Period
to 23 July 2019

The following table provides summary statistics for permanent job vacancies with a requirement for NIST skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited NIST over the 6 months to 23 July 2019 with a comparison to the same period in the previous 2 years.

National Institute of Standards and Technology (NIST)
UK
6 months to
23 Jul 2019
Same period 2018 Same period 2017
Rank 560 667 916
Rank change year-on-year +107 +249 +157
Permanent jobs citing NIST 655 580 298
As % of all permanent IT jobs advertised in the UK 0.45% 0.33% 0.17%
As % of the Quality Assurance & Compliance category 3.35% 2.56% 1.38%
Number of salaries quoted 478 387 249
UK median annual salary £67,500 £65,000 £60,000
Median salary % change year-on-year +3.85% +8.33% -7.69%
10th Percentile £41,425 £42,500 £45,000
90th Percentile £97,500 £103,750 £83,750
UK excluding London median annual salary £62,500 £57,500 £60,000
% change year-on-year +8.70% -4.17% -7.69%

NIST is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Permanent vacancies with a requirement for quality assurance or compliance skills 19,565 22,693 21,633
As % of all permanent IT jobs advertised in the UK 13.52% 13.10% 12.18%
Number of salaries quoted 14,403 17,278 16,304
UK median annual salary £50,000 £50,000 £47,500
Median salary % change year-on-year - +5.26% -
10th Percentile £28,500 £28,125 £26,750
90th Percentile £83,750 £80,000 £77,500
UK excluding London median annual salary £45,000 £45,000 £42,000
% change year-on-year - +7.14% -1.18%

NIST
Job Vacancy Trend

Job postings citing NIST as a percentage of all IT jobs advertised.

Job vacancy trend for NIST in the UK

NIST
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing NIST.

Salary trend for NIST in the UK

NIST
Salary Histogram

The salary distribution of IT jobs citing NIST over the 6 months to 23 July 2019.

Salary histogram for NIST in the UK

NIST
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing NIST within the UK over the 6 months to 23 July 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +96 621 £67,500 +3.85% 70
UK excluding London +101 323 £62,500 +8.70% 37
London +106 308 £72,500 -3.33% 37
South East +19 120 £70,000 +27.27% 15
South West +58 66 £60,000 +33.33% 6
North of England +5 52 £48,750 -18.75% 4
North West +48 45 £47,500 -20.83% 3
East of England +94 39 £60,000 -14.29% 1
Midlands +37 32 £53,750 -10.42% 7
West Midlands +15 25 £52,500 -12.50% 4
Scotland +12 13 £55,000 -4.35% 3
East Midlands +25 7 £80,000 +28.00% 3
Yorkshire -14 4 £67,500 -3.57%
North East - 3 £70,000 - 1
Wales - 1 - -

For the 6 months to 23 July 2019, IT jobs citing NIST also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for NIST.

1 407 (62.14%) ISO/IEC 27001
2 384 (58.63%) Information Security
3 364 (55.57%) Cybersecurity
4 350 (53.44%) CISSP
5 265 (40.46%) CISM
6 189 (28.85%) PCI DSS
7 178 (27.18%) CISA
8 177 (27.02%) Security Architecture
9 156 (23.82%) Risk Management
10 142 (21.68%) SIEM
10 142 (21.68%) Degree
11 137 (20.92%) Management Information System
12 130 (19.85%) GDPR
13 124 (18.93%) Finance
14 122 (18.63%) Security Operations
15 109 (16.64%) Penetration Testing
16 108 (16.49%) OWASP
17 106 (16.18%) Firewall
18 104 (15.88%) SABSA
19 99 (15.11%) Microsoft
20 96 (14.66%) Vulnerability Management
21 95 (14.50%) Agile Software Development
22 93 (14.20%) ITIL
22 93 (14.20%) TOGAF
23 92 (14.05%) Data Protection
24 91 (13.89%) Microsoft Azure
25 90 (13.74%) Risk Assessment
26 89 (13.59%) COBIT
27 85 (12.98%) CRISC
28 83 (12.67%) Security Management

NIST
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 15 (2.29%) SharePoint
2 11 (1.68%) IIS
3 5 (0.76%) Apache
4 4 (0.61%) MediaWiki
5 2 (0.31%) Skype for Business
6 1 (0.15%) Confluence
6 1 (0.15%) nginx
6 1 (0.15%) Tomcat
Applications
1 3 (0.46%) Microsoft Office
2 2 (0.31%) Microsoft Excel
3 1 (0.15%) Microsoft PowerPoint
3 1 (0.15%) Microsoft Project
3 1 (0.15%) MS Visio
Business Applications
1 5 (0.76%) Sparx Enterprise Architect
2 1 (0.15%) Relativity
2 1 (0.15%) SAP GRC
Cloud Services
1 91 (13.89%) Microsoft Azure
2 76 (11.60%) Amazon AWS
3 41 (6.26%) SaaS
4 32 (4.89%) Azure Active Directory
5 23 (3.51%) Google Cloud Platform
6 16 (2.44%) IaaS
7 15 (2.29%) PaaS
8 11 (1.68%) Power Platform
9 10 (1.53%) Cloud Computing
9 10 (1.53%) Office 365
10 5 (0.76%) Microsoft Flow
11 1 (0.15%) Amazon CloudWatch
11 1 (0.15%) Amazon EC2
11 1 (0.15%) Amazon ELB
11 1 (0.15%) Amazon S3
11 1 (0.15%) AWS CloudFormation
11 1 (0.15%) OneDrive
11 1 (0.15%) Route 53
11 1 (0.15%) Virtual Private Cloud
Communications & Networking
1 106 (16.18%) Firewall
2 56 (8.55%) Network Security
3 45 (6.87%) Intrusion Detection
4 28 (4.27%) Internet
5 26 (3.97%) TCP/IP
6 14 (2.14%) Intranet
6 14 (2.14%) Wireless
7 12 (1.83%) DNS
8 10 (1.53%) DHCP
8 10 (1.53%) LAN
8 10 (1.53%) WAN
9 9 (1.37%) Sourcefire
10 5 (0.76%) HTTP
11 4 (0.61%) HTTPS
11 4 (0.61%) IPsec
11 4 (0.61%) RTP
11 4 (0.61%) SMTP
11 4 (0.61%) tcpdump
11 4 (0.61%) VPN
11 4 (0.61%) Wireshark
Database & Business Intelligence
1 7 (1.07%) Big Data
1 7 (1.07%) Power BI
2 5 (0.76%) SQL Server
3 1 (0.15%) Amazon RDS
3 1 (0.15%) Data Lake
3 1 (0.15%) Data Warehouse
3 1 (0.15%) Snowflake Schema
Development Applications
1 13 (1.98%) SonarQube
2 12 (1.83%) JIRA
3 7 (1.07%) Visual Studio
4 5 (0.76%) Jenkins
5 4 (0.61%) Burp Suite
5 4 (0.61%) IDA Disassembler
5 4 (0.61%) Octopus Deploy
6 3 (0.46%) AppScan
6 3 (0.46%) Paros
6 3 (0.46%) WebScarab
7 1 (0.15%) Git (software)
7 1 (0.15%) Subversion
General
1 124 (18.93%) Finance
2 63 (9.62%) Legal
3 35 (5.34%) Retail
4 30 (4.58%) Banking
5 19 (2.90%) Law
6 12 (1.83%) Telecoms
7 10 (1.53%) Games
8 8 (1.22%) Marketing
8 8 (1.22%) Military
9 7 (1.07%) Back Office
10 3 (0.46%) Manufacturing
11 2 (0.31%) Financial Institution
12 1 (0.15%) Aerospace
12 1 (0.15%) International Banking
12 1 (0.15%) Publishing
Job Titles
1 130 (19.85%) Analyst
2 118 (18.02%) Security Analyst
3 106 (16.18%) Architect
4 103 (15.73%) Consultant
5 101 (15.42%) Security Architect
6 94 (14.35%) Security Consultant
7 76 (11.60%) Security Manager
8 56 (8.55%) Information Analyst
8 56 (8.55%) Information Security Analyst
9 53 (8.09%) Security Engineer
10 33 (5.04%) Information Security Consultant
11 31 (4.73%) Subject Matter Expert
12 24 (3.66%) Risk Analyst
12 24 (3.66%) Security Officer
13 23 (3.51%) Head of Security
13 23 (3.51%) Senior Consultant
14 22 (3.36%) Senior Security Consultant
15 20 (3.05%) Cybersecurity Manager
15 20 (3.05%) Security Risk Analyst
16 19 (2.90%) Cloud Architect
Libraries, Frameworks & Software Standards
1 39 (5.95%) OAuth
2 31 (4.73%) SAML
3 14 (2.14%) Web Services
4 8 (1.22%) OAuth2
4 8 (1.22%) OpenID
5 5 (0.76%) HTML
5 5 (0.76%) LDAP
6 4 (0.61%) .NET
6 4 (0.61%) CGI
6 4 (0.61%) OLE
6 4 (0.61%) XACML
6 4 (0.61%) XML
7 3 (0.46%) Middleware
8 2 (0.31%) jQuery
8 2 (0.31%) SailPoint
9 1 (0.15%) 802.1X
9 1 (0.15%) HTML5
9 1 (0.15%) JSON
9 1 (0.15%) React Native
9 1 (0.15%) REST
Miscellaneous
1 137 (20.92%) Management Information System
2 47 (7.18%) Analytical Skills
2 47 (7.18%) CESG
3 46 (7.02%) Cyberthreat
4 39 (5.95%) Security Operations Centre
5 29 (4.43%) Data Centre
6 26 (3.97%) Public Cloud
7 25 (3.82%) Data Protection Act
8 24 (3.66%) Internet of Things
9 22 (3.36%) Cyber Kill Chain
10 16 (2.44%) Cyberattack
10 16 (2.44%) Mobile App
11 14 (2.14%) Cyber Defence
12 12 (1.83%) Distributed Denial-of-Service
12 12 (1.83%) SCADA
13 10 (1.53%) Driving Licence
13 10 (1.53%) PKI
14 8 (1.22%) Hybrid Cloud
14 8 (1.22%) Mobile Computing
15 6 (0.92%) Enterprise Software
Operating Systems
1 60 (9.16%) Windows
2 57 (8.70%) Linux
3 11 (1.68%) Windows Server
4 10 (1.53%) Unix
5 7 (1.07%) Solaris
6 1 (0.15%) Amazon Linux
6 1 (0.15%) Android
6 1 (0.15%) Apple iOS
6 1 (0.15%) CentOS
6 1 (0.15%) Kali Linux
6 1 (0.15%) Red Hat Enterprise Linux
Processes & Methodologies
1 384 (58.63%) Information Security
2 364 (55.57%) Cybersecurity
3 177 (27.02%) Security Architecture
4 156 (23.82%) Risk Management
5 142 (21.68%) SIEM
6 122 (18.63%) Security Operations
7 109 (16.64%) Penetration Testing
8 108 (16.49%) OWASP
9 104 (15.88%) SABSA
10 96 (14.66%) Vulnerability Management
11 95 (14.50%) Agile Software Development
12 93 (14.20%) ITIL
12 93 (14.20%) TOGAF
13 92 (14.05%) Data Protection
14 90 (13.74%) Risk Assessment
15 83 (12.67%) Security Management
16 79 (12.06%) Identity Access Management
17 67 (10.23%) Security Testing
18 65 (9.92%) Computer Science
19 63 (9.62%) SDLC
Programming Languages
1 21 (3.21%) Python
2 14 (2.14%) Java
2 14 (2.14%) Perl
2 14 (2.14%) PowerShell
2 14 (2.14%) SQL
3 11 (1.68%) C#
4 7 (1.07%) Bash Shell
4 7 (1.07%) C
4 7 (1.07%) JavaScript
5 5 (0.76%) C++
6 4 (0.61%) F#
6 4 (0.61%) Haskell
6 4 (0.61%) PureScript
6 4 (0.61%) Scala
7 2 (0.31%) Ruby
8 1 (0.15%) PHP
8 1 (0.15%) Shell Script
Qualifications
1 350 (53.44%) CISSP
2 265 (40.46%) CISM
3 178 (27.18%) CISA
4 142 (21.68%) Degree
5 85 (12.98%) CRISC
6 78 (11.91%) CEH
7 76 (11.60%) Cisco Certification
8 61 (9.31%) Computer Science Degree
9 58 (8.85%) Security Cleared
10 56 (8.55%) SANS
11 49 (7.48%) Microsoft Certification
12 45 (6.87%) MCSE
13 44 (6.72%) SC Cleared
14 43 (6.56%) (ISC)2 CCSP
15 31 (4.73%) MCITP
16 29 (4.43%) GIAC
17 26 (3.97%) CREST Certified
18 22 (3.36%) CESG Certified Professional
19 21 (3.21%) CCNA
20 19 (2.90%) CCSP
Quality Assurance & Compliance
1 407 (62.14%) ISO/IEC 27001
2 189 (28.85%) PCI DSS
3 130 (19.85%) GDPR
4 89 (13.59%) COBIT
5 80 (12.21%) Cyber Essentials
6 64 (9.77%) NCSC
7 55 (8.40%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
8 52 (7.94%) Sarbanes-Oxley
9 46 (7.02%) NIST 800
10 31 (4.73%) ISO/IEC 27005
11 25 (3.82%) Cyber Essentials PLUS
12 24 (3.66%) ISO 22301
13 20 (3.05%) ISO 9001
14 17 (2.60%) HMG Security Policy Framework
15 13 (1.98%) ISAE 3402
16 12 (1.83%) COSO
16 12 (1.83%) ISO 31000
16 12 (1.83%) SAS 70
17 10 (1.53%) ITGC
17 10 (1.53%) QA
System Software
1 61 (9.31%) Active Directory
2 13 (1.98%) VMware Infrastructure
3 7 (1.07%) ISA Server
4 4 (0.61%) Snort
5 3 (0.46%) Virtual Machines
6 2 (0.31%) Docker
7 1 (0.15%) Hyper-V
7 1 (0.15%) VMware ESXi
Systems Management
1 28 (4.27%) Nessus
2 15 (2.29%) Computer Emergency Response Teams
3 7 (1.07%) IBM Guardium
3 7 (1.07%) QRadar
3 7 (1.07%) Single Sign-On
3 7 (1.07%) Trend Micro Deep Security
4 6 (0.92%) RSA Archer
5 5 (0.76%) Ansible
5 5 (0.76%) CASB
5 5 (0.76%) Norton AntiVirus
6 3 (0.46%) CSIRT
6 3 (0.46%) Terraform
7 2 (0.31%) ArcSight ESM
7 2 (0.31%) EnCase
7 2 (0.31%) Graylog
7 2 (0.31%) Kubernetes
8 1 (0.15%) Failover Clustering
8 1 (0.15%) FTK
8 1 (0.15%) Host Intrusion Detection System
8 1 (0.15%) Nexpose
Vendors
1 99 (15.11%) Microsoft
2 39 (5.95%) Splunk
3 29 (4.43%) Qualys
4 25 (3.82%) Cisco
5 21 (3.21%) CheckPoint
6 19 (2.90%) Google
7 17 (2.60%) Symantec
8 16 (2.44%) ArcSight
9 15 (2.29%) CyberArk
9 15 (2.29%) McAfee
9 15 (2.29%) Oracle
9 15 (2.29%) VMware
10 14 (2.14%) FireEye
11 13 (1.98%) CA
11 13 (1.98%) Citrix
11 13 (1.98%) IBM
11 13 (1.98%) LogRhythm
12 10 (1.53%) Trend Micro
13 9 (1.37%) Imperva
14 7 (1.07%) Rapid7