Period
to 2 April 2020

The following table provides summary statistics for permanent job vacancies with a requirement for NIST skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited NIST over the 6 months to 2 April 2020 with a comparison to the same period in the previous 2 years.

National Institute of Standards and Technology (NIST)
UK
6 months to
2 Apr 2020
Same period 2019 Same period 2018
Rank 490 555 763
Rank change year-on-year +65 +208 +149
Permanent jobs citing NIST 622 699 478
As % of all permanent jobs advertised in the UK 0.53% 0.47% 0.27%
As % of the Quality Assurance & Compliance category 4.32% 3.37% 2.12%
Number of salaries quoted 476 492 341
Median annual salary £65,000 £62,500 £65,000
Median salary % change year-on-year +4.00% -3.85% -
10th Percentile £42,500 £43,875 £45,000
90th Percentile £90,000 £97,500 £110,000
UK excluding London median annual salary £62,500 £60,000 £55,000
% change year-on-year +4.17% +9.09% -8.33%

NIST is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 14,383 20,731 22,590
As % of all permanent IT jobs advertised in the UK 12.28% 14.00% 12.76%
Number of salaries quoted 11,041 15,053 17,581
Median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +5.26%
10th Percentile £28,750 £27,625 £27,500
90th Percentile £85,000 £81,250 £80,000
UK excluding London median annual salary £45,000 £45,000 £43,750
% change year-on-year - +2.86% +6.06%

NIST
Job Vacancy Trend

Job postings citing NIST as a proportion of all IT jobs advertised.

Job vacancy trend for NIST in the UK

NIST
Salary Trend

3-month moving average salary quoted in jobs citing NIST.

Salary trend for NIST in the UK

NIST
Salary Histogram

Salary distribution for jobs citing NIST over the 6 months to 2 April 2020.

Salary histogram for NIST in the UK

NIST
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing NIST within the UK over the 6 months to 2 April 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +58 563 £62,500 -3.85% 50
UK excluding London +80 355 £62,500 +4.17% 38
London +61 243 £65,000 -10.34% 15
South East +50 143 £70,000 +16.67% 10
Midlands +94 77 £60,000 - 2
North of England +66 70 £50,500 -15.83% 8
West Midlands +70 63 £60,000 - 2
North West +18 46 £50,000 -16.67% 7
Work from Home +36 40 £78,750 +31.25% 2
Scotland +50 26 £60,000 +4.35% 2
Yorkshire +65 24 £54,000 +3.85% 1
South West +27 23 £80,000 +33.33% 6
East Midlands +39 14 £65,000 +8.33%
East of England +14 7 £62,500 +4.17% 9
Wales -4 6 £66,250 +6.00%
Northern Ireland - 5 - - 1

For the 6 months to 2 April 2020, IT jobs citing NIST also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for NIST.

1 427 (68.65%) Information Security
2 377 (60.61%) ISO/IEC 27001
3 351 (56.43%) Cybersecurity
4 255 (41.00%) CISSP
5 210 (33.76%) Risk Management
6 199 (31.99%) CISM
7 194 (31.19%) Finance
8 159 (25.56%) GDPR
9 152 (24.44%) SIEM
10 151 (24.28%) PCI DSS
11 139 (22.35%) Management Information System
12 123 (19.77%) Firewall
13 121 (19.45%) ITIL
14 119 (19.13%) CISA
15 113 (18.17%) COBIT
16 108 (17.36%) Security Architecture
16 108 (17.36%) Penetration Testing
17 103 (16.56%) Azure
18 102 (16.40%) Data Protection
19 100 (16.08%) Security Management
20 98 (15.76%) OWASP
21 84 (13.50%) Cisco Certification
21 84 (13.50%) Security Operations
22 79 (12.70%) Vulnerability Management
23 77 (12.38%) NIST 800
24 76 (12.22%) Microsoft
25 74 (11.90%) Sarbanes-Oxley
25 74 (11.90%) CRISC
26 72 (11.58%) AWS
27 71 (11.41%) Information Security Management

NIST
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 14 (2.25%) SharePoint
2 7 (1.13%) Apache Spark
3 4 (0.64%) MS Exchange
4 3 (0.48%) ColdFusion
4 3 (0.48%) IIS
5 2 (0.32%) Elasticsearch
6 1 (0.16%) Exchange Server 2010
Applications
1 12 (1.93%) Microsoft Excel
2 10 (1.61%) Microsoft Office
3 3 (0.48%) MS Visio
Business Applications
1 2 (0.32%) Dynamics CRM
1 2 (0.32%) Dynamics NAV
2 1 (0.16%) NetSuite
2 1 (0.16%) Sparx Enterprise Architect
Cloud Services
1 103 (16.56%) Azure
2 72 (11.58%) AWS
3 44 (7.07%) Office 365
4 41 (6.59%) IaaS
5 40 (6.43%) PaaS
6 39 (6.27%) SaaS
7 12 (1.93%) Azure Active Directory
8 10 (1.61%) G Suite
9 9 (1.45%) Cloud Computing
10 8 (1.29%) GCP
10 8 (1.29%) Power Platform
11 7 (1.13%) AWS Lambda
11 7 (1.13%) Azure Functions
11 7 (1.13%) Dropbox
11 7 (1.13%) OneDrive
11 7 (1.13%) PowerApps
11 7 (1.13%) Serverless
11 7 (1.13%) Slack
12 3 (0.48%) Dynamics 365
13 2 (0.32%) Amazon GuardDuty
Communications & Networking
1 123 (19.77%) Firewall
2 51 (8.20%) Network Security
3 22 (3.54%) Intrusion Detection
4 21 (3.38%) VPN
5 16 (2.57%) Internet
6 15 (2.41%) WAN
7 14 (2.25%) DNS
7 14 (2.25%) RTP
8 13 (2.09%) TCP/IP
9 12 (1.93%) LAN
10 9 (1.45%) Wireshark
11 6 (0.96%) PPP
12 5 (0.80%) DHCP
12 5 (0.80%) SAN
12 5 (0.80%) Wireless
13 4 (0.64%) NetScaler
13 4 (0.64%) tcpdump
14 3 (0.48%) Cisco ASA
14 3 (0.48%) SCCP
14 3 (0.48%) SSL
Database & Business Intelligence
1 7 (1.13%) PostgreSQL
1 7 (1.13%) SQL Server
2 4 (0.64%) GIS
2 4 (0.64%) Relational Database
3 3 (0.48%) Big Data
3 3 (0.48%) RDBMS
4 2 (0.32%) MySQL
5 1 (0.16%) Azure SQL Database
5 1 (0.16%) Blockchain
5 1 (0.16%) Data Lake
5 1 (0.16%) Data Mining
5 1 (0.16%) Power BI
Development Applications
1 8 (1.29%) ReSharper
1 8 (1.29%) SonarQube
2 7 (1.13%) Chocolatey
3 4 (0.64%) IDA Disassembler
3 4 (0.64%) Jenkins
4 3 (0.48%) Atlassian Bamboo
4 3 (0.48%) Bitbucket
4 3 (0.48%) Git (software)
4 3 (0.48%) GitLab
4 3 (0.48%) Team Foundation Server
5 1 (0.16%) Metasploit
General
1 194 (31.19%) Finance
2 48 (7.72%) Legal
3 33 (5.31%) Retail
4 20 (3.22%) Public Sector
5 14 (2.25%) Law
6 13 (2.09%) Telecoms
7 12 (1.93%) Banking
8 9 (1.45%) Financial Institution
9 5 (0.80%) Back Office
10 4 (0.64%) Aerospace
11 3 (0.48%) Games
11 3 (0.48%) Marketing
12 2 (0.32%) Advertising
13 1 (0.16%) International Banking
13 1 (0.16%) Manufacturing
13 1 (0.16%) Publishing
Job Titles
1 121 (19.45%) Analyst
2 99 (15.92%) Security Analyst
3 87 (13.99%) Consultant
4 71 (11.41%) Security Engineer
5 67 (10.77%) Security Manager
6 65 (10.45%) Architect
7 59 (9.49%) Security Architect
8 54 (8.68%) Security Consultant
9 49 (7.88%) Information Security Manager
9 49 (7.88%) Security Officer
10 47 (7.56%) Information Manager
10 47 (7.56%) Information Security Officer
11 46 (7.40%) Information Officer
12 43 (6.91%) Information Analyst
12 43 (6.91%) Information Security Analyst
13 33 (5.31%) IT Analyst
14 27 (4.34%) Risk Analyst
15 26 (4.18%) Security Specialist
16 24 (3.86%) Risk Consultant
17 23 (3.70%) Information Security Consultant
Libraries, Frameworks & Software Standards
1 20 (3.22%) .NET
2 16 (2.57%) Web Services
3 12 (1.93%) Middleware
3 12 (1.93%) OAuth
4 11 (1.77%) .NET Framework
5 8 (1.29%) .NET Core
6 6 (0.96%) OAuth2
6 6 (0.96%) OpenID
6 6 (0.96%) XACML
7 4 (0.64%) ModSecurity
8 3 (0.48%) J2EE
8 3 (0.48%) TensorFlow
9 2 (0.32%) LDAP
9 2 (0.32%) SAML
10 1 (0.16%) COM
10 1 (0.16%) D3.js
10 1 (0.16%) RESTful
Miscellaneous
1 139 (22.35%) Management Information System
2 53 (8.52%) Data Protection Act
3 39 (6.27%) Analytical Skills
4 27 (4.34%) Cloud Native
5 21 (3.38%) Cyberattack
5 21 (3.38%) Security Operations Centre
5 21 (3.38%) Self-Motivation
6 18 (2.89%) Cyber Defence
7 15 (2.41%) Cyber Kill Chain
8 14 (2.25%) PKI
8 14 (2.25%) Public Cloud
9 12 (1.93%) Cyberthreat
9 12 (1.93%) Private Cloud
9 12 (1.93%) Smart Meter
10 10 (1.61%) Data Centre
11 7 (1.13%) Distributed Denial-of-Service
11 7 (1.13%) Greenfield Project
11 7 (1.13%) Hybrid Cloud
11 7 (1.13%) Mobile App
11 7 (1.13%) User Experience
Operating Systems
1 36 (5.79%) Windows
2 30 (4.82%) Linux
3 16 (2.57%) Windows 10
4 15 (2.41%) Windows Server
4 15 (2.41%) Windows Server 2012
5 5 (0.80%) Unix
6 3 (0.48%) Windows Server 2008
6 3 (0.48%) Windows Server 2016
7 1 (0.16%) Windows 7
7 1 (0.16%) Windows Server 2019
Processes & Methodologies
1 427 (68.65%) Information Security
2 351 (56.43%) Cybersecurity
3 210 (33.76%) Risk Management
4 152 (24.44%) SIEM
5 121 (19.45%) ITIL
6 108 (17.36%) Penetration Testing
6 108 (17.36%) Security Architecture
7 102 (16.40%) Data Protection
8 100 (16.08%) Security Management
9 98 (15.76%) OWASP
10 84 (13.50%) Security Operations
11 79 (12.70%) Vulnerability Management
12 71 (11.41%) Information Security Management
13 64 (10.29%) Risk Assessment
14 61 (9.81%) DevOps
15 56 (9.00%) Incident Management
15 56 (9.00%) Security Testing
16 53 (8.52%) Agile Software Development
16 53 (8.52%) Threat Intelligence
17 49 (7.88%) Stakeholder Management
Programming Languages
1 41 (6.59%) Python
2 35 (5.63%) PowerShell
3 8 (1.29%) Java
3 8 (1.29%) JavaScript
3 8 (1.29%) SQL
4 7 (1.13%) C
5 6 (0.96%) Bash Shell
6 3 (0.48%) Julia
6 3 (0.48%) MATLAB
6 3 (0.48%) R
6 3 (0.48%) Scala
6 3 (0.48%) VB.NET
7 2 (0.32%) C#
7 2 (0.32%) Shell Script
8 1 (0.16%) Perl
8 1 (0.16%) Ruby
Qualifications
1 255 (41.00%) CISSP
2 199 (31.99%) CISM
3 119 (19.13%) CISA
4 84 (13.50%) Cisco Certification
5 74 (11.90%) CRISC
6 60 (9.65%) Security Cleared
7 59 (9.49%) Degree
8 43 (6.91%) CEH
9 41 (6.59%) SC Cleared
10 40 (6.43%) (ISC)2 CCSP
10 40 (6.43%) SANS
11 23 (3.70%) CCSP
12 22 (3.54%) GIAC
13 17 (2.73%) CESG Certified Professional
13 17 (2.73%) SSCP
14 15 (2.41%) DV Cleared
15 14 (2.25%) CompTIA Security+
15 14 (2.25%) ISO 27001 Lead Auditor
16 11 (1.77%) CISMP
16 11 (1.77%) CREST Certified
Quality Assurance & Compliance
1 377 (60.61%) ISO/IEC 27001
2 159 (25.56%) GDPR
3 151 (24.28%) PCI DSS
4 113 (18.17%) COBIT
5 77 (12.38%) NIST 800
6 74 (11.90%) Sarbanes-Oxley
7 45 (7.23%) Cyber Essentials
8 41 (6.59%) NCSC
9 39 (6.27%) QA
10 29 (4.66%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
11 28 (4.50%) COSO
12 15 (2.41%) ISAE 3402
13 13 (2.09%) SLA
14 11 (1.77%) HIPAA
15 10 (1.61%) Cyber Essentials PLUS
15 10 (1.61%) JSP 440
15 10 (1.61%) RMADS
16 9 (1.45%) ITGC
17 8 (1.29%) HMG Security Policy Framework
18 6 (0.96%) ISO/IEC 27005
System Software
1 24 (3.86%) VMware Infrastructure
2 19 (3.05%) Active Directory
3 13 (2.09%) Docker
3 13 (2.09%) Hyper-V
4 4 (0.64%) Microsoft Virtual Server
4 4 (0.64%) Virtual Servers
5 2 (0.32%) Snort
5 2 (0.32%) VMware ESXi
6 1 (0.16%) vSphere
Systems Management
1 29 (4.66%) Terraform
2 21 (3.38%) Nessus
3 12 (1.93%) Ansible
4 10 (1.61%) HP Fortify
5 9 (1.45%) Opscode Chef
5 9 (1.45%) WebInspect
6 8 (1.29%) Microsoft Intune
7 5 (0.80%) Nmap
7 5 (0.80%) Norton AntiVirus
8 4 (0.64%) Computer Incident Response Team
9 3 (0.48%) Computer Emergency Response Teams
9 3 (0.48%) Host Intrusion Detection System
9 3 (0.48%) Network Intrusion Detection System
9 3 (0.48%) RSA Archer
9 3 (0.48%) Single Sign-On
10 2 (0.32%) Kubernetes
10 2 (0.32%) McAfee ePO
10 2 (0.32%) Puppet
11 1 (0.16%) CA Single Sign-On
11 1 (0.16%) Suricata
Vendors
1 76 (12.22%) Microsoft
2 35 (5.63%) VMware
3 29 (4.66%) Cisco
4 14 (2.25%) Qualys
5 12 (1.93%) Black Duck
5 12 (1.93%) Splunk
6 10 (1.61%) CA
6 10 (1.61%) LogRhythm
7 9 (1.45%) Google
7 9 (1.45%) Micro Focus
7 9 (1.45%) Sonatype
8 8 (1.29%) Palo Alto
9 7 (1.13%) CrowdStrike
9 7 (1.13%) Fortinet
9 7 (1.13%) Salesforce.com
9 7 (1.13%) Symantec
10 6 (0.96%) HP
11 5 (0.80%) Apple
11 5 (0.80%) CheckPoint
11 5 (0.80%) Oracle