15 9 (1.29%) Mobile Computing
15 9 (1.29%) Reinsurance
Operating Systems
1 55 (7.89%) Linux
2 53 (7.60%) Windows
3 9 (1.29%) Windows Server
4 5 (0.72%) Unix
5 4 (0.57%) Windows 10
6 3 (0.43%) Windows Server 2008
7 2 (0.29%) Amazon Linux
7 2 (0.29%) CentOS
7 2 (0.29%) Fedora
7 2 (0.29%) Kali Linux
7 2 (0.29%) Red Hat Enterprise Linux
7 2 (0.29%) Solaris
7 2 (0.29%) Windows Server 2012
8 1 (0.14%) Android
8 1 (0.14%) Apple iOS
8 1 (0.14%) Windows 7
Processes & Methodologies
1 439 (62.98%) Information Security
2 373 (53.52%) Cybersecurity
3 202 (28.98%) Security Architecture
4 156 (22.38%) SIEM
5 140 (20.09%) Risk Management
6 129 (18.51%) Security Operations
7 113 (16.21%) TOGAF
8 107 (15.35%) SABSA
9 99 (14.20%) Vulnerability Management
10 97 (13.92%) ITIL
11 93 (13.34%) Data Protection
11 93 (13.34%) OWASP
12 91 (13.06%) Penetration Testing
13 82 (11.76%) Security Management
14 80 (11.48%) Agile Software Development
15 76 (10.90%) Continuous Improvement
16 72 (10.33%) Stakeholder Management
17 70 (10.04%) SDLC
18 69 (9.90%) Problem-Solving
19 65 (9.33%) Security Testing
Programming Languages
1 17 (2.44%) C
2 15 (2.15%) Python
3 14 (2.01%) PowerShell
4 9 (1.29%) SQL
5 6 (0.86%) Java
6 4 (0.57%) F#
6 4 (0.57%) Haskell
6 4 (0.57%) PureScript
6 4 (0.57%) Scala
7 3 (0.43%) Bash Shell
7 3 (0.43%) JavaScript
7 3 (0.43%) Shell Script
8 2 (0.29%) C#
8 2 (0.29%) Ruby
9 1 (0.14%) Perl
Qualifications
1 384 (55.09%) CISSP
2 310 (44.48%) CISM
3 204 (29.27%) CISA
4 163 (23.39%) Degree
5 97 (13.92%) CRISC
6 71 (10.19%) Cisco Certification
7 65 (9.33%) Security Cleared
8 61 (8.75%) CEH
9 50 (7.17%) GIAC
10 46 (6.60%) SC Cleared
11 43 (6.17%) SANS
12 41 (5.88%) (ISC)2 CCSP
13 30 (4.30%) CREST Certified
14 29 (4.16%) CESG Certified Professional
14 29 (4.16%) Computer Science Degree
14 29 (4.16%) Microsoft Certification
15 24 (3.44%) SSCP
16 20 (2.87%) MCSE
17 18 (2.58%) ISO 27001 Lead Implementer
18 14 (2.01%) CompTIA Security+
Quality Assurance & Compliance
1 478 (68.58%) ISO/IEC 27001
2 209 (29.99%) PCI DSS
3 168 (24.10%) GDPR
4 114 (16.36%) COBIT
5 76 (10.90%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 76 (10.90%) Sarbanes-Oxley
6 74 (10.62%) Cyber Essentials
7 53 (7.60%) NCSC
8 49 (7.03%) NIST 800
9 20 (2.87%) ISO/IEC 27005
10 17 (2.44%) HMG Security Policy Framework
11 15 (2.15%) ISO 9001
12 13 (1.87%) HIPAA
12 13 (1.87%) ITGC
13 12 (1.72%) SAS 70
14 11 (1.58%) COSO
14 11 (1.58%) ISO 22301
15 10 (1.43%) QA
15 10 (1.43%) SLA
16 8 (1.15%) Data Quality
System Software
1 41 (5.88%) Active Directory
2 13 (1.87%) VMware Infrastructure
3 6 (0.86%) VMware ESXi
4 4 (0.57%) Snort
5 2 (0.29%) Docker
5 2 (0.29%) ISA Server
5 2 (0.29%) vSphere
6 1 (0.14%) Hyper-V
Systems Management
1 21 (3.01%) Nessus
2 11 (1.58%) Computer Emergency Response Teams
3 8 (1.15%) Norton AntiVirus
4 6 (0.86%) CASB
5 5 (0.72%) CSIRT
5 5 (0.72%) Single Sign-On
6 4 (0.57%) QRadar
6 4 (0.57%) Suricata
6 4 (0.57%) Terraform
6 4 (0.57%) vCenter Server
7 2 (0.29%) Ansible
7 2 (0.29%) Avamar
7 2 (0.29%) Backup Exec
7 2 (0.29%) IBM Guardium
7 2 (0.29%) Microsoft Intune
7 2 (0.29%) Opscode Chef
7 2 (0.29%) SCCM
7 2 (0.29%) Trend Micro Deep Security
7 2 (0.29%) vRealize
8 1 (0.14%) RSA Archer
Vendors
1 70 (10.04%) Microsoft
2 24 (3.44%) CA
2 24 (3.44%) Symantec
3 23 (3.30%) Splunk
4 22 (3.16%) Qualys
5 19 (2.73%) Google
6 17 (2.44%) Cisco
6 17 (2.44%) McAfee
7 16 (2.30%) VMware
8 15 (2.15%) Palo Alto
9 13 (1.87%) Oracle
10 10 (1.43%) CheckPoint
11 8 (1.15%) Fortinet
11 8 (1.15%) Imperva
11 8 (1.15%) Sparx
12 7 (1.00%) CyberArk
12 7 (1.00%) Varonis
13 6 (0.86%) ArcSight
13 6 (0.86%) LogRhythm
13 6 (0.86%) SonicWALL