Hybrid/Remote GRC Job Trends, Salaries & Related Skills

Governance, Risk Management and Compliance (GRC)
UK > Work from Home

The table below provides summary statistics and salary benchmarking for remote or hybrid work requiring GRC skills. It covers permanent job vacancies from the 6 months leading up to 21 December 2025, with comparisons to the same periods in the previous two years.

	6 months to 21 Dec 2025	Same period 2024	Same period 2023
Rank	260	322	361
Rank change year-on-year	+62	+39	+159
Permanent jobs citing GRC	115	116	103
As % of all permanent jobs with remote/hybrid work options	0.75%	0.67%	0.52%
As % of the Quality Assurance & Compliance category	4.29%	4.02%	3.40%
Number of salaries quoted	83	73	91
10^th Percentile	£43,250	£50,250	£50,000
25^th Percentile	£50,000	£61,250	£57,500
Median annual salary (50^th Percentile)	£60,000	£69,308	£70,000
Median % change year-on-year	-13.43%	-0.99%	+11.11%
75^th Percentile	£83,837	£87,500	£85,000
90^th Percentile	£97,000	£95,250	£86,250
UK median annual salary	£65,000	£69,308	£70,576
% change year-on-year	-6.22%	-1.80%	+0.82%

All Quality Assurance and Compliance Skills
Work from Home

GRC falls under the Quality Assurance and Compliance category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies with remote or hybrid options requiring quality assurance or compliance skills.

Permanent vacancies with a requirement for quality assurance or compliance skills	2,681	2,884	3,025
As % of all permanent jobs with a WFH option	17.53%	16.66%	15.35%
Number of salaries quoted	1,637	1,604	2,378
10^th Percentile	£35,000	£36,250	£37,000
25^th Percentile	£46,750	£47,500	£47,500
Median annual salary (50^th Percentile)	£61,500	£62,500	£60,000
Median % change year-on-year	-1.60%	+4.17%	+4.35%
75^th Percentile	£80,000	£77,500	£80,000
90^th Percentile	£97,500	£95,000	£95,000
UK median annual salary	£57,500	£60,000	£60,000
% change year-on-year	-4.17%	-	+4.35%

GRC
Job Vacancy Trend for Remote/Hybrid Jobs

Historical trend showing the proportion of permanent IT job postings citing GRC and offering remote or hybrid work options relative to all permanent IT jobs advertised.

GRC
Salary Trend for Remote/Hybrid Jobs

Salary distribution trend for jobs with remote/hybrid work options citing GRC.

GRC
Salary Histogram for Remote/Hybrid Jobs

Salary distribution for jobs with remote/hybrid work options citing GRC over the 6 months to 21 December 2025.

GRC salary histogram for jobs with remote/hybrid work options

GRC
Top 30 Co-Occurring Skills & Capabilities in Remote/Hybrid Jobs

For the 6 months to 21 December 2025, GRC job roles required the following skills and capabilities in order of popularity. The figures indicate the absolute number of co-occurrences and as a proportion of all permanent jobs with hybrid or remote work options and a requirement for GRC.

1	85 (73.91%)	ISO/IEC 27001
2	75 (65.22%)	Cybersecurity
3	69 (60.00%)	Risk Management
4	62 (53.91%)	NIST
5	55 (47.83%)	CISM
5	55 (47.83%)	CISSP
6	42 (36.52%)	Security Cleared
7	38 (33.04%)	Information Security
7	38 (33.04%)	ISMS
8	37 (32.17%)	Continuous Improvement
9	35 (30.43%)	ISO 27001 Lead Implementer
10	34 (29.57%)	SC Cleared
11	33 (28.70%)	Business Intelligence
12	32 (27.83%)	Collaborative Culture
13	31 (26.96%)	CRISC

13	31 (26.96%)	SAP
14	25 (21.74%)	Digital Marketing
14	25 (21.74%)	Programme Management
14	25 (21.74%)	SAP CAF
15	23 (20.00%)	Azure
15	23 (20.00%)	CISA
16	21 (18.26%)	SOC 2
17	19 (16.52%)	GDPR
18	18 (15.65%)	Degree
18	18 (15.65%)	Vulnerability Management
19	17 (14.78%)	PCI DSS
19	17 (14.78%)	SaaS
20	16 (13.91%)	AWS
20	16 (13.91%)	Cyber Essentials
21	15 (13.04%)	Cloud Security

GRC
Co-Occurring Skills & Capabilities in Remote/Hybrid Jobs by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1	4 (3.48%)	SharePoint
2	2 (1.74%)	Microsoft Exchange

Applications
1	2 (1.74%)	Microsoft Office
2	1 (0.87%)	Microsoft Excel

Business Applications
1	6 (5.22%)	SAP GRC
2	3 (2.61%)	SAP S/4HANA
3	1 (0.87%)	SAP BPC

Cloud Services
1	23 (20.00%)	Azure
2	17 (14.78%)	SaaS
3	16 (13.91%)	AWS
4	8 (6.96%)	GCP
4	8 (6.96%)	Microsoft 365
5	7 (6.09%)	Power Platform
6	4 (3.48%)	Entra ID
6	4 (3.48%)	GitHub
6	4 (3.48%)	GitHub Actions
7	3 (2.61%)	Azure Sentinel
7	3 (2.61%)	Cloud Computing
8	2 (1.74%)	Amazon GuardDuty
8	2 (1.74%)	IaaS
8	2 (1.74%)	PaaS
9	1 (0.87%)	Microsoft Purview
9	1 (0.87%)	Mimecast

Communications & Networking
1	15 (13.04%)	Firewall
2	9 (7.83%)	Network Security
3	5 (4.35%)	Intrusion Detection
3	5 (4.35%)	TCP/IP
3	5 (4.35%)	VPN
4	3 (2.61%)	DMZ
4	3 (2.61%)	HTTP
5	2 (1.74%)	DHCP
5	2 (1.74%)	DNS
5	2 (1.74%)	LAN
5	2 (1.74%)	WAN
6	1 (0.87%)	Wireless
6	1 (0.87%)	Wireshark

Database & Business Intelligence
1	7 (6.09%)	Power BI
2	6 (5.22%)	Tableau

Development Applications
1	4 (3.48%)	TeamCity
2	3 (2.61%)	Snyk
3	1 (0.87%)	Burp Suite
3	1 (0.87%)	Metasploit

General
1	60 (52.17%)	Social Skills
2	57 (49.57%)	Finance
3	44 (38.26%)	Public Sector
4	26 (22.61%)	Telecoms
5	25 (21.74%)	Electronics
5	25 (21.74%)	Manufacturing
5	25 (21.74%)	Marketing
6	18 (15.65%)	Analytical Skills
7	14 (12.17%)	Banking
8	8 (6.96%)	Financial Institution
8	8 (6.96%)	Legal
8	8 (6.96%)	Retail
9	7 (6.09%)	Back Office
9	7 (6.09%)	Inclusion and Diversity
9	7 (6.09%)	Influencing Skills
9	7 (6.09%)	Law
10	2 (1.74%)	Organisational Skills
10	2 (1.74%)	Presentation Skills
11	1 (0.87%)	Cyber-Physical System
11	1 (0.87%)	Police

Job Titles
1	47 (40.87%)	Consultant
2	39 (33.91%)	Security Consultant
3	14 (12.17%)	Analyst
4	12 (10.43%)	Senior
5	10 (8.70%)	Security Analyst
6	9 (7.83%)	Security Engineer
6	9 (7.83%)	Security Specialist
7	8 (6.96%)	Security Manager
8	7 (6.09%)	Cloud Engineer
9	6 (5.22%)	Cloud Security Engineer
9	6 (5.22%)	Cybersecurity Consultant
9	6 (5.22%)	Head of IT
9	6 (5.22%)	SAP Consultant
10	5 (4.35%)	Cybersecurity Specialist
10	5 (4.35%)	Senior Consultant
11	4 (3.48%)	Cloud Automation Engineer
11	4 (3.48%)	Cybersecurity Analyst
11	4 (3.48%)	Information Analyst
11	4 (3.48%)	IT Analyst
11	4 (3.48%)	Principal Consultant

Libraries, Frameworks & Software Standards
1	25 (21.74%)	SAP CAF
2	3 (2.61%)	SAP Basis
2	3 (2.61%)	SAP Fiori
3	2 (1.74%)	.NET
3	2 (1.74%)	SLSA

Miscellaneous
1	17 (14.78%)	Security Posture
2	15 (13.04%)	Cloud Native
3	10 (8.70%)	Management Information System
4	8 (6.96%)	Cloud Security Posture
5	7 (6.09%)	Blog
6	6 (5.22%)	Analytical Mindset
6	6 (5.22%)	Taxonomies
7	5 (4.35%)	Public Cloud
8	4 (3.48%)	Driving Licence
9	3 (2.61%)	Cyber Kill Chain
9	3 (2.61%)	PKI
9	3 (2.61%)	Private Cloud
10	2 (1.74%)	Distributed Systems
10	2 (1.74%)	Onboarding
10	2 (1.74%)	Replication
11	1 (0.87%)	Cyber Threat
11	1 (0.87%)	Mobile App
11	1 (0.87%)	Operational Technology
11	1 (0.87%)	PMI
11	1 (0.87%)	Smart City

Operating Systems
1	5 (4.35%)	Windows
2	4 (3.48%)	Windows Server
3	1 (0.87%)	Android
3	1 (0.87%)	Apple iOS
3	1 (0.87%)	Linux

Processes & Methodologies
1	75 (65.22%)	Cybersecurity
2	69 (60.00%)	Risk Management
3	38 (33.04%)	Information Security
3	38 (33.04%)	ISMS
4	37 (32.17%)	Continuous Improvement
5	33 (28.70%)	Business Intelligence
6	32 (27.83%)	Collaborative Culture
7	25 (21.74%)	Digital Marketing
7	25 (21.74%)	Programme Management
8	18 (15.65%)	Vulnerability Management
9	15 (13.04%)	Cloud Security
9	15 (13.04%)	Incident Response
10	14 (12.17%)	Decision-Making
10	14 (12.17%)	Security Architecture
11	13 (11.30%)	Risk Assessment
11	13 (11.30%)	Stakeholder Engagement
12	11 (9.57%)	Security Operations
13	9 (7.83%)	CI/CD
13	9 (7.83%)	Problem-Solving
13	9 (7.83%)	RBAC

Programming Languages
1	4 (3.48%)	Bash
1	4 (3.48%)	Go
1	4 (3.48%)	Python
2	2 (1.74%)	Bicep

Qualifications
1	55 (47.83%)	CISM
1	55 (47.83%)	CISSP
2	42 (36.52%)	Security Cleared
3	35 (30.43%)	ISO 27001 Lead Implementer
4	34 (29.57%)	SC Cleared
5	31 (26.96%)	CRISC
6	23 (20.00%)	CISA
7	18 (15.65%)	Degree
8	15 (13.04%)	ISO 27001 Lead Auditor
9	8 (6.96%)	DV Cleared
10	7 (6.09%)	Master's Degree
11	5 (4.35%)	CISMP
11	5 (4.35%)	CompTIA Security+
12	4 (3.48%)	AWS Certification
13	3 (2.61%)	(ISC)2 CCSP
13	3 (2.61%)	CCSP
13	3 (2.61%)	CEH
13	3 (2.61%)	Cisco Certification
13	3 (2.61%)	NVQ Level 3
13	3 (2.61%)	OSCP

Quality Assurance & Compliance
1	85 (73.91%)	ISO/IEC 27001
2	62 (53.91%)	NIST
3	21 (18.26%)	SOC 2
4	19 (16.52%)	GDPR
5	17 (14.78%)	PCI DSS
6	16 (13.91%)	Cyber Essentials
7	13 (11.30%)	NIST 800
8	12 (10.43%)	NCSC
9	9 (7.83%)	Cyber Essentials PLUS
10	7 (6.09%)	COBIT
10	7 (6.09%)	JSP 440
11	6 (5.22%)	ISO/IEC 42001
11	6 (5.22%)	SOC 1
12	5 (4.35%)	Data Quality
12	5 (4.35%)	ITGC
13	4 (3.48%)	ISO 22301
13	4 (3.48%)	ISO 9001
14	3 (2.61%)	ISO 14001
14	3 (2.61%)	ISO/IEC 27005
14	3 (2.61%)	NEBOSH

System Software
1	1 (0.87%)	Active Directory
1	1 (0.87%)	IAG

Systems Management
1	7 (6.09%)	RSA Archer
2	6 (5.22%)	Terraform
3	4 (3.48%)	Cilium
3	4 (3.48%)	Kubernetes
4	3 (2.61%)	Single Sign-On
5	2 (1.74%)	Microsoft Intune
6	1 (0.87%)	Nessus
6	1 (0.87%)	Nmap

Vendors
1	31 (26.96%)	SAP
2	15 (13.04%)	Microsoft
3	4 (3.48%)	Google
3	4 (3.48%)	Qualys
4	3 (2.61%)	Checkmarx
4	3 (2.61%)	Palo Alto
4	3 (2.61%)	Salesforce
4	3 (2.61%)	Tenable
5	2 (1.74%)	ServiceNow
6	1 (0.87%)	Darktrace

Governance, Risk Management and Compliance (GRC)UK > Work from Home

All Quality Assurance and Compliance SkillsWork from Home

GRCJob Vacancy Trend for Remote/Hybrid Jobs

GRCSalary Trend for Remote/Hybrid Jobs

GRCSalary Histogram for Remote/Hybrid Jobs

GRCTop 30 Co-Occurring Skills & Capabilities in Remote/Hybrid Jobs

GRCCo-Occurring Skills & Capabilities in Remote/Hybrid Jobs by Category