Period
to 10 July 2020

The following table provides summary statistics for permanent job vacancies with a requirement for SIEM skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited SIEM over the 6 months to 10 July 2020 with a comparison to the same period in the previous 2 years.

Security Information and Event Management (SIEM)
UK
6 months to
10 Jul 2020
Same period 2019 Same period 2018
Rank 246 329 323
Rank change year-on-year +83 -6 +49
Permanent jobs citing SIEM 999 1,462 1,831
As % of all permanent jobs advertised in the UK 1.29% 1.00% 1.03%
As % of the Processes & Methodologies category 1.40% 1.08% 1.12%
Number of salaries quoted 780 1,247 1,400
Median annual salary £57,500 £60,000 £60,000
Median salary % change year-on-year -4.17% - +9.09%
10th Percentile £37,975 £37,500 £39,750
90th Percentile £85,000 £90,000 £86,250
UK excluding London median annual salary £50,000 £55,000 £55,000
% change year-on-year -9.09% - +15.79%

SIEM is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 71,160 135,381 163,380
As % of all permanent IT jobs advertised in the UK 92.16% 92.22% 92.14%
Number of salaries quoted 56,771 106,578 130,934
Median annual salary £55,000 £52,500 £50,000
Median salary % change year-on-year +4.76% +5.00% +3.09%
10th Percentile £31,750 £30,000 £28,906
90th Percentile £90,000 £86,250 £82,500
UK excluding London median annual salary £47,500 £45,000 £45,000
% change year-on-year +5.56% - +5.88%

SIEM
Job Vacancy Trend

Job postings citing SIEM as a proportion of all IT jobs advertised.

Job vacancy trend for SIEM in the UK

SIEM
Salary Trend

3-month moving average salary quoted in jobs citing SIEM.

Salary trend for SIEM in the UK

SIEM
Salary Histogram

Salary distribution for jobs citing SIEM over the 6 months to 10 July 2020.

Salary histogram for SIEM in the UK

SIEM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing SIEM within the UK over the 6 months to 10 July 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +76 895 £60,000 - 57
UK excluding London +79 575 £50,000 -9.09% 39
London +76 409 £65,000 -7.14% 22
South East +65 169 £45,000 -21.74% 10
Midlands +114 142 £57,500 +9.52% 7
West Midlands +68 93 £60,000 +11.63% 6
North of England +79 92 £52,500 +5.00% 11
Scotland +112 71 £45,000 -5.26% 3
Work from Home +32 55 £59,000 -15.71% 11
East Midlands +89 48 £50,750 +9.73% 1
North West +87 43 £52,500 +5.00% 3
East of England -7 40 £65,000 +8.33% 3
South West +56 39 £45,000 -10.00% 4
Yorkshire +62 37 £55,000 +4.76% 5
Wales +29 23 £47,500 +40.74% 1
North East +28 12 £50,000 +17.65% 3
Northern Ireland - 1 £50,000 -

For the 6 months to 10 July 2020, IT jobs citing SIEM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for SIEM.

1 524 (52.45%) Cybersecurity
2 445 (44.54%) Security Operations
3 417 (41.74%) Firewall
4 401 (40.14%) Information Security
5 265 (26.53%) CISSP
5 265 (26.53%) Windows
6 228 (22.82%) Finance
7 205 (20.52%) Azure
8 201 (20.12%) Linux
9 200 (20.02%) Splunk
10 190 (19.02%) Security Operations Centre
11 187 (18.72%) Vulnerability Management
12 180 (18.02%) AWS
13 159 (15.92%) Threat Intelligence
14 158 (15.82%) Microsoft
15 156 (15.62%) Security Cleared
16 151 (15.12%) Penetration Testing
17 150 (15.02%) Office 365
18 144 (14.41%) Python
19 139 (13.91%) Management Information System
20 138 (13.81%) ISO/IEC 27001
21 136 (13.61%) Cyber Threat Intelligence
22 125 (12.51%) LogRhythm
23 124 (12.41%) Network Security
24 121 (12.11%) CISM
24 121 (12.11%) Vulnerability Scanning
25 120 (12.01%) Degree
26 118 (11.81%) ITIL
27 115 (11.51%) TCP/IP
28 113 (11.31%) SC Cleared

SIEM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 23 (2.30%) IIS
2 6 (0.60%) SharePoint
3 5 (0.50%) Confluence
3 5 (0.50%) Elasticsearch
4 3 (0.30%) MS Exchange
5 2 (0.20%) Apache
5 2 (0.20%) BizTalk Server
5 2 (0.20%) WebSphere
6 1 (0.10%) Apache Spark
6 1 (0.10%) Exchange Server 2010
6 1 (0.10%) Exchange Server 2013
6 1 (0.10%) nginx
Applications
1 46 (4.60%) Microsoft Office
2 10 (1.00%) MS Visio
3 8 (0.80%) Microsoft Excel
4 4 (0.40%) Microsoft PowerPoint
Business Applications
1 23 (2.30%) Sentinel
Cloud Services
1 205 (20.52%) Azure
2 180 (18.02%) AWS
3 150 (15.02%) Office 365
4 43 (4.30%) IaaS
4 43 (4.30%) PaaS
5 37 (3.70%) SaaS
6 23 (2.30%) GCP
7 20 (2.00%) Azure Active Directory
8 16 (1.60%) Cloud Computing
9 14 (1.40%) Logic Apps
10 13 (1.30%) Virtual Private Cloud
11 6 (0.60%) OpenShift
12 5 (0.50%) AWS CloudFormation
12 5 (0.50%) Slack
13 4 (0.40%) Cloudflare
13 4 (0.40%) Heroku
13 4 (0.40%) Trello
14 3 (0.30%) Akamai
14 3 (0.30%) Amazon GuardDuty
15 2 (0.20%) Amazon S3
Communications & Networking
1 417 (41.74%) Firewall
2 124 (12.41%) Network Security
3 115 (11.51%) TCP/IP
4 81 (8.11%) Intrusion Detection
5 70 (7.01%) DNS
6 61 (6.11%) VPN
7 51 (5.11%) Internet
8 44 (4.40%) Wireshark
9 32 (3.20%) WAN
9 32 (3.20%) Wireless
10 31 (3.10%) HTTP
11 29 (2.90%) LAN
12 26 (2.60%) DHCP
13 24 (2.40%) SMTP
14 20 (2.00%) IPsec
15 16 (1.60%) DMARC
16 15 (1.50%) tcpdump
17 14 (1.40%) DKIM
18 13 (1.30%) SSL
19 12 (1.20%) VLAN
Database & Business Intelligence
1 15 (1.50%) Data Lake
2 11 (1.10%) Azure SQL Database
2 11 (1.10%) SQL Server
3 10 (1.00%) Big Data
4 7 (0.70%) MySQL
5 3 (0.30%) PostgreSQL
6 2 (0.20%) Redis
7 1 (0.10%) Amazon RDS
7 1 (0.10%) DB2
7 1 (0.10%) Hadoop
7 1 (0.10%) MariaDB
7 1 (0.10%) MongoDB
7 1 (0.10%) Oracle Database
7 1 (0.10%) Oracle Reports
7 1 (0.10%) RDBMS
7 1 (0.10%) Relational Database
7 1 (0.10%) SQL Server Reporting Services
Development Applications
1 36 (3.60%) Metasploit
2 11 (1.10%) Jenkins
3 10 (1.00%) Atlassian Bamboo
3 10 (1.00%) Hudson
3 10 (1.00%) Vagrant
4 9 (0.90%) JIRA
5 6 (0.60%) IDA Disassembler
6 3 (0.30%) Burp Suite
7 1 (0.10%) Bitbucket Server
7 1 (0.10%) Git (software)
7 1 (0.10%) Snyk
7 1 (0.10%) SonarQube
7 1 (0.10%) Subversion
7 1 (0.10%) VSS/SourceSafe
General
1 228 (22.82%) Finance
2 38 (3.80%) Public Sector
3 35 (3.50%) Manufacturing
4 28 (2.80%) Law
5 22 (2.20%) Marketing
6 17 (1.70%) Electronics
6 17 (1.70%) Telecoms
7 14 (1.40%) Banking
8 13 (1.30%) Retail
9 11 (1.10%) Aerospace
10 9 (0.90%) Legal
10 9 (0.90%) Military
11 7 (0.70%) Financial Institution
12 6 (0.60%) Advertising
13 3 (0.30%) Local Government
14 2 (0.20%) French Language
14 2 (0.20%) Investment Banking
15 1 (0.10%) Games
15 1 (0.10%) German Language
15 1 (0.10%) Police
Job Titles
1 350 (35.04%) Analyst
2 266 (26.63%) Security Analyst
3 221 (22.12%) Security Engineer
4 76 (7.61%) SOC Analyst
5 72 (7.21%) Architect
6 66 (6.61%) Security Architect
7 65 (6.51%) Senior Analyst
8 64 (6.41%) Cybersecurity Analyst
9 58 (5.81%) SIEM Engineer
10 57 (5.71%) Consultant
11 52 (5.21%) Security Specialist
12 50 (5.01%) Information Analyst
12 50 (5.01%) Information Security Analyst
13 49 (4.90%) Security Consultant
14 44 (4.40%) Operations Analyst
14 44 (4.40%) Security Operations Analyst
14 44 (4.40%) SOC Engineer
15 39 (3.90%) Cybersecurity Engineer
16 37 (3.70%) SIEM Analyst
17 33 (3.30%) IT Analyst
Libraries, Frameworks & Software Standards
1 15 (1.50%) Web Services
2 10 (1.00%) Regular Expression
3 8 (0.80%) .NET
3 8 (0.80%) SailPoint
4 6 (0.60%) OAuth
5 5 (0.50%) Elastic Stack
5 5 (0.50%) LDAP
6 4 (0.40%) OpenID
6 4 (0.40%) SAML
7 2 (0.20%) ModSecurity
8 1 (0.10%) Ajax
8 1 (0.10%) COM
8 1 (0.10%) CSS
8 1 (0.10%) jQuery
8 1 (0.10%) Laravel
8 1 (0.10%) LEMP Stack
8 1 (0.10%) Memcached
8 1 (0.10%) RabbitMQ
8 1 (0.10%) XML
8 1 (0.10%) XML Messaging
Miscellaneous
1 190 (19.02%) Security Operations Centre
2 139 (13.91%) Management Information System
3 111 (11.11%) Cyberthreat
4 97 (9.71%) Analytical Skills
5 51 (5.11%) Distributed Denial-of-Service
6 36 (3.60%) Data Centre
7 33 (3.30%) Public Cloud
8 32 (3.20%) PKI
9 29 (2.90%) Cyber Kill Chain
9 29 (2.90%) Cyberattack
10 27 (2.70%) Data Protection Act
11 20 (2.00%) Self-Motivation
12 19 (1.90%) Cyber Defence
13 9 (0.90%) Blog
13 9 (0.90%) Internet of Things
14 8 (0.80%) Enterprise Cloud
15 7 (0.70%) Hybrid Cloud
15 7 (0.70%) Private Cloud
16 6 (0.60%) Greenfield Project
17 5 (0.50%) Driving Licence
Operating Systems
1 265 (26.53%) Windows
2 201 (20.12%) Linux
3 94 (9.41%) Unix
4 50 (5.01%) Windows Server
5 32 (3.20%) Mac OS
6 28 (2.80%) Kali Linux
7 21 (2.10%) Windows 10
8 14 (1.40%) Windows Server 2012
9 11 (1.10%) Red Hat Enterprise Linux
10 9 (0.90%) Solaris
11 7 (0.70%) Windows Server 2008
12 6 (0.60%) Windows Server 2016
13 5 (0.50%) Windows 7
14 4 (0.40%) Apple iOS
14 4 (0.40%) VMS
15 1 (0.10%) Debian
15 1 (0.10%) Ubuntu
15 1 (0.10%) Windows Server 2003
Processes & Methodologies
1 524 (52.45%) Cybersecurity
2 445 (44.54%) Security Operations
3 401 (40.14%) Information Security
4 187 (18.72%) Vulnerability Management
5 159 (15.92%) Threat Intelligence
6 151 (15.12%) Penetration Testing
7 136 (13.61%) Cyber Threat Intelligence
8 121 (12.11%) Vulnerability Scanning
9 118 (11.81%) ITIL
10 111 (11.11%) Security Management
11 92 (9.21%) Incident Management
12 91 (9.11%) Analytics
13 90 (9.01%) Kalman Filter
14 73 (7.31%) Risk Management
15 68 (6.81%) Problem-Solving
16 67 (6.71%) Project Management
17 66 (6.61%) Malware Analysis
18 65 (6.51%) Security Monitoring
19 64 (6.41%) Data Protection
20 57 (5.71%) Web Filtering
Programming Languages
1 144 (14.41%) Python
2 95 (9.51%) PowerShell
3 57 (5.71%) Bash Shell
4 44 (4.40%) SQL
5 39 (3.90%) Perl
6 34 (3.40%) Java
7 23 (2.30%) Ruby
8 20 (2.00%) C
8 20 (2.00%) C#
9 18 (1.80%) Go
10 17 (1.70%) JavaScript
11 16 (1.60%) C++
12 11 (1.10%) PHP
13 8 (0.80%) R
14 6 (0.60%) VBA
15 5 (0.50%) Shell Script
16 3 (0.30%) VB.NET
17 1 (0.10%) VB
Qualifications
1 265 (26.53%) CISSP
2 156 (15.62%) Security Cleared
3 121 (12.11%) CISM
4 120 (12.01%) Degree
5 113 (11.31%) SC Cleared
6 104 (10.41%) Cisco Certification
7 75 (7.51%) SANS
8 62 (6.21%) CEH
9 53 (5.31%) CREST Certified
10 45 (4.50%) CCNA
11 40 (4.00%) CISA
12 38 (3.80%) GCIH
13 36 (3.60%) GCIA
13 36 (3.60%) GIAC
14 35 (3.50%) CCSP
15 34 (3.40%) CCNP
15 34 (3.40%) CompTIA Security+
16 33 (3.30%) (ISC)2 CCSP
17 26 (2.60%) Computer Science Degree
17 26 (2.60%) DV Cleared
Quality Assurance & Compliance
1 138 (13.81%) ISO/IEC 27001
2 111 (11.11%) GDPR
3 91 (9.11%) PCI DSS
4 77 (7.71%) NIST
5 32 (3.20%) Cyber Essentials
6 25 (2.50%) HMG Security Policy Framework
6 25 (2.50%) SLA
7 21 (2.10%) Sarbanes-Oxley
8 20 (2.00%) COBIT
9 9 (0.90%) JSP 440
10 8 (0.80%) ISO 9001
10 8 (0.80%) NCSC
11 7 (0.70%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
12 6 (0.60%) Cyber Essentials PLUS
13 5 (0.50%) AICPA
14 1 (0.10%) GAMP
14 1 (0.10%) HIPAA
14 1 (0.10%) HMG Infosec
14 1 (0.10%) NIST 800
14 1 (0.10%) QA
System Software
1 97 (9.71%) Active Directory
2 52 (5.21%) VMware Infrastructure
3 26 (2.60%) Docker
4 24 (2.40%) Snort
5 9 (0.90%) Hyper-V
6 5 (0.50%) Microsoft Virtual Server
6 5 (0.50%) Virtual Servers
7 4 (0.40%) VMware NSX
7 4 (0.40%) vSphere
8 3 (0.30%) VMware ESXi
9 2 (0.20%) LXC
10 1 (0.10%) Citrix Hypervisor
10 1 (0.10%) Virtual Machines
10 1 (0.10%) XenDesktop
Systems Management
1 80 (8.01%) QRadar
2 39 (3.90%) Nessus
3 22 (2.20%) Nagios
3 22 (2.20%) Terraform
4 21 (2.10%) Kubernetes
5 20 (2.00%) Ansible
5 20 (2.00%) Microsoft Intune
5 20 (2.00%) SCCM
6 19 (1.90%) SCOM
7 18 (1.80%) Puppet
8 16 (1.60%) CSIRT
8 16 (1.60%) Opscode Chef
8 16 (1.60%) Single Sign-On
9 12 (1.20%) Computer Incident Response Team
10 11 (1.10%) RSA enVision
11 10 (1.00%) Consul
11 10 (1.00%) Docker Swarm
11 10 (1.00%) Grafana
11 10 (1.00%) Host Intrusion Detection System
11 10 (1.00%) Salt
Vendors
1 200 (20.02%) Splunk
2 158 (15.82%) Microsoft
3 125 (12.51%) LogRhythm
4 93 (9.31%) Cisco
5 85 (8.51%) ArcSight
6 74 (7.41%) VMware
7 59 (5.91%) CheckPoint
8 49 (4.90%) Palo Alto
9 44 (4.40%) CyberArk
10 39 (3.90%) McAfee
11 33 (3.30%) Qualys
12 31 (3.10%) Fortinet
13 24 (2.40%) AlienVault
13 24 (2.40%) Darktrace
14 23 (2.30%) IBM
15 21 (2.10%) SolarWinds
16 19 (1.90%) Carbon Black
16 19 (1.90%) Juniper
17 18 (1.80%) ServiceNow
17 18 (1.80%) Symantec