Period
to 17 February 2019

The following table provides summary statistics for permanent job vacancies with a requirement for SANS qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 17 February 2019 with a comparison to the same period in the previous 2 years.

SANS Institute
UK
6 months to
17 Feb 2019
Same period 2018 Same period 2017
Rank 634 736 771
Rank change year-on-year +102 +35 +136
Permanent jobs citing SANS 543 482 452
As % of all permanent IT jobs advertised in the UK 0.36% 0.28% 0.26%
As % of the Qualifications category 1.49% 1.15% 1.01%
Number of salaries quoted 382 366 331
UK median annual salary £55,000 £57,500 £60,000
Median salary % change year-on-year -4.35% -4.17% -4.00%
10th Percentile £41,375 £39,875 £41,250
90th Percentile £86,250 £90,000 £86,250
UK excluding London median annual salary £52,000 £53,000 £52,750
% change year-on-year -1.89% +0.47% -8.26%

SANS is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 36,323 41,799 44,937
As % of all permanent IT jobs advertised in the UK 24.29% 23.87% 25.58%
Number of salaries quoted 26,473 32,413 35,529
UK median annual salary £50,000 £47,500 £45,000
Median salary % change year-on-year +5.26% +5.56% -
10th Percentile £26,250 £26,250 £26,250
90th Percentile £80,000 £78,950 £77,500
UK excluding London median annual salary £45,000 £42,500 £42,500
% change year-on-year +5.88% - -

SANS
Job Vacancy Trend

Job postings citing SANS as a percentage of all IT jobs advertised.

Job vacancy trend for SANS in the UK

SANS
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing SANS.

Salary trend for SANS in the UK

SANS
Salary Histogram

The salary distribution of IT jobs citing SANS over the 6 months to 17 February 2019.

Salary histogram for SANS in the UK

SANS
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing SANS within the UK over the 6 months to 17 February 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +101 518 £55,000 -4.35% 47
UK excluding London +204 375 £52,000 -1.89% 32
North of England +153 163 £45,000 -18.18% 11
London -44 147 £65,000 -10.34% 17
North West +137 136 £45,000 -18.18% 5
South East +65 89 £56,500 +2.73% 6
East of England +61 60 £57,500 +15.00% 2
Yorkshire +64 26 £62,500 +50.60% 6
South West +7 26 £45,000 - 4
Midlands +58 24 £62,500 +4.17% 7
West Midlands +56 19 £65,000 +54.76% 5
Scotland +19 9 £57,500 - 2
East Midlands +11 3 £65,000 +8.33% 1
Wales +18 2 £61,250 +2.08%
Northern Ireland - 2 £62,500 -
North East - 1 - -

For the 6 months to 17 February 2019, IT jobs citing SANS also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for SANS.

1 400 (73.66%) CISSP
2 340 (62.62%) Information Security
3 323 (59.48%) Cybersecurity
4 248 (45.67%) ISO/IEC 27001
5 239 (44.01%) SIEM
6 222 (40.88%) Windows
7 219 (40.33%) Penetration Testing
8 208 (38.31%) Linux
9 188 (34.62%) Vulnerability Management
10 177 (32.60%) Microsoft
11 173 (31.86%) Finance
12 168 (30.94%) CREST Certified
13 166 (30.57%) Management Information System
14 164 (30.20%) GIAC
15 162 (29.83%) CISM
16 160 (29.47%) Network Security
17 152 (27.99%) Legal
18 151 (27.81%) Mentoring
19 149 (27.44%) VMware
19 149 (27.44%) Security Operations
20 142 (26.15%) Cisco
21 141 (25.97%) Threat Analysis
22 139 (25.60%) Firewall
23 138 (25.41%) GDPR
24 135 (24.86%) OWASP
25 130 (23.94%) CEH
25 130 (23.94%) SQL
26 128 (23.57%) Cyber Kill Chain
27 125 (23.02%) Data Protection
28 123 (22.65%) PCI DSS

SANS
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 28 (5.16%) ExpressionEngine
1 28 (5.16%) WordPress
2 8 (1.47%) Apache Pig
3 4 (0.74%) Elasticsearch
4 2 (0.37%) Confluence
Applications
1 100 (18.42%) Microsoft PowerPoint
2 4 (0.74%) Microsoft Office
Cloud Services
1 66 (12.15%) Amazon AWS
1 66 (12.15%) Microsoft Azure
2 34 (6.26%) IaaS
3 31 (5.71%) SaaS
4 27 (4.97%) Google Cloud Platform
5 18 (3.31%) Office 365
6 14 (2.58%) Mimecast
7 6 (1.10%) PaaS
8 2 (0.37%) AWS CloudFormation
8 2 (0.37%) Cloud Computing
8 2 (0.37%) Google Drive
8 2 (0.37%) OpenDNS
Communications & Networking
1 160 (29.47%) Network Security
2 139 (25.60%) Firewall
3 100 (18.42%) Wi-Fi
4 81 (14.92%) Intrusion Detection
5 54 (9.94%) TCP/IP
6 42 (7.73%) Internet
7 25 (4.60%) Sourcefire
8 24 (4.42%) Wireshark
9 19 (3.50%) SNMP
10 18 (3.31%) HTTP
10 18 (3.31%) SSL
11 16 (2.95%) FCoE
12 9 (1.66%) WAN
13 7 (1.29%) VPN
14 6 (1.10%) MPLS
14 6 (1.10%) VLAN
15 5 (0.92%) ATM
15 5 (0.92%) DNS
15 5 (0.92%) LAN
15 5 (0.92%) Reverse Proxy
Database & Business Intelligence
1 28 (5.16%) MongoDB
2 24 (4.42%) Big Data
3 12 (2.21%) Hadoop
4 8 (1.47%) Apache Hive
4 8 (1.47%) MySQL
4 8 (1.47%) SQL Server
Development Applications
1 26 (4.79%) JIRA
2 25 (4.60%) Metasploit
3 16 (2.95%) Redmine
4 10 (1.84%) Burp Suite
4 10 (1.84%) Git (software)
5 8 (1.47%) Atlassian Bamboo
5 8 (1.47%) Bitbucket
5 8 (1.47%) CodeSonar
5 8 (1.47%) git-flow
5 8 (1.47%) Robot Framework
5 8 (1.47%) Selenium
6 2 (0.37%) AppScan
6 2 (0.37%) Jenkins
6 2 (0.37%) Subversion
7 1 (0.18%) SonarQube
General
1 173 (31.86%) Finance
2 152 (27.99%) Legal
3 24 (4.42%) Publishing
4 23 (4.24%) Retail
5 20 (3.68%) Banking
5 20 (3.68%) Telecoms
6 15 (2.76%) Marketing
7 14 (2.58%) Games
8 9 (1.66%) Financial Institution
9 7 (1.29%) Electronics
9 7 (1.29%) Manufacturing
10 5 (0.92%) Front Office
10 5 (0.92%) Investment Banking
10 5 (0.92%) Law
11 2 (0.37%) Pharmaceutical
12 1 (0.18%) Local Government
Job Titles
1 228 (41.99%) Analyst
2 166 (30.57%) Security Analyst
3 156 (28.73%) Senior Analyst
4 133 (24.49%) Senior Security Analyst
5 107 (19.71%) IT Analyst
6 105 (19.34%) IT Security Analyst
7 104 (19.15%) Senior IT Security Analyst
8 96 (17.68%) Security Engineer
9 56 (10.31%) Cybersecurity Analyst
10 44 (8.10%) Security Manager
11 40 (7.37%) SOC Analyst
12 39 (7.18%) Architect
12 39 (7.18%) Consultant
13 33 (6.08%) Security Architect
13 33 (6.08%) Senior Cybersecurity Analyst
14 31 (5.71%) Security Consultant
15 30 (5.52%) Incident Manager
15 30 (5.52%) Security Incident Manager
16 22 (4.05%) Malware Engineer
17 21 (3.87%) Penetration Tester
Libraries, Frameworks & Software Standards
1 40 (7.37%) Node.js
2 21 (3.87%) .NET
3 16 (2.95%) Web Services
4 15 (2.76%) Regular Expression
4 15 (2.76%) REST
5 13 (2.39%) SOAP
6 10 (1.84%) Java EE
6 10 (1.84%) STL
7 9 (1.66%) LAMP
8 8 (1.47%) .NET Framework
8 8 (1.47%) ASP.NET
8 8 (1.47%) Django
8 8 (1.47%) RabbitMQ
8 8 (1.47%) Spring MVC
9 5 (0.92%) SailPoint
10 2 (0.37%) CSS
10 2 (0.37%) HTML
10 2 (0.37%) JSON
10 2 (0.37%) SAML
11 1 (0.18%) COM
Miscellaneous
1 166 (30.57%) Management Information System
2 128 (23.57%) Cyber Kill Chain
3 83 (15.29%) Security Operations Centre
4 55 (10.13%) Analytical Skills
5 35 (6.45%) Self-Motivation
6 27 (4.97%) Cyberthreat
7 22 (4.05%) PKI
8 10 (1.84%) Cyberattack
9 9 (1.66%) Fintech
10 8 (1.47%) Cyber Defence
11 7 (1.29%) Algorithms
12 6 (1.10%) Internet of Things
13 5 (0.92%) Cybercrime
13 5 (0.92%) Data Centre
13 5 (0.92%) Mobile Wallet
13 5 (0.92%) Public Cloud
13 5 (0.92%) User Experience
14 3 (0.55%) Blog
14 3 (0.55%) Enterprise Storage
14 3 (0.55%) Greenfield Project
Operating Systems
1 222 (40.88%) Windows
2 208 (38.31%) Linux
3 80 (14.73%) Unix
4 17 (3.13%) Kali Linux
5 14 (2.58%) Apple iOS
6 12 (2.21%) Red Hat Enterprise Linux
7 9 (1.66%) Mac OS X
8 8 (1.47%) Android
8 8 (1.47%) Debian
9 5 (0.92%) CentOS
10 4 (0.74%) Fedora
10 4 (0.74%) Ubuntu
11 1 (0.18%) Solaris
Processes & Methodologies
1 340 (62.62%) Information Security
2 323 (59.48%) Cybersecurity
3 239 (44.01%) SIEM
4 219 (40.33%) Penetration Testing
5 188 (34.62%) Vulnerability Management
6 151 (27.81%) Mentoring
7 149 (27.44%) Security Operations
8 141 (25.97%) Threat Analysis
9 135 (24.86%) OWASP
10 125 (23.02%) Data Protection
11 114 (20.99%) Disaster Recovery
12 111 (20.44%) Business Continuity
13 107 (19.71%) Due Diligence
14 105 (19.34%) Risk Analysis
15 101 (18.60%) Web Development
16 100 (18.42%) Scenario Testing
17 77 (14.18%) Problem-Solving
18 71 (13.08%) Risk Management
19 66 (12.15%) IT Strategy
20 64 (11.79%) Threat Intelligence
Programming Languages
1 130 (23.94%) SQL
2 56 (10.31%) C
3 46 (8.47%) Python
4 42 (7.73%) PowerShell
5 39 (7.18%) Bash Shell
6 34 (6.26%) C++
7 28 (5.16%) Java
8 27 (4.97%) C#
9 20 (3.68%) Perl
10 19 (3.50%) VB
11 13 (2.39%) PHP
12 12 (2.21%) Korn
13 10 (1.84%) JavaScript
13 10 (1.84%) Objective-C
13 10 (1.84%) Ruby
14 6 (1.10%) Go
15 5 (0.92%) Shell Script
Qualifications
1 400 (73.66%) CISSP
2 168 (30.94%) CREST Certified
3 164 (30.20%) GIAC
4 162 (29.83%) CISM
5 130 (23.94%) CEH
6 107 (19.71%) Cisco Certification
7 106 (19.52%) SSCP
8 95 (17.50%) CISA
9 62 (11.42%) CCSP
10 61 (11.23%) (ISC)2 CCSP
11 56 (10.31%) Degree
12 54 (9.94%) CompTIA Security+
12 54 (9.94%) Security Cleared
13 52 (9.58%) Microsoft Certification
14 51 (9.39%) OSCP
15 50 (9.21%) MCSE
16 41 (7.55%) CCNA
17 39 (7.18%) GCIA
18 38 (7.00%) GCIH
19 36 (6.63%) CSSLP
Quality Assurance & Compliance
1 248 (45.67%) ISO/IEC 27001
2 138 (25.41%) GDPR
3 123 (22.65%) PCI DSS
4 35 (6.45%) Cyber Essentials
5 10 (1.84%) COBIT
6 9 (1.66%) Web Application Security Consortium
7 8 (1.47%) ISO 9001
7 8 (1.47%) Sarbanes-Oxley
8 7 (1.29%) HIPAA
9 4 (0.74%) FINRA
9 4 (0.74%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
10 3 (0.55%) GPG13
11 2 (0.37%) FIPS 140-2
11 2 (0.37%) ISO 31000
11 2 (0.37%) SLA
12 1 (0.18%) HMG Security Policy Framework
12 1 (0.18%) NIST 800
12 1 (0.18%) PSD2
System Software
1 115 (21.18%) VMware Infrastructure
2 34 (6.26%) Snort
3 20 (3.68%) VMware ESXi
4 19 (3.50%) NFS
4 19 (3.50%) Samba
5 17 (3.13%) VMware NSX
6 14 (2.58%) Docker
7 10 (1.84%) Active Directory
8 8 (1.47%) vSphere
9 4 (0.74%) VirtualBox
9 4 (0.74%) Xen
10 2 (0.37%) Squid
Systems Management
1 45 (8.29%) Nessus
2 37 (6.81%) CSIRT
3 30 (5.52%) Puppet
4 24 (4.42%) Host Intrusion Detection System
5 23 (4.24%) Norton AntiVirus
6 22 (4.05%) Ansible
6 22 (4.05%) QRadar
7 20 (3.68%) Nagios
7 20 (3.68%) vCenter Server
8 16 (2.95%) RSA Security Analytics
9 12 (2.21%) CASB
9 12 (2.21%) Computer Incident Response Team
9 12 (2.21%) Nmap
10 10 (1.84%) Nexpose
11 9 (1.66%) EnCase
11 9 (1.66%) FTK
11 9 (1.66%) Suricata
12 8 (1.47%) Salt
13 6 (1.10%) Kubernetes
14 5 (0.92%) AirWatch
Vendors
1 177 (32.60%) Microsoft
2 149 (27.44%) VMware
3 142 (26.15%) Cisco
4 58 (10.68%) Symantec
5 44 (8.10%) Splunk
6 40 (7.37%) Qualys
7 31 (5.71%) Google
8 24 (4.42%) Red Hat
9 23 (4.24%) Forcepoint
10 22 (4.05%) LogRhythm
11 20 (3.68%) ArcSight
11 20 (3.68%) EMC
11 20 (3.68%) SolarWinds
12 19 (3.50%) NetApp
13 18 (3.31%) Palo Alto
14 16 (2.95%) McAfee
15 15 (2.76%) Sun
16 14 (2.58%) CyberArk
17 12 (2.21%) Meraki
17 12 (2.21%) Sophos