Period
to 23 February 2019

The following table provides summary statistics for permanent job vacancies with a requirement for Vulnerability Management skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Vulnerability Management over the 6 months to 23 February 2019 with a comparison to the same period in the previous 2 years.

Vulnerability Management
UK
6 months to
23 Feb 2019
Same period 2018 Same period 2017
Rank 490 585 585
Rank change year-on-year +95 0 +150
Permanent jobs citing Vulnerability Management 868 772 729
As % of all permanent IT jobs advertised in the UK 0.58% 0.44% 0.42%
As % of the Processes & Methodologies category 0.63% 0.48% 0.45%
Number of salaries quoted 670 615 583
UK median annual salary £56,500 £61,500 £60,000
Median salary % change year-on-year -8.13% +2.50% +9.09%
10th Percentile £36,500 £40,000 £40,250
90th Percentile £95,000 £85,000 £86,250
UK excluding London median annual salary £47,500 £50,000 £55,000
% change year-on-year -5.00% -9.09% +4.76%

Vulnerability Management is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 138,042 161,756 160,279
As % of all permanent IT jobs advertised in the UK 91.75% 91.80% 91.32%
Number of salaries quoted 108,853 131,609 132,070
UK median annual salary £52,500 £50,000 £47,500
Median salary % change year-on-year +5.00% +5.26% -
10th Percentile £30,000 £28,750 £27,750
90th Percentile £85,000 £80,000 £78,750
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% -

Vulnerability Management
Job Vacancy Trend

Job postings citing Vulnerability Management as a percentage of all IT jobs advertised.

Job vacancy trend for Vulnerability Management in the UK

Vulnerability Management
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Vulnerability Management.

Salary trend for Vulnerability Management in the UK

Vulnerability Management
Salary Histogram

The salary distribution of IT jobs citing Vulnerability Management over the 6 months to 23 February 2019.

Salary histogram for Vulnerability Management in the UK

Vulnerability Management
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Vulnerability Management within the UK over the 6 months to 23 February 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +94 825 £57,500 -4.17% 80
UK excluding London +228 533 £47,500 -5.00% 50
London -58 310 £65,000 -1.89% 33
South East +138 194 £50,000 - 18
North of England +146 176 £45,000 - 14
North West +163 146 £45,000 -28.00% 9
East of England +83 77 £45,000 -10.00% 5
Midlands +44 56 £60,000 +11.63% 5
East Midlands +46 32 £60,000 -7.69% 4
West Midlands +30 30 £60,000 +20.00% 1
Yorkshire +8 29 £52,500 +16.67% 5
Scotland +30 22 £52,500 -22.22% 3
South West +11 17 £61,000 +43.53% 5
Wales +7 3 £62,500 +89.39%
North East +12 1 £32,500 -32.99%

For the 6 months to 23 February 2019, IT jobs citing Vulnerability Management also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for Vulnerability Management.

1 531 (61.18%) Information Security
2 436 (50.23%) SIEM
3 375 (43.20%) Cybersecurity
4 373 (42.97%) CISSP
5 317 (36.52%) Windows
6 300 (34.56%) ISO/IEC 27001
7 287 (33.06%) Firewall
8 279 (32.14%) Finance
9 278 (32.03%) Management Information System
10 274 (31.57%) Linux
11 253 (29.15%) Penetration Testing
12 240 (27.65%) Network Security
13 230 (26.50%) Microsoft
14 210 (24.19%) Security Operations
15 188 (21.66%) SANS
16 183 (21.08%) GDPR
17 178 (20.51%) Data Protection
18 176 (20.28%) Cisco
19 167 (19.24%) Legal
20 164 (18.89%) PCI DSS
21 159 (18.32%) CISM
22 153 (17.63%) VMware
23 152 (17.51%) Business Continuity
24 149 (17.17%) Risk Management
25 148 (17.05%) VMware Infrastructure
26 138 (15.90%) Disaster Recovery
27 133 (15.32%) CREST Certified
28 131 (15.09%) Due Diligence
29 130 (14.98%) CEH
30 128 (14.75%) Wi-Fi

Vulnerability Management
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 24 (2.76%) IIS
1 24 (2.76%) SharePoint
2 22 (2.53%) MS Exchange
3 17 (1.96%) Apache
4 13 (1.50%) Exchange Server 2007
5 10 (1.15%) Tomcat
5 10 (1.15%) WebLogic
6 7 (0.81%) Confluence
7 4 (0.46%) Elasticsearch
7 4 (0.46%) SharePoint Server
8 3 (0.35%) Exchange Server 2010
9 2 (0.23%) Skype for Business
10 1 (0.12%) OpenStack
Applications
1 98 (11.29%) Microsoft PowerPoint
2 18 (2.07%) Microsoft Office
3 13 (1.50%) Microsoft Project
Cloud Services
1 86 (9.91%) Amazon AWS
2 85 (9.79%) Microsoft Azure
3 69 (7.95%) Office 365
4 23 (2.65%) Mimecast
4 23 (2.65%) SaaS
5 18 (2.07%) Google Cloud Platform
5 18 (2.07%) IaaS
6 16 (1.84%) PaaS
7 13 (1.50%) Dropbox
7 13 (1.50%) OneDrive
7 13 (1.50%) OpenDNS
8 12 (1.38%) Cloud Computing
9 7 (0.81%) Serverless
10 6 (0.69%) Amazon EC2
10 6 (0.69%) Amazon S3
10 6 (0.69%) AWS CloudTrail
10 6 (0.69%) AWS Lambda
10 6 (0.69%) Virtual Private Cloud
11 4 (0.46%) Cloudflare
12 3 (0.35%) Azure Active Directory
Communications & Networking
1 287 (33.06%) Firewall
2 240 (27.65%) Network Security
3 128 (14.75%) Wi-Fi
4 105 (12.10%) TCP/IP
5 91 (10.48%) Intrusion Detection
6 63 (7.26%) VPN
7 55 (6.34%) WAN
8 53 (6.11%) LAN
9 48 (5.53%) DNS
10 43 (4.95%) BGP
11 37 (4.26%) IPsec
12 36 (4.15%) VLAN
13 30 (3.46%) Internet
14 27 (3.11%) Cisco Nexus
14 27 (3.11%) EIGRP
15 25 (2.88%) SSL
16 23 (2.65%) VoIP
17 18 (2.07%) WLAN
18 17 (1.96%) Cisco IOS
18 17 (1.96%) OSPF
Database & Business Intelligence
1 25 (2.88%) Big Data
2 10 (1.15%) Geospatial Data
3 6 (0.69%) Amazon RDS
4 4 (0.46%) PostgreSQL
5 3 (0.35%) GIS
5 3 (0.35%) SQL Server
6 2 (0.23%) InfluxDB
6 2 (0.23%) MongoDB
6 2 (0.23%) MySQL
7 1 (0.12%) Oracle Database
7 1 (0.12%) Oracle Reports
Development Applications
1 12 (1.38%) Metasploit
2 11 (1.27%) JIRA
3 6 (0.69%) AppScan
4 2 (0.23%) Burp Suite
5 1 (0.12%) Hudson
5 1 (0.12%) Oracle Forms
General
1 279 (32.14%) Finance
2 167 (19.24%) Legal
3 45 (5.18%) Marketing
4 43 (4.95%) Banking
5 42 (4.84%) Retail
6 17 (1.96%) Telecoms
7 14 (1.61%) Military
8 10 (1.15%) Law
9 6 (0.69%) Back Office
10 5 (0.58%) Aerospace
10 5 (0.58%) Electronics
11 4 (0.46%) Advertising
11 4 (0.46%) Billing
11 4 (0.46%) German Language
11 4 (0.46%) International Banking
11 4 (0.46%) Mandarin Language
11 4 (0.46%) Russian Language
12 3 (0.35%) Investment Banking
13 2 (0.23%) Brand Awareness
Job Titles
1 349 (40.21%) Analyst
2 281 (32.37%) Security Analyst
3 146 (16.82%) Senior Analyst
4 141 (16.24%) IT Analyst
4 141 (16.24%) IT Security Analyst
5 138 (15.90%) Senior Security Analyst
6 116 (13.36%) Security Engineer
7 102 (11.75%) Senior IT Security Analyst
8 67 (7.72%) Cybersecurity Analyst
8 67 (7.72%) Security Manager
9 46 (5.30%) Head of Security
10 45 (5.18%) Information Analyst
10 45 (5.18%) Information Security Analyst
11 43 (4.95%) Architect
12 42 (4.84%) SOC Analyst
13 39 (4.49%) Consultant
14 37 (4.26%) Information Manager
15 36 (4.15%) Information Security Manager
15 36 (4.15%) Security Consultant
16 35 (4.03%) Head of Information
Libraries, Frameworks & Software Standards
1 27 (3.11%) SailPoint
2 22 (2.53%) Regular Expression
3 15 (1.73%) Web Services
4 5 (0.58%) Elastic Stack
4 5 (0.58%) REST
5 4 (0.46%) Middleware
6 3 (0.35%) OAuth
6 3 (0.35%) SAML
7 2 (0.23%) CSS
7 2 (0.23%) HTML
8 1 (0.12%) 802.1X
8 1 (0.12%) LAMP
8 1 (0.12%) LDAP
8 1 (0.12%) OpenID
Miscellaneous
1 278 (32.03%) Management Information System
2 127 (14.63%) Analytical Skills
3 123 (14.17%) Cyber Kill Chain
4 90 (10.37%) Security Operations Centre
5 64 (7.37%) Data Centre
6 54 (6.22%) Self-Motivation
7 35 (4.03%) Data Protection Act
8 33 (3.80%) PKI
9 26 (3.00%) Cyberthreat
10 24 (2.76%) Cyberattack
11 22 (2.53%) Distributed Denial-of-Service
12 18 (2.07%) CESG
12 18 (2.07%) Fintech
12 18 (2.07%) Public Cloud
13 11 (1.27%) Enterprise Software
14 9 (1.04%) Enterprise Cloud
15 8 (0.92%) Linux Command Line
15 8 (0.92%) NHS
15 8 (0.92%) Virtual Team
16 6 (0.69%) Cyber Defence
Operating Systems
1 317 (36.52%) Windows
2 274 (31.57%) Linux
3 58 (6.68%) Windows Server
4 53 (6.11%) Unix
5 39 (4.49%) Windows Server 2008
6 30 (3.46%) Windows Server 2012
7 20 (2.30%) Windows 7
8 19 (2.19%) AIX
9 18 (2.07%) Windows 10
10 14 (1.61%) Kali Linux
11 13 (1.50%) Mac OS X
12 7 (0.81%) Debian
13 6 (0.69%) Red Hat Enterprise Linux
14 5 (0.58%) Apple iOS
15 3 (0.35%) CentOS
15 3 (0.35%) Mac OS
15 3 (0.35%) Solaris
16 2 (0.23%) VMS
17 1 (0.12%) Fedora
17 1 (0.12%) SUSE
Processes & Methodologies
1 531 (61.18%) Information Security
2 436 (50.23%) SIEM
3 375 (43.20%) Cybersecurity
4 253 (29.15%) Penetration Testing
5 210 (24.19%) Security Operations
6 178 (20.51%) Data Protection
7 152 (17.51%) Business Continuity
8 149 (17.17%) Risk Management
9 138 (15.90%) Disaster Recovery
10 131 (15.09%) Due Diligence
11 127 (14.63%) Mentoring
12 126 (14.52%) Incident Management
13 120 (13.82%) Risk Analysis
14 118 (13.59%) Threat Analysis
15 99 (11.41%) Identity Access Management
15 99 (11.41%) Scenario Testing
16 98 (11.29%) Web Development
17 97 (11.18%) Problem-Solving
18 90 (10.37%) ITIL
19 81 (9.33%) Threat Intelligence
Programming Languages
1 119 (13.71%) SQL
2 68 (7.83%) PowerShell
3 47 (5.41%) Python
4 26 (3.00%) Java
5 15 (1.73%) Bash Shell
6 14 (1.61%) Perl
7 11 (1.27%) Ruby
8 9 (1.04%) C
9 7 (0.81%) Shell Script
10 5 (0.58%) Go
10 5 (0.58%) PHP
11 3 (0.35%) C#
11 3 (0.35%) JavaScript
12 2 (0.23%) C++
Qualifications
1 373 (42.97%) CISSP
2 188 (21.66%) SANS
3 159 (18.32%) CISM
4 133 (15.32%) CREST Certified
5 130 (14.98%) CEH
6 107 (12.33%) Degree
7 100 (11.52%) CISA
8 89 (10.25%) Cisco Certification
9 86 (9.91%) GIAC
10 66 (7.60%) SSCP
11 61 (7.03%) CCNA
12 52 (5.99%) CCNP
13 42 (4.84%) GCIA
14 41 (4.72%) CompTIA Security+
15 37 (4.26%) CCIE
16 36 (4.15%) OSCP
17 35 (4.03%) GCIH
18 33 (3.80%) Security Cleared
19 25 (2.88%) Computer Science Degree
19 25 (2.88%) GISF
Quality Assurance & Compliance
1 300 (34.56%) ISO/IEC 27001
2 183 (21.08%) GDPR
3 164 (18.89%) PCI DSS
4 65 (7.49%) Cyber Essentials
5 43 (4.95%) SLA
6 40 (4.61%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 30 (3.46%) Sarbanes-Oxley
8 21 (2.42%) COBIT
9 8 (0.92%) Cyber Essentials PLUS
10 5 (0.58%) PMO
10 5 (0.58%) QA
11 4 (0.46%) COSO
12 3 (0.35%) HIPAA
12 3 (0.35%) ISO 31000
13 1 (0.12%) GAMP
13 1 (0.12%) Government Security Classifications
13 1 (0.12%) GPG13
13 1 (0.12%) JSP 440
13 1 (0.12%) RMADS
13 1 (0.12%) SSAE 16
System Software
1 148 (17.05%) VMware Infrastructure
2 84 (9.68%) Active Directory
3 18 (2.07%) vSphere
4 17 (1.96%) VMware Workstation
5 14 (1.61%) XenDesktop
6 13 (1.50%) BitLocker
6 13 (1.50%) Microsoft App-V
6 13 (1.50%) VMware ESXi
7 12 (1.38%) Snort
8 6 (0.69%) Virtual Servers
8 6 (0.69%) XenApp
9 5 (0.58%) Hyper-V
10 4 (0.46%) Virtual Machines
11 3 (0.35%) ProxySG
12 2 (0.23%) Docker
13 1 (0.12%) KVM
13 1 (0.12%) Microsoft Virtual Server
13 1 (0.12%) PowerHA
13 1 (0.12%) Veritas Cluster Server
13 1 (0.12%) XenServer
Systems Management
1 89 (10.25%) Nessus
2 70 (8.06%) SCCM
3 46 (5.30%) CSIRT
4 42 (4.84%) Norton AntiVirus
5 40 (4.61%) McAfee ePO
6 33 (3.80%) QRadar
7 32 (3.69%) CASB
8 30 (3.46%) Symantec Endpoint Protection
9 23 (2.65%) Host Intrusion Detection System
10 20 (2.30%) SCOM
11 17 (1.96%) Network Intrusion Detection System
12 15 (1.73%) Puppet
12 15 (1.73%) WSUS
13 14 (1.61%) Opscode Chef
14 13 (1.50%) PowerCLI
15 11 (1.27%) Computer Incident Response Team
15 11 (1.27%) Nmap
16 9 (1.04%) Computer Emergency Response Teams
16 9 (1.04%) IBM BigFix
16 9 (1.04%) Nagios
Vendors
1 230 (26.50%) Microsoft
2 176 (20.28%) Cisco
3 153 (17.63%) VMware
4 99 (11.41%) Qualys
5 95 (10.94%) Splunk
6 91 (10.48%) Symantec
7 65 (7.49%) LogRhythm
8 61 (7.03%) CheckPoint
9 59 (6.80%) McAfee
10 42 (4.84%) ArcSight
10 42 (4.84%) Palo Alto
11 39 (4.49%) Juniper
12 37 (4.26%) Meraki
13 36 (4.15%) Oracle
14 33 (3.80%) IBM
15 31 (3.57%) Citrix
16 30 (3.46%) Blue Coat
17 29 (3.34%) Forcepoint
18 27 (3.11%) Aveksa
19 25 (2.88%) FireEye