Period
to 23 November 2017

The following table provides summary statistics for permanent job vacancies with a requirement for SIEM skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited SIEM over the 6 months to 23 November 2017 with a comparison to the same period in the previous 2 years.

Security Information and Event Management (SIEM)
UK
6 months to
23 Nov 2017
Same period 2016 Same period 2015
Rank 345 347 475
Rank change year-on-year +2 +128 +163
Permanent jobs citing SIEM 1662 1700 1332
As % of all permanent IT jobs advertised in the UK 0.92% 0.90% 0.61%
As % of the Processes & Methodologies category 1.03% 1.00% 0.69%
Number of salaries quoted 1306 1340 1082
UK median annual salary £57,500 £60,000 £54,000
Median salary % change year-on-year -4.17% +11.11% +8.00%
10th Percentile £35,500 £36,250 £34,775
90th Percentile £86,250 £83,750 £79,000
UK excluding London median annual salary £48,500 £50,000 £50,000
% change year-on-year -3.00% - -

SIEM is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 161952 169683 193148
As % of all permanent IT jobs advertised in the UK 89.90% 89.39% 88.81%
Number of salaries quoted 127936 140934 159138
UK median annual salary £50,000 £49,500 £47,500
Median salary % change year-on-year +1.01% +4.21% +5.56%
10th Percentile £28,750 £28,000 £27,500
90th Percentile £80,000 £79,350 £77,500
UK excluding London median annual salary £44,000 £42,500 £42,500
% change year-on-year +3.53% - +6.25%

SIEM
Job Vacancy Trend

Job postings citing SIEM as a percentage of all IT jobs advertised.

Job vacancy trend for SIEM in the UK

SIEM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing SIEM.

Salary trend for SIEM in the UK

SIEM
Salary Histogram

The salary distribution of IT jobs citing SIEM over the 6 months to 23 November 2017.

Salary histogram for SIEM in the UK

SIEM
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing SIEM within the UK over the 6 months to 23 November 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +5 1557 £57,500 -4.17% 98
London +40 911 £60,000 -7.69% 37
UK excluding London -48 684 £48,500 -3.00% 64
South East -72 220 £50,000 - 12
South West +62 138 £45,750 -12.86% 8
North of England +4 110 £45,000 -10.00% 24
Midlands -52 110 £50,000 +5.26% 13
West Midlands -59 96 £50,000 +5.26% 11
North West +1 71 £45,000 -5.26% 11
East of England -7 71 £52,500 +5.00% 4
Scotland +3 38 £42,500 +4.94% 1
Yorkshire -1 32 £45,000 -28.00% 10
Wales +34 21 £47,500 +18.75% 2
East Midlands +36 14 £28,750 -23.33% 1
North East - 7 £36,500 - 3
Northern Ireland - 1 £57,500 -

For the 6 months to 23 November 2017, IT jobs citing SIEM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for SIEM.

1 885 (53.25%) Firewall
2 837 (50.36%) Information Security
3 730 (43.92%) Cybersecurity
4 719 (43.26%) CISSP
5 523 (31.47%) Windows
6 521 (31.35%) Security Operations
7 484 (29.12%) Linux
8 472 (28.40%) ISO/IEC 27001
9 460 (27.68%) CISM
10 402 (24.19%) Network Security
11 387 (23.29%) Vulnerability Management
12 382 (22.98%) Finance
13 376 (22.62%) TCP/IP
14 325 (19.55%) ITIL
15 312 (18.77%) Cisco
16 301 (18.11%) Penetration Testing
17 291 (17.51%) Management Information System
18 276 (16.61%) Vulnerability Scanning
19 255 (15.34%) CISA
20 250 (15.04%) Degree
21 239 (14.38%) CheckPoint
22 230 (13.84%) Security Architecture
23 228 (13.72%) GIAC
24 221 (13.30%) Splunk
25 218 (13.12%) Data Protection
26 215 (12.94%) Active Directory
27 213 (12.82%) CEH
28 212 (12.76%) Security Cleared
29 199 (11.97%) Incident Management
30 192 (11.55%) Security Monitoring

SIEM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 41 (2.47%) SharePoint
2 20 (1.20%) MS Exchange
3 16 (0.96%) Apache
4 12 (0.72%) Elasticsearch
5 9 (0.54%) IIS
6 7 (0.42%) Exchange Server 2010
7 6 (0.36%) Apache Spark
7 6 (0.36%) nginx
8 5 (0.30%) CMS
9 3 (0.18%) OpenStack
10 2 (0.12%) Apache Pig
11 1 (0.060%) Confluence
11 1 (0.060%) JBoss
11 1 (0.060%) WordPress
Applications
1 29 (1.74%) Microsoft Office
2 12 (0.72%) Microsoft Excel
3 3 (0.18%) Microsoft PowerPoint
4 2 (0.12%) MS Visio
5 1 (0.060%) HipChat
5 1 (0.060%) Microsoft Project
Business Applications
1 19 (1.14%) Dynamics CRM
2 7 (0.42%) assyst
3 2 (0.12%) Sentinel
4 1 (0.060%) SunGard APT
Cloud Services
1 102 (6.14%) Amazon AWS
2 77 (4.63%) Microsoft Azure
3 59 (3.55%) Office 365
4 33 (1.99%) IaaS
5 32 (1.93%) SaaS
6 22 (1.32%) PaaS
7 19 (1.14%) OneDrive
8 14 (0.84%) Mimecast
9 13 (0.78%) Cloud Computing
10 12 (0.72%) Akamai
11 5 (0.30%) GitHub
12 3 (0.18%) Amazon S3
12 3 (0.18%) Amazon SQS
13 2 (0.12%) Google Cloud Platform
14 1 (0.060%) OpenDNS
Communications & Networking
1 885 (53.25%) Firewall
2 402 (24.19%) Network Security
3 376 (22.62%) TCP/IP
4 151 (9.09%) Intrusion Detection
5 143 (8.60%) DNS
6 123 (7.40%) WAN
7 114 (6.86%) VPN
8 110 (6.62%) LAN
9 106 (6.38%) Internet
10 98 (5.90%) Cisco ASA
11 96 (5.78%) DHCP
12 70 (4.21%) Wireless
13 66 (3.97%) MPLS
14 65 (3.91%) HTTP
15 59 (3.55%) IPsec
16 57 (3.43%) SSL
17 46 (2.77%) OSPF
18 45 (2.71%) Wireshark
19 44 (2.65%) BGP
19 44 (2.65%) SMTP
Database & Business Intelligence
1 37 (2.23%) SQL Server
2 25 (1.50%) Big Data
3 20 (1.20%) MySQL
4 9 (0.54%) Hadoop
5 5 (0.30%) Blockchain
5 5 (0.30%) MongoDB
6 3 (0.18%) NoSQL
7 2 (0.12%) Apache Cassandra
7 2 (0.12%) Apache Hive
7 2 (0.12%) Relational Database
8 1 (0.060%) Oracle Reports
8 1 (0.060%) PostgreSQL
8 1 (0.060%) SQL Server 2008
8 1 (0.060%) SQL Server 2012
8 1 (0.060%) SQL Server 2014
Development Applications
1 28 (1.68%) Metasploit
2 16 (0.96%) Burp Suite
3 5 (0.30%) Jenkins
4 3 (0.18%) Atlassian Bamboo
4 3 (0.18%) Hudson
5 2 (0.12%) Git (software)
6 1 (0.060%) GDB
6 1 (0.060%) JIRA
6 1 (0.060%) MSI
6 1 (0.060%) sqlmap
6 1 (0.060%) Team Foundation Server
6 1 (0.060%) Vagrant
6 1 (0.060%) Visual Studio
General
1 382 (22.98%) Finance
2 140 (8.42%) Banking
3 88 (5.29%) Legal
4 69 (4.15%) Law
5 56 (3.37%) Telecoms
6 15 (0.90%) Billing
7 13 (0.78%) Manufacturing
8 11 (0.66%) Games
9 9 (0.54%) Financial Institution
9 9 (0.54%) Investment Banking
9 9 (0.54%) Publishing
9 9 (0.54%) Retail
10 8 (0.48%) Digital Economy
10 8 (0.48%) Electronics
10 8 (0.48%) Marketing
11 7 (0.42%) Advertising
12 3 (0.18%) French Language
12 3 (0.18%) Military
13 2 (0.12%) Retail Banking
13 2 (0.12%) Spanish Language
Job Titles
1 627 (37.73%) Analyst
2 466 (28.04%) Security Analyst
3 356 (21.42%) Security Engineer
4 160 (9.63%) SOC Analyst
5 143 (8.60%) Security Manager
6 136 (8.18%) Consultant
7 117 (7.04%) IT Analyst
8 114 (6.86%) Architect
9 113 (6.80%) Security Consultant
10 112 (6.74%) IT Security Analyst
11 105 (6.32%) Security Architect
12 100 (6.02%) Information Analyst
12 100 (6.02%) Information Security Analyst
13 95 (5.72%) Network Engineer
14 93 (5.60%) IT Engineer
15 90 (5.42%) Network Security Engineer
16 89 (5.35%) IT Security Engineer
17 70 (4.21%) Security Specialist
18 69 (4.15%) Operations Analyst
18 69 (4.15%) Security Operations Analyst
Libraries, Frameworks & Software Standards
1 39 (2.35%) SailPoint
2 28 (1.68%) .NET
3 24 (1.44%) Web Services
4 20 (1.20%) HTML
5 16 (0.96%) Middleware
6 15 (0.90%) Regular Expression
7 14 (0.84%) OAuth
8 13 (0.78%) Elastic Stack
8 13 (0.78%) SAML
9 12 (0.72%) OpenID
10 9 (0.54%) CSS
11 7 (0.42%) 802.1X
11 7 (0.42%) PCRE
12 5 (0.30%) CGI
13 3 (0.18%) Ajax
13 3 (0.18%) jQuery
13 3 (0.18%) LAMP
13 3 (0.18%) LEMP Stack
13 3 (0.18%) Memcached
13 3 (0.18%) XML
Miscellaneous
1 291 (17.51%) Management Information System
2 184 (11.07%) Security Operations Centre
3 161 (9.69%) Cyberthreat
4 151 (9.09%) Analytical Skills
5 121 (7.28%) Data Centre
6 120 (7.22%) Data Protection Act
7 119 (7.16%) Computer Science
8 84 (5.05%) PKI
9 69 (4.15%) Distributed Denial-of-Service
10 67 (4.03%) Cyber Attack
11 52 (3.13%) Cyber Defence
12 26 (1.56%) CESG
12 26 (1.56%) Cyber Kill Chain
12 26 (1.56%) Greenfield Project
13 20 (1.20%) iPad
14 17 (1.02%) Enterprise Software
15 14 (0.84%) FlexPod
16 12 (0.72%) Algorithms
16 12 (0.72%) Reinsurance
17 11 (0.66%) Virtual Team
Operating Systems
1 523 (31.47%) Windows
2 484 (29.12%) Linux
3 152 (9.15%) Windows Server
4 143 (8.60%) Unix
5 49 (2.95%) Apple iOS
6 40 (2.41%) Kali Linux
7 38 (2.29%) Mac OS X
8 19 (1.14%) Windows Server 2008
9 17 (1.02%) Windows Server 2012
10 12 (0.72%) CentOS
10 12 (0.72%) Ubuntu
11 10 (0.60%) Debian
11 10 (0.60%) Red Hat Enterprise Linux
12 8 (0.48%) Android
12 8 (0.48%) VMS
12 8 (0.48%) Windows 7
13 7 (0.42%) Windows 8
14 3 (0.18%) Windows 10
15 2 (0.12%) AIX
15 2 (0.12%) Check Point GAiA
Processes & Methodologies
1 837 (50.36%) Information Security
2 730 (43.92%) Cybersecurity
3 521 (31.35%) Security Operations
4 387 (23.29%) Vulnerability Management
5 325 (19.55%) ITIL
6 301 (18.11%) Penetration Testing
7 276 (16.61%) Vulnerability Scanning
8 230 (13.84%) Security Architecture
9 218 (13.12%) Data Protection
10 199 (11.97%) Incident Management
11 192 (11.55%) Security Monitoring
12 162 (9.75%) Data Loss Prevention
13 158 (9.51%) Vulnerability Assessment
14 152 (9.15%) Risk Management
15 144 (8.66%) Threat Intelligence
16 129 (7.76%) Analytics
17 117 (7.04%) Cyber Threat Intelligence
18 114 (6.86%) Identity Access Management
19 111 (6.68%) Agile Software Development
20 97 (5.84%) Kalman Filter
Programming Languages
1 172 (10.35%) Python
2 103 (6.20%) PowerShell
3 100 (6.02%) Bash Shell
4 91 (5.48%) Java
5 61 (3.67%) SQL
6 59 (3.55%) Ruby
7 58 (3.49%) Perl
8 44 (2.65%) C#
9 38 (2.29%) C
10 37 (2.23%) Korn
11 32 (1.93%) Bourne shell
12 29 (1.74%) PHP
13 23 (1.38%) JavaScript
14 22 (1.32%) Shell Script
15 9 (0.54%) Lua
16 5 (0.30%) C++
16 5 (0.30%) C-shell
17 4 (0.24%) VB
18 3 (0.18%) Go
19 1 (0.060%) VB.NET
Qualifications
1 719 (43.26%) CISSP
2 460 (27.68%) CISM
3 255 (15.34%) CISA
4 250 (15.04%) Degree
5 228 (13.72%) GIAC
6 213 (12.82%) CEH
7 212 (12.76%) Security Cleared
8 150 (9.03%) SANS
8 150 (9.03%) SC Cleared
9 144 (8.66%) GCIH
10 143 (8.60%) Cisco Certification
11 97 (5.84%) CCNA
11 97 (5.84%) GCIA
12 78 (4.69%) CCNP
13 76 (4.57%) GSEC
14 69 (4.15%) CREST Certified
14 69 (4.15%) DV Cleared
15 63 (3.79%) CompTIA Security+
15 63 (3.79%) Security+ Certification
16 56 (3.37%) SSCP
Quality Assurance & Compliance
1 472 (28.40%) ISO/IEC 27001
2 161 (9.69%) PCI DSS
3 129 (7.76%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 125 (7.52%) GDPR
5 71 (4.27%) Cyber Essentials
6 44 (2.65%) NIST 800
7 35 (2.11%) COBIT
8 26 (1.56%) GPG13
8 26 (1.56%) Sarbanes-Oxley
9 24 (1.44%) Cyber Essentials PLUS
10 18 (1.08%) ISO 22301
10 18 (1.08%) QA
10 18 (1.08%) SLA
11 11 (0.66%) HMG Security Policy Framework
12 6 (0.36%) ISO/IEC 27005
13 5 (0.30%) FISMA
14 4 (0.24%) Government Security Classifications
15 3 (0.18%) PMO
16 2 (0.12%) HIPAA
16 2 (0.12%) RMADS
System Software
1 215 (12.94%) Active Directory
2 80 (4.81%) Virtual Machines
3 78 (4.69%) VMware Infrastructure
4 74 (4.45%) Snort
5 26 (1.56%) ProxySG
6 22 (1.32%) Hyper-V
6 22 (1.32%) VMware ESXi
7 20 (1.20%) vSphere
8 14 (0.84%) Docker
9 7 (0.42%) Terminal Services
10 6 (0.36%) HDFS
10 6 (0.36%) XenApp
11 5 (0.30%) pfSense
11 5 (0.30%) VMware Server
12 4 (0.24%) XenDesktop
13 3 (0.18%) Firmware
14 2 (0.12%) KVM
14 2 (0.12%) VMware NSX
15 1 (0.060%) RHEV
15 1 (0.060%) VirtualBox
Systems Management
1 145 (8.72%) Nessus
2 112 (6.74%) QRadar
3 61 (3.67%) McAfee ePO
4 55 (3.31%) CSIRT
5 51 (3.07%) FortiGate
6 49 (2.95%) SCCM
7 41 (2.47%) Host Intrusion Detection System
8 28 (1.68%) Nexpose
9 26 (1.56%) OpenVAS
10 24 (1.44%) Core Impact
10 24 (1.44%) Nmap
10 24 (1.44%) RSA Security Analytics
11 21 (1.26%) RSA enVision
12 19 (1.14%) Nagios
13 18 (1.08%) Network Intrusion Detection System
13 18 (1.08%) Norton AntiVirus
13 18 (1.08%) WSUS
14 17 (1.02%) Suricata
15 16 (0.96%) PowerBroker
15 16 (0.96%) Puppet
Vendors
1 312 (18.77%) Cisco
2 239 (14.38%) CheckPoint
3 221 (13.30%) Splunk
4 174 (10.47%) Palo Alto
5 149 (8.97%) LogRhythm
6 142 (8.54%) ArcSight
7 131 (7.88%) Microsoft
8 108 (6.50%) McAfee
9 105 (6.32%) VMware
10 90 (5.42%) Symantec
11 82 (4.93%) Juniper
12 79 (4.75%) Fortinet
13 75 (4.51%) Qualys
14 66 (3.97%) CyberArk
14 66 (3.97%) F5
15 64 (3.85%) AlienVault
15 64 (3.85%) Blue Coat
16 56 (3.37%) FireEye
16 56 (3.37%) SolarWinds
17 53 (3.19%) Sourcefire