SANS jobs, average salaries and co-occurring skill trends

The following table provides summary statistics for permanent job vacancies with a requirement for SANS qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 25 November 2020 with a comparison to the same period in the previous 2 years.

SANS Institute UK
Location	6 months to 25 Nov 2020	Same period 2019	Same period 2018
Rank	619	854	627
Rank change year-on-year	+235	-227	+231
Permanent jobs citing SANS	97	216	600
As % of all permanent jobs advertised in the UK	0.18%	0.16%	0.38%
As % of the Qualifications category	0.86%	0.71%	1.58%
Number of salaries quoted	85	185	399
Median annual salary	£65,000	£62,163	£55,000
Median salary % change year-on-year	+4.56%	+13.02%	-4.35%
10th Percentile	£35,250	£41,250	£40,000
90th Percentile	£95,000	£97,500	£82,500
UK excluding London median annual salary	£65,000	£55,000	£50,000
% change year-on-year	+18.18%	+10.00%	-

SANS is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications UK
Permanent vacancies requiring academic qualifications or professional certifications	11,340	30,429	38,027
As % of all permanent IT jobs advertised in the UK	20.69%	22.56%	23.79%
Number of salaries quoted	8,650	22,508	28,099
Median annual salary	£55,000	£50,000	£50,000
Median salary % change year-on-year	+10.00%	-	+5.26%
10th Percentile	£31,250	£27,500	£26,250
90th Percentile	£87,500	£82,500	£80,000
UK excluding London median annual salary	£50,000	£45,000	£45,000
% change year-on-year	+11.11%	-	+5.88%

SANS
Job Vacancy Trend

Job postings citing SANS as a proportion of all IT jobs advertised.

SANS
Salary Trend

3-month moving average salary quoted in jobs citing SANS.

SANS
Salary Histogram

Salary distribution for jobs citing SANS over the 6 months to 25 November 2020.

SANS
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing SANS within the UK over the 6 months to 25 November 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	+195	89	£65,000	+4.00%	15
London	+195	52	£50,000	-33.33%	7
UK excluding London	+204	44	£65,000	+18.18%	8
Work from Home	+9	11	£90,000	+44.78%
North of England	+129	10	£37,500	-16.67%	1
South East	+181	9	£66,250	+1.92%	3
East of England	+144	9	£70,000	+30.23%	2
North West	+115	9	£37,500	+10.29%
Midlands	+91	9	£72,000	+37.14%	2
West Midlands	+79	7	£67,500	+28.57%	1
Wales	+47	5	-	-
East Midlands	+82	2	£72,500	-14.71%	1
Scotland	-	2	£33,250	-
Yorkshire	+83	1	£70,000	+50.54%	1

SANS
Top 30 Co-occurring IT Skills

For the 6 months to 25 November 2020, IT jobs citing SANS also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for SANS.

1	80 (82.47%)	Cybersecurity
2	54 (55.67%)	Security Operations
3	52 (53.61%)	SIEM
4	47 (48.45%)	CISSP
5	45 (46.39%)	Firewall
6	44 (45.36%)	Information Security
7	37 (38.14%)	Threat Intelligence
8	35 (36.08%)	Cyber Threat Intelligence
9	30 (30.93%)	Office 365
9	30 (30.93%)	Finance
10	29 (29.90%)	Active Directory
10	29 (29.90%)	Splunk
11	26 (26.80%)	AWS
11	26 (26.80%)	Manufacturing
12	25 (25.77%)	IBM

12	25 (25.77%)	Microsoft
12	25 (25.77%)	LogRhythm
13	24 (24.74%)	QRadar
14	23 (23.71%)	Vulnerability Management
14	23 (23.71%)	Marketing
14	23 (23.71%)	Public Sector
15	22 (22.68%)	Privileged Access Management
15	22 (22.68%)	Linux
15	22 (22.68%)	Security Cleared
16	21 (21.65%)	SC Cleared
16	21 (21.65%)	Cyberthreat
16	21 (21.65%)	Internet
16	21 (21.65%)	Telecoms
17	20 (20.62%)	Penetration Testing
17	20 (20.62%)	Identity Management

SANS
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Applications
Business Applications
Cloud Services
Communications & Networking
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Applications
1	19 (19.59%)	Microsoft Office

Business Applications
1	5 (5.15%)	Sentinel
2	1 (1.03%)	SAP Oil and Gas

Cloud Services
1	30 (30.93%)	Office 365
2	26 (26.80%)	AWS
3	9 (9.28%)	Azure
4	5 (5.15%)	Logic Apps
5	2 (2.06%)	Virtual Private Cloud
6	1 (1.03%)	Cloud Computing
6	1 (1.03%)	IBM Cloud

Communications & Networking
1	45 (46.39%)	Firewall
2	21 (21.65%)	Internet
3	9 (9.28%)	Intrusion Detection
4	7 (7.22%)	DNS
4	7 (7.22%)	TCP/IP
4	7 (7.22%)	VPN
5	6 (6.19%)	DMARC
5	6 (6.19%)	IPsec
5	6 (6.19%)	Network Security
5	6 (6.19%)	Wireshark
6	5 (5.15%)	DKIM
7	3 (3.09%)	SAN
8	2 (2.06%)	FTP
8	2 (2.06%)	HTTP
8	2 (2.06%)	SMTP
9	1 (1.03%)	DHCP
9	1 (1.03%)	LAN
9	1 (1.03%)	POP3
9	1 (1.03%)	SNMP
9	1 (1.03%)	WAN

Development Applications
1	5 (5.15%)	Git (software)
1	5 (5.15%)	GitLab
1	5 (5.15%)	Metasploit
2	3 (3.09%)	Burp Suite

General
1	30 (30.93%)	Finance
2	26 (26.80%)	Manufacturing
3	23 (23.71%)	Marketing
3	23 (23.71%)	Public Sector
4	21 (21.65%)	Telecoms
5	19 (19.59%)	Electronics
6	6 (6.19%)	Law
7	3 (3.09%)	Banking
7	3 (3.09%)	Legal
8	2 (2.06%)	Aerospace
9	1 (1.03%)	Retail

Job Titles
1	29 (29.90%)	Analyst
2	26 (26.80%)	Security Engineer
3	20 (20.62%)	Operations Engineer
4	16 (16.49%)	Security Analyst
5	8 (8.25%)	Security Advisor
6	7 (7.22%)	Cybersecurity Analyst
6	7 (7.22%)	Security Manager
6	7 (7.22%)	Senior Analyst
6	7 (7.22%)	SOC Analyst
7	6 (6.19%)	Cybersecurity Manager
7	6 (6.19%)	Penetration Tester
7	6 (6.19%)	Tester
8	5 (5.15%)	Architect
8	5 (5.15%)	DevOps Engineer
8	5 (5.15%)	Infrastructure Engineer
8	5 (5.15%)	Security Architect
8	5 (5.15%)	Senior DevOps
8	5 (5.15%)	Senior DevOps Engineer
8	5 (5.15%)	Senior Infrastructure Engineer
8	5 (5.15%)	Splunk Engineer

Libraries, Frameworks & Software Standards
1	10 (10.31%)	Web Services
2	2 (2.06%)	.NET
2	2 (2.06%)	ADO
2	2 (2.06%)	Middleware
2	2 (2.06%)	REST

Miscellaneous
1	21 (21.65%)	Cyberthreat
2	18 (18.56%)	Management Information System
3	15 (15.46%)	Security Operations Centre
4	8 (8.25%)	Public Cloud
5	7 (7.22%)	Analytical Skills
5	7 (7.22%)	Distributed Denial-of-Service
5	7 (7.22%)	PKI
6	5 (5.15%)	Cybercrime
7	3 (3.09%)	Cyber Kill Chain
7	3 (3.09%)	Cyberattack
7	3 (3.09%)	FMCG
7	3 (3.09%)	Self-Motivation
8	2 (2.06%)	Cyber Defence
8	2 (2.06%)	Mobile App
8	2 (2.06%)	Social Media
9	1 (1.03%)	Data Centre
9	1 (1.03%)	Data Protection Act
9	1 (1.03%)	Greenfield Project
9	1 (1.03%)	Linux Command Line
9	1 (1.03%)	PMI

Operating Systems
1	22 (22.68%)	Linux
2	15 (15.46%)	Windows
3	8 (8.25%)	Unix
4	6 (6.19%)	Kali Linux
4	6 (6.19%)	Mac OS
5	3 (3.09%)	Mac OS X
5	3 (3.09%)	Ubuntu
5	3 (3.09%)	Windows Server
6	1 (1.03%)	Android
6	1 (1.03%)	Apple iOS
6	1 (1.03%)	MVS

Processes & Methodologies
1	80 (82.47%)	Cybersecurity
2	54 (55.67%)	Security Operations
3	52 (53.61%)	SIEM
4	44 (45.36%)	Information Security
5	37 (38.14%)	Threat Intelligence
6	35 (36.08%)	Cyber Threat Intelligence
7	23 (23.71%)	Vulnerability Management
8	22 (22.68%)	Privileged Access Management
9	20 (20.62%)	Identity Management
9	20 (20.62%)	Penetration Testing
10	19 (19.59%)	Business Intelligence
10	19 (19.59%)	Digital Marketing
10	19 (19.59%)	Programme Management
11	18 (18.56%)	Security Testing
12	17 (17.53%)	OWASP
13	15 (15.46%)	Analytics
13	15 (15.46%)	Cyber Intelligence
13	15 (15.46%)	Risk Assessment
14	14 (14.43%)	Vulnerability Scanning
15	13 (13.40%)	Ethical Hacking

Programming Languages
1	19 (19.59%)	Python
2	14 (14.43%)	Bash Shell
3	8 (8.25%)	PowerShell
4	5 (5.15%)	Perl
4	5 (5.15%)	SQL
5	1 (1.03%)	C

Qualifications
1	47 (48.45%)	CISSP
2	22 (22.68%)	Security Cleared
3	21 (21.65%)	SC Cleared
4	17 (17.53%)	CISM
5	15 (15.46%)	CREST Certified
5	15 (15.46%)	Degree
6	14 (14.43%)	GIAC
7	13 (13.40%)	GCIH
8	11 (11.34%)	CISMP
9	10 (10.31%)	Cisco Certification
9	10 (10.31%)	CompTIA Security+
10	8 (8.25%)	CRISC
10	8 (8.25%)	SSCP
11	7 (7.22%)	CCNP
11	7 (7.22%)	CEH
11	7 (7.22%)	GCIA
11	7 (7.22%)	OSCP
12	6 (6.19%)	EC-Council LPT
12	6 (6.19%)	GXPN
12	6 (6.19%)	OSCE

Quality Assurance & Compliance
1	17 (17.53%)	NIST
2	12 (12.37%)	ISO/IEC 27001
3	6 (6.19%)	COBIT
4	5 (5.15%)	GDPR
4	5 (5.15%)	HMG Security Policy Framework
4	5 (5.15%)	PCI DSS
5	2 (2.06%)	Cyber Essentials
5	2 (2.06%)	SLA
6	1 (1.03%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
6	1 (1.03%)	NCSC

System Software
1	29 (29.90%)	Active Directory
2	6 (6.19%)	Docker
3	5 (5.15%)	Snort
4	3 (3.09%)	VMware Infrastructure

Systems Management
1	24 (24.74%)	QRadar
2	11 (11.34%)	Terraform
3	5 (5.15%)	CSIRT
4	2 (2.06%)	Demisto
4	2 (2.06%)	Host Intrusion Detection System
4	2 (2.06%)	Nessus
4	2 (2.06%)	Network Intrusion Detection System
4	2 (2.06%)	Norton AntiVirus
5	1 (1.03%)	Ansible
5	1 (1.03%)	CASB
5	1 (1.03%)	Computer Emergency Response Teams
5	1 (1.03%)	SCCM

Vendors
1	29 (29.90%)	Splunk
2	25 (25.77%)	IBM
2	25 (25.77%)	LogRhythm
2	25 (25.77%)	Microsoft
3	20 (20.62%)	Cisco
3	20 (20.62%)	SAP
4	19 (19.59%)	ArcSight
4	19 (19.59%)	BeyondTrust
4	19 (19.59%)	Bomgar
4	19 (19.59%)	CheckPoint
4	19 (19.59%)	CyberArk
4	19 (19.59%)	NetWitness
4	19 (19.59%)	Palo Alto
4	19 (19.59%)	Thycotic
5	5 (5.15%)	Darktrace
6	3 (3.09%)	Red Hat
6	3 (3.09%)	VMware
7	2 (2.06%)	Google
7	2 (2.06%)	Sophos
7	2 (2.06%)	Symantec

15 SANS job vacancies Nationwide

SANSJob Vacancy Trend

SANSSalary Trend

SANSSalary Histogram

SANSTop 14 Job Locations

SANSTop 30 Co-occurring IT Skills