Period
to 17 November 2018

The following table provides summary statistics for permanent job vacancies with a requirement for Vulnerability Management skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Vulnerability Management over the 6 months to 17 November 2018 with a comparison to the same period in the previous 2 years.

Vulnerability Management
UK
6 months to
17 Nov 2018
Same period 2017 Same period 2016
Rank 433 632 596
Rank change year-on-year +199 -36 +160
Permanent jobs citing Vulnerability Management 1,110 672 810
As % of all permanent IT jobs advertised in the UK 0.69% 0.37% 0.43%
As % of the Processes & Methodologies category 0.75% 0.41% 0.47%
Number of salaries quoted 840 533 647
UK median annual salary £60,000 £60,000 £62,500
Median salary % change year-on-year - -4.00% +13.64%
10th Percentile £40,500 £40,000 £42,500
90th Percentile £82,500 £85,000 £85,000
UK excluding London median annual salary £52,500 £50,000 £53,000
% change year-on-year +5.00% -5.66% +11.58%

Vulnerability Management is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 147,510 164,941 172,927
As % of all permanent IT jobs advertised in the UK 91.11% 91.47% 90.93%
Number of salaries quoted 117,253 130,473 143,786
UK median annual salary £50,000 £50,000 £48,000
Median salary % change year-on-year - +4.17% +1.05%
10th Percentile £29,000 £28,250 £27,500
90th Percentile £84,000 £80,000 £78,750
UK excluding London median annual salary £45,000 £43,000 £42,500
% change year-on-year +4.65% +1.18% -

Vulnerability Management
Job Vacancy Trend

Job postings citing Vulnerability Management as a percentage of all IT jobs advertised.

Job vacancy trend for Vulnerability Management in the UK

Vulnerability Management
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Vulnerability Management.

Salary trend for Vulnerability Management in the UK

Vulnerability Management
Salary Histogram

The salary distribution of IT jobs citing Vulnerability Management over the 6 months to 17 November 2018.

Salary histogram for Vulnerability Management in the UK

Vulnerability Management
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Vulnerability Management within the UK over the 6 months to 17 November 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +192 1,060 £60,000 - 73
UK excluding London +277 601 £52,500 +5.00% 47
London +84 493 £65,000 - 35
North of England +179 200 £45,000 -10.00% 7
East of England +148 151 £54,500 +9.00% 11
North West +138 147 £45,000 -28.00% 1
South East +55 132 £60,000 +14.29% 14
Midlands +59 61 £57,500 +7.48% 5
Yorkshire +64 50 £55,000 +15.79% 5
Scotland +33 43 £65,000 +49.43% 8
East Midlands +46 35 £57,500 - 4
West Midlands +41 26 £52,500 -1.87% 1
South West +4 20 £62,000 +47.67% 1
North East -11 3 £25,000 -49.24% 1
Wales -1 1 £38,000 +15.15%

For the 6 months to 17 November 2018, IT jobs citing Vulnerability Management also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for Vulnerability Management.

1 647 (58.29%) Information Security
2 573 (51.62%) SIEM
3 543 (48.92%) Cybersecurity
4 452 (40.72%) CISSP
5 424 (38.20%) Firewall
6 377 (33.96%) Windows
7 374 (33.69%) ISO/IEC 27001
8 326 (29.37%) Linux
9 304 (27.39%) Network Security
10 297 (26.76%) Security Operations
11 278 (25.05%) Management Information System
11 278 (25.05%) Finance
12 248 (22.34%) Penetration Testing
13 238 (21.44%) Data Protection
14 209 (18.83%) GDPR
15 196 (17.66%) Risk Management
16 193 (17.39%) PCI DSS
17 192 (17.30%) Microsoft
18 177 (15.95%) Qualys
19 169 (15.23%) CISM
20 156 (14.05%) Business Continuity
20 156 (14.05%) Incident Management
21 155 (13.96%) Cisco
21 155 (13.96%) SANS
22 153 (13.78%) Splunk
23 148 (13.33%) Disaster Recovery
24 138 (12.43%) Vulnerability Scanning
25 136 (12.25%) Legal
26 133 (11.98%) Security Architecture
27 129 (11.62%) CEH

Vulnerability Management
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 21 (1.89%) IIS
1 21 (1.89%) MS Exchange
2 16 (1.44%) SharePoint
3 14 (1.26%) Apache
4 5 (0.45%) Tomcat
4 5 (0.45%) WebLogic
5 4 (0.36%) Confluence
5 4 (0.36%) Exchange Server 2007
5 4 (0.36%) SharePoint Server
6 3 (0.27%) Exchange Server 2010
7 2 (0.18%) Apache Spark
7 2 (0.18%) Elasticsearch
7 2 (0.18%) Skype for Business
8 1 (0.090%) OpenStack
Applications
1 83 (7.48%) Microsoft PowerPoint
2 28 (2.52%) Microsoft Office
3 8 (0.72%) Microsoft Project
4 3 (0.27%) MS Visio
5 1 (0.090%) Microsoft Excel
Cloud Services
1 125 (11.26%) Amazon AWS
2 114 (10.27%) Microsoft Azure
3 57 (5.14%) Office 365
4 33 (2.97%) SaaS
5 27 (2.43%) PaaS
6 19 (1.71%) Mimecast
7 14 (1.26%) Cloud Computing
8 13 (1.17%) Amazon EC2
8 13 (1.17%) Amazon S3
8 13 (1.17%) AWS CloudTrail
8 13 (1.17%) AWS Lambda
8 13 (1.17%) Serverless
8 13 (1.17%) Virtual Private Cloud
9 11 (0.99%) Google Cloud Platform
9 11 (0.99%) IaaS
10 4 (0.36%) OpenDNS
10 4 (0.36%) Route 53
11 3 (0.27%) Azure Active Directory
11 3 (0.27%) Dropbox
11 3 (0.27%) OneDrive
Communications & Networking
1 424 (38.20%) Firewall
2 304 (27.39%) Network Security
3 124 (11.17%) TCP/IP
4 111 (10.00%) Wi-Fi
5 89 (8.02%) Intrusion Detection
6 84 (7.57%) VPN
7 66 (5.95%) WAN
8 65 (5.86%) LAN
9 43 (3.87%) DNS
10 35 (3.15%) SSL
11 25 (2.25%) VLAN
12 23 (2.07%) Internet
13 22 (1.98%) IPsec
14 21 (1.89%) WLAN
15 20 (1.80%) VoIP
16 18 (1.62%) Wireless
17 17 (1.53%) FTP
18 14 (1.26%) BGP
18 14 (1.26%) DHCP
18 14 (1.26%) OSPF
Database & Business Intelligence
1 28 (2.52%) Big Data
2 13 (1.17%) Amazon RDS
3 11 (0.99%) Geospatial Data
4 4 (0.36%) Amazon DynamoDB
4 4 (0.36%) GIS
5 3 (0.27%) Hadoop
5 3 (0.27%) SQL Server
6 2 (0.18%) Apache Hive
6 2 (0.18%) InfluxDB
6 2 (0.18%) MongoDB
6 2 (0.18%) PostgreSQL
6 2 (0.18%) SQL Server 2008
6 2 (0.18%) SQL Server 2014
7 1 (0.090%) Oracle Database
7 1 (0.090%) Oracle Reports
Development Applications
1 21 (1.89%) Metasploit
2 5 (0.45%) JIRA
3 3 (0.27%) Burp Suite
4 1 (0.090%) Bitbucket
4 1 (0.090%) Git (software)
4 1 (0.090%) Jenkins
General
1 278 (25.05%) Finance
2 136 (12.25%) Legal
3 107 (9.64%) Banking
4 81 (7.30%) Investment Banking
5 55 (4.95%) Retail
6 30 (2.70%) Telecoms
7 18 (1.62%) Law
8 10 (0.90%) Financial Institution
9 9 (0.81%) Advertising
10 8 (0.72%) Billing
10 8 (0.72%) Electronics
10 8 (0.72%) Military
11 7 (0.63%) Marketing
12 6 (0.54%) Back Office
12 6 (0.54%) Games
13 4 (0.36%) French Language
13 4 (0.36%) German Language
13 4 (0.36%) International Banking
13 4 (0.36%) Italian Language
14 2 (0.18%) Russian Language
Job Titles
1 322 (29.01%) Analyst
2 260 (23.42%) Security Analyst
3 156 (14.05%) Security Engineer
4 122 (10.99%) Senior Analyst
5 120 (10.81%) IT Analyst
5 120 (10.81%) IT Security Analyst
5 120 (10.81%) Security Manager
6 116 (10.45%) Senior Security Analyst
7 99 (8.92%) Consultant
8 97 (8.74%) Architect
8 97 (8.74%) Security Consultant
9 86 (7.75%) Senior IT Security Analyst
10 78 (7.03%) Security Architect
11 68 (6.13%) Cybersecurity Analyst
12 49 (4.41%) Information Manager
12 49 (4.41%) Information Security Manager
12 49 (4.41%) IT Manager
13 42 (3.78%) Infrastructure Engineer
14 40 (3.60%) IT Security Manager
15 38 (3.42%) IT Security Consultant
Libraries, Frameworks & Software Standards
1 26 (2.34%) Web Services
2 16 (1.44%) Regular Expression
3 7 (0.63%) Middleware
4 6 (0.54%) SAML
5 5 (0.45%) Elastic Stack
5 5 (0.45%) LAMP
6 4 (0.36%) OAuth
6 4 (0.36%) REST
7 1 (0.090%) OpenID
Miscellaneous
1 278 (25.05%) Management Information System
2 125 (11.26%) Security Operations Centre
3 110 (9.91%) Cyber Kill Chain
4 101 (9.10%) Data Protection Act
5 99 (8.92%) Analytical Skills
6 82 (7.39%) Distributed Denial-of-Service
7 81 (7.30%) PKI
8 79 (7.12%) Data Centre
9 50 (4.50%) Computer Science
10 46 (4.14%) Cyberthreat
11 32 (2.88%) Self-Motivation
12 20 (1.80%) CESG
13 18 (1.62%) Enterprise Cloud
14 16 (1.44%) Cyberattack
15 15 (1.35%) Fintech
16 14 (1.26%) Enterprise Software
16 14 (1.26%) Public Cloud
17 11 (0.99%) NHS
18 9 (0.81%) Virtual Team
19 7 (0.63%) Cyber Defence
Operating Systems
1 377 (33.96%) Windows
2 326 (29.37%) Linux
3 97 (8.74%) Windows Server
4 51 (4.59%) Unix
5 40 (3.60%) Mac OS X
6 37 (3.33%) Windows Server 2008
7 30 (2.70%) Apple iOS
8 24 (2.16%) Kali Linux
9 22 (1.98%) Windows 7
9 22 (1.98%) Windows Server 2012
10 16 (1.44%) Windows 10
11 10 (0.90%) AIX
12 6 (0.54%) CentOS
13 5 (0.45%) Debian
13 5 (0.45%) VMS
14 2 (0.18%) Red Hat Enterprise Linux
15 1 (0.090%) Mac OS
15 1 (0.090%) Solaris
15 1 (0.090%) Ubuntu
Processes & Methodologies
1 647 (58.29%) Information Security
2 573 (51.62%) SIEM
3 543 (48.92%) Cybersecurity
4 297 (26.76%) Security Operations
5 248 (22.34%) Penetration Testing
6 238 (21.44%) Data Protection
7 196 (17.66%) Risk Management
8 156 (14.05%) Business Continuity
8 156 (14.05%) Incident Management
9 148 (13.33%) Disaster Recovery
10 138 (12.43%) Vulnerability Scanning
11 133 (11.98%) Security Architecture
12 128 (11.53%) Identity Access Management
13 122 (10.99%) Due Diligence
14 121 (10.90%) Data Loss Prevention
15 116 (10.45%) Mentoring
16 114 (10.27%) Problem-Solving
17 112 (10.09%) Risk Analysis
18 109 (9.82%) Continuous Improvement
18 109 (9.82%) ITIL
Programming Languages
1 97 (8.74%) SQL
2 49 (4.41%) PowerShell
3 47 (4.23%) Python
4 23 (2.07%) Perl
5 18 (1.62%) Ruby
6 16 (1.44%) Bash Shell
6 16 (1.44%) Java
7 13 (1.17%) PHP
8 12 (1.08%) Go
9 3 (0.27%) C
10 1 (0.090%) JavaScript
10 1 (0.090%) Shell Script
Qualifications
1 452 (40.72%) CISSP
2 169 (15.23%) CISM
3 155 (13.96%) SANS
4 129 (11.62%) CEH
5 117 (10.54%) CREST Certified
6 106 (9.55%) Degree
7 102 (9.19%) GIAC
8 95 (8.56%) CISA
8 95 (8.56%) CompTIA Security+
9 76 (6.85%) Cisco Certification
10 75 (6.76%) SSCP
11 73 (6.58%) CISMP
11 73 (6.58%) Security Cleared
12 65 (5.86%) SC Cleared
13 41 (3.69%) GCIH
14 37 (3.33%) CCNA
15 36 (3.24%) GCIA
16 35 (3.15%) CCNP
17 33 (2.97%) Computer Science Degree
18 17 (1.53%) GPEN
Quality Assurance & Compliance
1 374 (33.69%) ISO/IEC 27001
2 209 (18.83%) GDPR
3 193 (17.39%) PCI DSS
4 93 (8.38%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 62 (5.59%) Cyber Essentials
6 26 (2.34%) SLA
7 24 (2.16%) COBIT
8 23 (2.07%) Sarbanes-Oxley
9 9 (0.81%) Cyber Essentials PLUS
10 5 (0.45%) Government Security Classifications
10 5 (0.45%) PMO
11 4 (0.36%) HMG Security Policy Framework
12 2 (0.18%) HIPAA
12 2 (0.18%) ISAE 3402
12 2 (0.18%) ISO 9001
12 2 (0.18%) QA
13 1 (0.090%) GPG13
13 1 (0.090%) ISO/IEC 27005
13 1 (0.090%) JSP 440
13 1 (0.090%) RMADS
System Software
1 115 (10.36%) VMware Infrastructure
2 102 (9.19%) Active Directory
3 33 (2.97%) Virtual Machines
4 15 (1.35%) Snort
5 12 (1.08%) vSphere
6 11 (0.99%) Hyper-V
7 9 (0.81%) VMware Workstation
7 9 (0.81%) XenDesktop
8 8 (0.72%) BitLocker
8 8 (0.72%) Microsoft App-V
8 8 (0.72%) VMware ESXi
9 7 (0.63%) ProxySG
10 4 (0.36%) Virtual Servers
11 3 (0.27%) XenApp
12 2 (0.18%) Docker
13 1 (0.090%) PowerHA
13 1 (0.090%) Veritas Cluster Server
13 1 (0.090%) XenServer
Systems Management
1 78 (7.03%) QRadar
2 75 (6.76%) Nessus
3 40 (3.60%) SCCM
4 32 (2.88%) McAfee ePO
5 30 (2.70%) WSUS
6 27 (2.43%) CASB
7 24 (2.16%) CSIRT
7 24 (2.16%) Host Intrusion Detection System
7 24 (2.16%) Norton AntiVirus
8 23 (2.07%) Nmap
9 21 (1.89%) Symantec Endpoint Protection
10 19 (1.71%) IBM BigFix
11 16 (1.44%) Network Intrusion Detection System
12 13 (1.17%) SCOM
13 9 (0.81%) Opscode Chef
13 9 (0.81%) Puppet
14 8 (0.72%) Nagios
14 8 (0.72%) PowerCLI
15 7 (0.63%) Computer Emergency Response Teams
16 6 (0.54%) RSA enVision
Vendors
1 192 (17.30%) Microsoft
2 177 (15.95%) Qualys
3 155 (13.96%) Cisco
4 153 (13.78%) Splunk
5 123 (11.08%) VMware
6 60 (5.41%) ArcSight
6 60 (5.41%) Oracle
7 54 (4.86%) Symantec
8 53 (4.77%) CheckPoint
9 51 (4.59%) LogRhythm
10 48 (4.32%) McAfee
11 42 (3.78%) Forcepoint
12 31 (2.79%) Apple
13 30 (2.70%) Citrix
14 29 (2.61%) Juniper
15 27 (2.43%) AlienVault
16 26 (2.34%) HP
17 25 (2.25%) Sophos
18 23 (2.07%) Dell
19 21 (1.89%) IBM