Period
to 13 December 2017

The following table provides summary statistics for permanent job vacancies with a requirement for Vulnerability Management skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Vulnerability Management over the 6 months to 13 December 2017 with a comparison to the same period in the previous 2 years.

Vulnerability Management
UK
6 months to
13 Dec 2017
Same period 2016 Same period 2015
Rank 606 569 744
Rank change year-on-year -37 +175 +260
Permanent jobs citing Vulnerability Management 705 821 611
As % of all permanent IT jobs advertised in the UK 0.39% 0.44% 0.29%
As % of the Processes & Methodologies category 0.44% 0.49% 0.32%
Number of salaries quoted 552 650 508
UK median annual salary £60,000 £62,500 £55,000
Median salary % change year-on-year -4.00% +13.64% +4.76%
10th Percentile £40,775 £40,000 £36,250
90th Percentile £85,000 £86,250 £82,500
UK excluding London median annual salary £50,000 £55,000 £49,500
% change year-on-year -9.09% +11.11% +23.75%

Vulnerability Management is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 162001 166293 190317
As % of all permanent IT jobs advertised in the UK 89.94% 89.45% 88.90%
Number of salaries quoted 128391 137865 157487
UK median annual salary £50,000 £49,500 £47,500
Median salary % change year-on-year +1.01% +4.21% +5.56%
10th Percentile £28,750 £28,094 £27,500
90th Percentile £80,000 £80,000 £77,500
UK excluding London median annual salary £44,500 £42,500 £42,500
% change year-on-year +4.71% - +6.25%

Vulnerability Management
Job Vacancy Trend

Job postings citing Vulnerability Management as a percentage of all IT jobs advertised.

Job vacancy trend for Vulnerability Management in the UK

Vulnerability Management
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Vulnerability Management.

Salary trend for Vulnerability Management in the UK

Vulnerability Management
Salary Histogram

The salary distribution of IT jobs citing Vulnerability Management over the 6 months to 13 December 2017.

Salary histogram for Vulnerability Management in the UK

Vulnerability Management
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Vulnerability Management within the UK over the 6 months to 13 December 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -32 667 £60,000 -4.00% 48
London -24 439 £65,000 -7.14% 21
UK excluding London -67 235 £50,000 -9.09% 29
South East +2 99 £52,500 -4.55% 4
North of England -24 50 £45,000 -10.00% 14
East of England +14 30 £45,000 - 6
Midlands -8 29 £54,250 +14.21% 3
Yorkshire +14 28 £42,500 +30.77% 11
West Midlands -10 24 £53,500 +12.63% 1
South West -4 19 £42,500 -22.73%
North West -37 18 £62,500 +25.00% 3
East Midlands +20 5 £57,500 +4.55% 1
Wales +16 5 £33,000 +65.00%
Scotland -27 5 £45,000 -10.00% 2
North East -3 4 £48,500 +7.78%
Northern Ireland - 2 £60,000 -

For the 6 months to 13 December 2017, IT jobs citing Vulnerability Management also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for Vulnerability Management.

1 478 (67.80%) Information Security
2 411 (58.30%) SIEM
3 404 (57.30%) CISSP
4 368 (52.20%) Firewall
5 323 (45.82%) Cybersecurity
6 273 (38.72%) Security Operations
7 264 (37.45%) CISM
8 250 (35.46%) ISO/IEC 27001
9 240 (34.04%) Windows
10 218 (30.92%) Linux
11 213 (30.21%) Finance
12 209 (29.65%) Penetration Testing
13 181 (25.67%) Network Security
13 181 (25.67%) Vulnerability Scanning
14 152 (21.56%) Data Protection
15 139 (19.72%) CISA
16 138 (19.57%) Security Architecture
17 137 (19.43%) TCP/IP
18 131 (18.58%) Management Information System
19 129 (18.30%) PCI DSS
20 128 (18.16%) ITIL
20 128 (18.16%) Active Directory
21 122 (17.30%) GIAC
22 121 (17.16%) Data Loss Prevention
23 116 (16.45%) Banking
24 113 (16.03%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
25 108 (15.32%) Degree
26 107 (15.18%) Incident Management
27 106 (15.04%) Data Protection Act
28 105 (14.89%) Windows Server

Vulnerability Management
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 37 (5.25%) SharePoint
2 11 (1.56%) IIS
3 7 (0.99%) Apache
4 6 (0.85%) JBoss
5 5 (0.71%) Tomcat
6 4 (0.57%) MS Exchange
7 3 (0.43%) Apache Spark
7 3 (0.43%) Exchange Server 2007
8 2 (0.28%) iPlanet
8 2 (0.28%) OpenStack
8 2 (0.28%) Skype for Business
8 2 (0.28%) WebLogic
8 2 (0.28%) WebSphere
8 2 (0.28%) WebSphere Application Server
9 1 (0.14%) Exchange Server 2010
9 1 (0.14%) Exchange Server 2013
9 1 (0.14%) nginx
Applications
1 18 (2.55%) Microsoft Office
2 8 (1.13%) Microsoft Excel
3 4 (0.57%) Microsoft PowerPoint
4 2 (0.28%) Spreadsheet
Business Applications
1 22 (3.12%) Dynamics CRM
2 2 (0.28%) Sentinel
3 1 (0.14%) SunGard APT
Cloud Services
1 77 (10.92%) Amazon AWS
2 52 (7.38%) Microsoft Azure
3 25 (3.55%) OneDrive
4 24 (3.40%) Office 365
5 11 (1.56%) IaaS
6 9 (1.28%) PaaS
7 8 (1.13%) Mimecast
7 8 (1.13%) SaaS
8 3 (0.43%) Cloud Computing
8 3 (0.43%) OpenDNS
9 2 (0.28%) Google Cloud Platform
9 2 (0.28%) Virtual Private Cloud
10 1 (0.14%) AWS CloudFormation
10 1 (0.14%) AWS Lambda
10 1 (0.14%) Serverless
Communications & Networking
1 368 (52.20%) Firewall
2 181 (25.67%) Network Security
3 137 (19.43%) TCP/IP
4 67 (9.50%) Intrusion Detection
5 42 (5.96%) VPN
6 30 (4.26%) WAN
7 28 (3.97%) LAN
8 24 (3.40%) Wireless
9 23 (3.26%) DNS
10 19 (2.70%) Internet
11 18 (2.55%) SSL
12 17 (2.41%) DHCP
12 17 (2.41%) VLAN
13 15 (2.13%) Cisco ASA
14 12 (1.70%) DMZ
15 11 (1.56%) SAN
16 9 (1.28%) HTTP
16 9 (1.28%) IPsec
16 9 (1.28%) SNMP
17 8 (1.13%) VoIP
Database & Business Intelligence
1 17 (2.41%) SQL Server
2 10 (1.42%) Big Data
3 5 (0.71%) MySQL
4 3 (0.43%) Hadoop
4 3 (0.43%) Relational Database
5 2 (0.28%) Apache Cassandra
5 2 (0.28%) GIS
5 2 (0.28%) MongoDB
5 2 (0.28%) NoSQL
6 1 (0.14%) SQL Server 2008
6 1 (0.14%) SQL Server 2012
6 1 (0.14%) SQL Server 2014
Development Applications
1 13 (1.84%) Metasploit
2 11 (1.56%) Burp Suite
3 3 (0.43%) Sonatype Nexus
4 2 (0.28%) AppScan
4 2 (0.28%) FxCop
4 2 (0.28%) SonarQube
5 1 (0.14%) GitLab
General
1 213 (30.21%) Finance
2 116 (16.45%) Banking
3 49 (6.95%) Legal
4 45 (6.38%) Law
5 21 (2.98%) Telecoms
6 16 (2.27%) Investment Banking
7 11 (1.56%) Financial Institution
8 7 (0.99%) Multimedia
9 6 (0.85%) Electronics
9 6 (0.85%) Manufacturing
9 6 (0.85%) Marketing
9 6 (0.85%) Military
9 6 (0.85%) Retail
10 5 (0.71%) Games
11 3 (0.43%) Advertising
11 3 (0.43%) International Banking
12 2 (0.28%) Retail Banking
13 1 (0.14%) Back Office
13 1 (0.14%) French Language
Job Titles
1 228 (32.34%) Analyst
2 179 (25.39%) Security Analyst
3 123 (17.45%) Security Engineer
4 110 (15.60%) Security Manager
5 60 (8.51%) Consultant
5 60 (8.51%) IT Engineer
6 59 (8.37%) IT Security Engineer
7 58 (8.23%) IT Analyst
8 51 (7.23%) IT Security Analyst
8 51 (7.23%) Security Consultant
9 50 (7.09%) Information Analyst
9 50 (7.09%) Information Security Analyst
10 45 (6.38%) IT Manager
10 45 (6.38%) IT Security Manager
10 45 (6.38%) Operations Analyst
10 45 (6.38%) Operations Engineer
10 45 (6.38%) Security Specialist
11 43 (6.10%) Security Operations Analyst
12 40 (5.67%) Architect
13 37 (5.25%) Security Architect
Libraries, Frameworks & Software Standards
1 22 (3.12%) Web Services
2 13 (1.84%) SailPoint
3 8 (1.13%) Middleware
4 4 (0.57%) Elastic Stack
4 4 (0.57%) OAuth
4 4 (0.57%) SAML
5 3 (0.43%) PCRE
5 3 (0.43%) Regular Expression
5 3 (0.43%) RESTful
6 2 (0.28%) FIX Protocol
6 2 (0.28%) IBM Integration Bus
6 2 (0.28%) WebSphere MQ
7 1 (0.14%) .NET
Miscellaneous
1 131 (18.58%) Management Information System
2 106 (15.04%) Data Protection Act
3 66 (9.36%) Analytical Skills
4 56 (7.94%) Cyberthreat
4 56 (7.94%) Security Operations Centre
5 48 (6.81%) Computer Science
6 24 (3.40%) Distributed Denial-of-Service
7 22 (3.12%) PKI
8 20 (2.84%) Cyber Attack
9 15 (2.13%) Data Centre
10 9 (1.28%) CESG
11 8 (1.13%) Cyber Defence
11 8 (1.13%) Private Cloud
11 8 (1.13%) Public Cloud
12 6 (0.85%) Blackberry
12 6 (0.85%) BYOD
12 6 (0.85%) Cybercrime
13 5 (0.71%) Fintech
13 5 (0.71%) Greenfield Project
13 5 (0.71%) Mainframe
Operating Systems
1 240 (34.04%) Windows
2 218 (30.92%) Linux
3 105 (14.89%) Windows Server
4 71 (10.07%) Unix
5 44 (6.24%) Apple iOS
6 38 (5.39%) Mac OS X
7 21 (2.98%) Kali Linux
8 9 (1.28%) VMS
9 7 (0.99%) Windows 10
10 6 (0.85%) Android
11 5 (0.71%) Red Hat Enterprise Linux
11 5 (0.71%) Windows Server 2008
12 3 (0.43%) AIX
12 3 (0.43%) CentOS
12 3 (0.43%) Debian
12 3 (0.43%) Solaris
12 3 (0.43%) Ubuntu
12 3 (0.43%) Windows 7
12 3 (0.43%) Windows Server 2012
Processes & Methodologies
1 478 (67.80%) Information Security
2 411 (58.30%) SIEM
3 323 (45.82%) Cybersecurity
4 273 (38.72%) Security Operations
5 209 (29.65%) Penetration Testing
6 181 (25.67%) Vulnerability Scanning
7 152 (21.56%) Data Protection
8 138 (19.57%) Security Architecture
9 128 (18.16%) ITIL
10 121 (17.16%) Data Loss Prevention
11 107 (15.18%) Incident Management
12 102 (14.47%) Agile Software Development
13 95 (13.48%) Risk Management
14 82 (11.63%) DRM
15 75 (10.64%) Identity Access Management
16 64 (9.08%) Security Monitoring
17 54 (7.66%) Stakeholder Management
18 49 (6.95%) Vulnerability Assessment
19 48 (6.81%) Security Management
20 46 (6.52%) Analytics
Programming Languages
1 68 (9.65%) Python
2 45 (6.38%) PowerShell
3 41 (5.82%) Perl
4 40 (5.67%) SQL
5 37 (5.25%) Ruby
6 35 (4.96%) Bash Shell
7 34 (4.82%) C#
8 23 (3.26%) Korn
9 22 (3.12%) Bourne shell
10 16 (2.27%) Java
11 12 (1.70%) C
12 4 (0.57%) PHP
13 3 (0.43%) Shell Script
14 2 (0.28%) VB
15 1 (0.14%) C++
15 1 (0.14%) C-shell
15 1 (0.14%) Go
15 1 (0.14%) VB.NET
Qualifications
1 404 (57.30%) CISSP
2 264 (37.45%) CISM
3 139 (19.72%) CISA
4 122 (17.30%) GIAC
5 108 (15.32%) Degree
6 82 (11.63%) CEH
7 64 (9.08%) Cisco Certification
8 53 (7.52%) GCIH
9 40 (5.67%) SANS
10 39 (5.53%) OSCP
11 36 (5.11%) CCNP
12 34 (4.82%) CREST Certified
12 34 (4.82%) SSCP
13 30 (4.26%) GCIA
14 29 (4.11%) CCNA
15 28 (3.97%) Security Cleared
16 27 (3.83%) CISMP
17 25 (3.55%) GSEC
18 24 (3.40%) Computer Science Degree
18 24 (3.40%) CRISC
Quality Assurance & Compliance
1 250 (35.46%) ISO/IEC 27001
2 129 (18.30%) PCI DSS
3 113 (16.03%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 64 (9.08%) GDPR
5 26 (3.69%) Cyber Essentials
6 15 (2.13%) COBIT
7 9 (1.28%) SLA
8 8 (1.13%) ISO 22301
9 7 (0.99%) Cyber Essentials PLUS
10 6 (0.85%) ISO/IEC 27005
10 6 (0.85%) PMO
11 5 (0.71%) Government Security Classifications
12 4 (0.57%) ISO 31000
12 4 (0.57%) ISO 9001
12 4 (0.57%) ISO/IEC 20000
12 4 (0.57%) Sarbanes-Oxley
13 3 (0.43%) GPG13
14 2 (0.28%) BS25999
15 1 (0.14%) HIPAA
15 1 (0.14%) HMG Security Policy Framework
System Software
1 128 (18.16%) Active Directory
2 25 (3.55%) VMware Infrastructure
3 23 (3.26%) Virtual Machines
4 14 (1.99%) Snort
5 9 (1.28%) vSphere
6 6 (0.85%) Hyper-V
7 5 (0.71%) BitLocker
7 5 (0.71%) XenApp
8 4 (0.57%) Virtual Desktop
9 3 (0.43%) Docker
9 3 (0.43%) HDFS
9 3 (0.43%) pfSense
10 2 (0.28%) Virtual Servers
11 1 (0.14%) VMware NSX
Systems Management
1 79 (11.21%) Nessus
2 39 (5.53%) QRadar
3 36 (5.11%) CSIRT
4 30 (4.26%) SCCM
5 25 (3.55%) OpenVAS
6 24 (3.40%) McAfee ePO
7 21 (2.98%) Core Impact
7 21 (2.98%) Nexpose
8 19 (2.70%) WSUS
9 17 (2.41%) FortiGate
10 13 (1.84%) PowerBroker
10 13 (1.84%) RSA Security Analytics
11 12 (1.70%) Host Intrusion Detection System
12 10 (1.42%) Nmap
13 9 (1.28%) EnCase
13 9 (1.28%) Suricata
14 7 (0.99%) Norton AntiVirus
15 6 (0.85%) Computer Emergency Response Teams
16 3 (0.43%) Kubernetes
16 3 (0.43%) Network Intrusion Detection System
Vendors
1 86 (12.20%) Cisco
1 86 (12.20%) Microsoft
2 66 (9.36%) Palo Alto
3 61 (8.65%) LogRhythm
4 59 (8.37%) Qualys
5 58 (8.23%) Splunk
6 57 (8.09%) CheckPoint
7 42 (5.96%) McAfee
8 41 (5.82%) Fortinet
8 41 (5.82%) VMware
9 40 (5.67%) Apple
10 39 (5.53%) Symantec
11 38 (5.39%) ArcSight
12 30 (4.26%) Oracle
13 29 (4.11%) CyberArk
14 28 (3.97%) F5
15 26 (3.69%) Juniper
16 22 (3.12%) AlienVault
17 18 (2.55%) Forcepoint
18 17 (2.41%) Varonis