Period
to 17 January 2020

The following table provides summary statistics for permanent job vacancies with a requirement for NIST skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited NIST over the 6 months to 17 January 2020 with a comparison to the same period in the previous 2 years.

National Institute of Standards and Technology (NIST)
UK
6 months to
17 Jan 2020
Same period 2019 Same period 2018
Rank 476 567 817
Rank change year-on-year +91 +250 +106
Permanent jobs citing NIST 683 695 379
As % of all permanent IT jobs advertised in the UK 0.54% 0.46% 0.22%
As % of the Quality Assurance & Compliance category 4.30% 3.32% 1.73%
Number of salaries quoted 509 489 271
UK median annual salary £62,500 £62,500 £62,500
10th Percentile £42,500 £47,500 £45,000
90th Percentile £95,000 £92,500 £92,500
UK excluding London median annual salary £62,500 £60,000 £55,000
% change year-on-year +4.17% +9.09% -8.33%

NIST is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 15,884 20,959 21,871
As % of all permanent IT jobs advertised in the UK 12.59% 13.86% 12.63%
Number of salaries quoted 12,188 15,376 16,833
UK median annual salary £51,535 £50,000 £50,000
Median salary % change year-on-year +3.07% - +5.26%
10th Percentile £28,500 £27,500 £27,500
90th Percentile £83,750 £80,000 £80,000
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% -

NIST
Job Vacancy Trend

Job postings citing NIST as a percentage of all IT jobs advertised.

Job vacancy trend for NIST in the UK

NIST
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing NIST.

Salary trend for NIST in the UK

NIST
Salary Histogram

The salary distribution of IT jobs citing NIST over the 6 months to 17 January 2020.

Salary histogram for NIST in the UK

NIST
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing NIST within the UK over the 6 months to 17 January 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +69 629 £62,500 - 59
UK excluding London +76 401 £62,500 +4.17% 40
London +58 256 £65,000 -7.14% 25
South East +66 174 £67,500 +12.50% 8
Midlands +84 80 £60,000 - 11
North of England 0 79 £50,000 -16.67% 8
West Midlands +38 55 £60,000 - 11
North West -20 46 £45,250 -24.58% 5
Yorkshire +55 33 £55,000 +3.39% 3
South West +26 29 £60,000 -2.04% 2
East Midlands +46 25 £67,500 +12.50%
Scotland +37 25 £69,500 +15.83% 4
East of England +42 7 £70,000 -22.22% 5
Wales -9 6 £62,500 +18.48% 2
Northern Ireland - 1 - -

For the 6 months to 17 January 2020, IT jobs citing NIST also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for NIST.

1 456 (66.76%) Information Security
2 454 (66.47%) ISO/IEC 27001
3 391 (57.25%) Cybersecurity
4 345 (50.51%) CISSP
5 298 (43.63%) CISM
6 198 (28.99%) Finance
7 196 (28.70%) GDPR
8 185 (27.09%) Risk Management
9 184 (26.94%) SIEM
10 180 (26.35%) PCI DSS
11 170 (24.89%) Management Information System
12 161 (23.57%) CISA
13 153 (22.40%) Security Architecture
14 135 (19.77%) Firewall
15 119 (17.42%) Degree
16 117 (17.13%) COBIT
16 117 (17.13%) Security Operations
17 113 (16.54%) Vulnerability Management
18 107 (15.67%) ITIL
18 107 (15.67%) Data Protection
19 104 (15.23%) Security Management
20 100 (14.64%) OWASP
21 99 (14.49%) Azure
22 98 (14.35%) Penetration Testing
23 88 (12.88%) CRISC
24 85 (12.45%) Sarbanes-Oxley
25 82 (12.01%) TOGAF
26 80 (11.71%) Cisco Certification
27 76 (11.13%) AWS
28 75 (10.98%) Stakeholder Management

NIST
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 20 (2.93%) SharePoint
2 6 (0.88%) IIS
2 6 (0.88%) MS Exchange
3 5 (0.73%) Elasticsearch
4 2 (0.29%) MediaWiki
5 1 (0.15%) Apache
5 1 (0.15%) Confluence
5 1 (0.15%) Exchange Server 2010
5 1 (0.15%) nginx
5 1 (0.15%) Tomcat
Applications
1 8 (1.17%) Microsoft Excel
1 8 (1.17%) Microsoft Office
2 2 (0.29%) Microsoft PowerPoint
3 1 (0.15%) MS Visio
Business Applications
1 3 (0.44%) Sparx Enterprise Architect
2 2 (0.29%) Dynamics CRM
2 2 (0.29%) Dynamics NAV
3 1 (0.15%) NetSuite
3 1 (0.15%) Relativity
Cloud Services
1 99 (14.49%) Azure
2 76 (11.13%) AWS
3 41 (6.00%) Office 365
4 27 (3.95%) PaaS
5 26 (3.81%) IaaS
6 22 (3.22%) GCP
6 22 (3.22%) SaaS
7 12 (1.76%) Azure Active Directory
8 10 (1.46%) Cloud Computing
9 8 (1.17%) OneDrive
10 5 (0.73%) G Suite
11 3 (0.44%) Dynamics 365
12 2 (0.29%) Power Platform
13 1 (0.15%) Amazon CloudWatch
13 1 (0.15%) Amazon ELB
13 1 (0.15%) Apigee
13 1 (0.15%) AWS CloudFormation
13 1 (0.15%) Mimecast
13 1 (0.15%) OpenShift
13 1 (0.15%) Virtual Private Cloud
Communications & Networking
1 135 (19.77%) Firewall
2 71 (10.40%) Network Security
3 30 (4.39%) LAN
3 30 (4.39%) WAN
4 29 (4.25%) VPN
5 25 (3.66%) Intrusion Detection
6 18 (2.64%) RTP
7 17 (2.49%) TCP/IP
8 13 (1.90%) Internet
9 9 (1.32%) PPP
10 8 (1.17%) SAN
11 7 (1.02%) Wireshark
12 6 (0.88%) DNS
13 4 (0.59%) NetScaler
14 3 (0.44%) Cisco ASA
14 3 (0.44%) DHCP
14 3 (0.44%) HTTP
14 3 (0.44%) Kerberos
15 2 (0.29%) SMTP
15 2 (0.29%) Wi-Fi
Database & Business Intelligence
1 8 (1.17%) SQL Server
2 4 (0.59%) Geospatial Data
2 4 (0.59%) GIS
3 2 (0.29%) Power BI
4 1 (0.15%) Amazon RDS
4 1 (0.15%) Apache Cassandra
4 1 (0.15%) Azure SQL Database
4 1 (0.15%) Big Data
4 1 (0.15%) Blockchain
4 1 (0.15%) Data Lake
4 1 (0.15%) MySQL
4 1 (0.15%) Relational Database
Development Applications
1 7 (1.02%) Chocolatey
2 6 (0.88%) ReSharper
2 6 (0.88%) SonarQube
3 5 (0.73%) JIRA
4 3 (0.44%) Git (software)
5 2 (0.29%) IDA Disassembler
5 2 (0.29%) Jenkins
5 2 (0.29%) Metasploit
5 2 (0.29%) Octopus Deploy
6 1 (0.15%) Subversion
General
1 198 (28.99%) Finance
2 57 (8.35%) Legal
3 53 (7.76%) Retail
4 29 (4.25%) Law
5 28 (4.10%) Public Sector
6 17 (2.49%) Banking
7 16 (2.34%) Financial Institution
7 16 (2.34%) Telecoms
8 12 (1.76%) Games
9 10 (1.46%) Aerospace
10 8 (1.17%) Billing
11 6 (0.88%) Manufacturing
11 6 (0.88%) Marketing
12 4 (0.59%) Back Office
13 1 (0.15%) Electronics
13 1 (0.15%) International Banking
Job Titles
1 128 (18.74%) Analyst
2 113 (16.54%) Security Analyst
3 101 (14.79%) Consultant
4 96 (14.06%) Architect
5 93 (13.62%) Security Architect
6 74 (10.83%) Security Manager
7 64 (9.37%) Security Consultant
8 60 (8.78%) Security Engineer
9 57 (8.35%) Information Analyst
9 57 (8.35%) Information Security Analyst
10 45 (6.59%) Information Security Manager
11 43 (6.30%) Information Manager
12 37 (5.42%) Security Officer
13 35 (5.12%) Information Security Officer
14 34 (4.98%) Information Officer
15 30 (4.39%) IT Architect
15 30 (4.39%) IT Security Architect
16 28 (4.10%) Information Security Consultant
16 28 (4.10%) Risk Analyst
17 26 (3.81%) IT Analyst
Libraries, Frameworks & Software Standards
1 14 (2.05%) OAuth
2 12 (1.76%) OAuth2
2 12 (1.76%) XACML
3 9 (1.32%) OpenID
3 9 (1.32%) Web Services
4 7 (1.02%) .NET
4 7 (1.02%) SailPoint
5 6 (0.88%) .NET Core
5 6 (0.88%) .NET Framework
6 4 (0.59%) SAML
7 3 (0.44%) LDAP
7 3 (0.44%) ModSecurity
8 1 (0.15%) D3.js
8 1 (0.15%) EDI
8 1 (0.15%) RESTful
8 1 (0.15%) Spring
8 1 (0.15%) Spring Boot
Miscellaneous
1 170 (24.89%) Management Information System
2 67 (9.81%) Data Protection Act
3 46 (6.73%) Analytical Skills
4 36 (5.27%) Self-Motivation
5 29 (4.25%) Cyberthreat
6 26 (3.81%) Security Operations Centre
7 20 (2.93%) Smart Meter
8 18 (2.64%) Cyberattack
9 14 (2.05%) Cyber Kill Chain
9 14 (2.05%) PKI
10 11 (1.61%) Cloud Native
10 11 (1.61%) Cyber Defence
10 11 (1.61%) Data Centre
10 11 (1.61%) Distributed Denial-of-Service
11 10 (1.46%) Enterprise Software
11 10 (1.46%) Smart Energy
12 9 (1.32%) Private Cloud
13 8 (1.17%) CESG
13 8 (1.17%) Learning Management System
13 8 (1.17%) Online Games
Operating Systems
1 40 (5.86%) Linux
1 40 (5.86%) Windows
2 18 (2.64%) Windows Server
3 14 (2.05%) Windows 10
4 11 (1.61%) Windows Server 2012
5 4 (0.59%) Windows Server 2008
6 3 (0.44%) Unix
7 2 (0.29%) Fedora
7 2 (0.29%) Kali Linux
8 1 (0.15%) Amazon Linux
8 1 (0.15%) Android
8 1 (0.15%) Apple iOS
8 1 (0.15%) CentOS
8 1 (0.15%) Red Hat Enterprise Linux
8 1 (0.15%) Windows 7
Processes & Methodologies
1 456 (66.76%) Information Security
2 391 (57.25%) Cybersecurity
3 185 (27.09%) Risk Management
4 184 (26.94%) SIEM
5 153 (22.40%) Security Architecture
6 117 (17.13%) Security Operations
7 113 (16.54%) Vulnerability Management
8 107 (15.67%) Data Protection
8 107 (15.67%) ITIL
9 104 (15.23%) Security Management
10 100 (14.64%) OWASP
11 98 (14.35%) Penetration Testing
12 82 (12.01%) TOGAF
13 75 (10.98%) Stakeholder Management
14 68 (9.96%) Incident Management
15 67 (9.81%) SABSA
16 66 (9.66%) Risk Assessment
17 62 (9.08%) Continuous Improvement
17 62 (9.08%) Problem-Solving
17 62 (9.08%) Threat Intelligence
Programming Languages
1 22 (3.22%) PowerShell
2 21 (3.07%) Python
3 17 (2.49%) C
4 9 (1.32%) SQL
5 6 (0.88%) JavaScript
6 2 (0.29%) Bash Shell
6 2 (0.29%) Java
6 2 (0.29%) Shell Script
7 1 (0.15%) C#
7 1 (0.15%) Perl
7 1 (0.15%) Ruby
Qualifications
1 345 (50.51%) CISSP
2 298 (43.63%) CISM
3 161 (23.57%) CISA
4 119 (17.42%) Degree
5 88 (12.88%) CRISC
6 80 (11.71%) Cisco Certification
7 63 (9.22%) CEH
7 63 (9.22%) Security Cleared
8 50 (7.32%) SANS
9 47 (6.88%) GIAC
10 46 (6.73%) SC Cleared
11 43 (6.30%) (ISC)2 CCSP
12 31 (4.54%) SSCP
13 24 (3.51%) CREST Certified
14 22 (3.22%) CompTIA Security+
15 21 (3.07%) GSEC
16 19 (2.78%) CCSP
17 18 (2.64%) CESG Certified Professional
18 15 (2.20%) ISO 27001 Lead Auditor
19 13 (1.90%) DV Cleared
Quality Assurance & Compliance
1 454 (66.47%) ISO/IEC 27001
2 196 (28.70%) GDPR
3 180 (26.35%) PCI DSS
4 117 (17.13%) COBIT
5 85 (12.45%) Sarbanes-Oxley
6 67 (9.81%) NIST 800
7 59 (8.64%) Cyber Essentials
8 55 (8.05%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 47 (6.88%) NCSC
10 32 (4.69%) QA
11 23 (3.37%) COSO
12 16 (2.34%) HIPAA
13 15 (2.20%) HMG Security Policy Framework
13 15 (2.20%) SLA
14 11 (1.61%) FISMA
14 11 (1.61%) ISO/IEC 27005
15 9 (1.32%) ISO 9001
15 9 (1.32%) RMADS
16 8 (1.17%) JSP 440
16 8 (1.17%) PMO
System Software
1 31 (4.54%) Active Directory
2 20 (2.93%) VMware Infrastructure
3 6 (0.88%) Hyper-V
3 6 (0.88%) VMware ESXi
4 4 (0.59%) Docker
5 2 (0.29%) Snort
5 2 (0.29%) vSphere
Systems Management
1 25 (3.66%) Nessus
2 10 (1.46%) Norton AntiVirus
2 10 (1.46%) Terraform
3 9 (1.32%) Microsoft Intune
4 8 (1.17%) HP Fortify
4 8 (1.17%) WebInspect
5 7 (1.02%) Ansible
5 7 (1.02%) Opscode Chef
6 5 (0.73%) Computer Emergency Response Teams
6 5 (0.73%) CSIRT
6 5 (0.73%) Nmap
7 4 (0.59%) CASB
7 4 (0.59%) Suricata
7 4 (0.59%) vCenter Server
8 2 (0.29%) Avamar
8 2 (0.29%) Host Intrusion Detection System
8 2 (0.29%) Kubernetes
8 2 (0.29%) SCCM
8 2 (0.29%) Single Sign-On
8 2 (0.29%) vRealize
Vendors
1 66 (9.66%) Microsoft
2 28 (4.10%) VMware
3 21 (3.07%) Cisco
3 21 (3.07%) Qualys
4 19 (2.78%) Symantec
5 17 (2.49%) CA
6 15 (2.20%) Splunk
7 12 (1.76%) LogRhythm
7 12 (1.76%) McAfee
7 12 (1.76%) Palo Alto
8 11 (1.61%) Google
9 10 (1.46%) Fortinet
10 9 (1.32%) Oracle
11 8 (1.17%) Apple
11 8 (1.17%) Black Duck
11 8 (1.17%) CheckPoint
11 8 (1.17%) Micro Focus
11 8 (1.17%) Sonatype
12 6 (0.88%) Varonis
13 5 (0.73%) CyberArk