Incident Response Contracts

Incident Response
UK

The following table provides summary statistics for contract job vacancies with a requirement for Incident Response skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Incident Response over the 6 months to 27 April 2024 with a comparison to the same period in the previous 2 years.

6 months to
27 Apr 2024		 Same period 2023 Same period 2022
Rank 244 377 540
Rank change year-on-year +133 +163 -76
Contract jobs citing Incident Response 436 381 327
As % of all contract jobs advertised in the UK 1.01% 0.64% 0.37%
As % of the Processes & Methodologies category 1.17% 0.71% 0.41%
Number of daily rates quoted 314 286 244
10th Percentile £419 £394 £414
25th Percentile £463 £488 £495
Median daily rate (50th Percentile) £567 £575 £550
Median % change year-on-year -1.39% +4.55% +1.85%
75th Percentile £675 £725 £675
90th Percentile £725 £798 £792
UK excluding London median daily rate £550 £550 £550
Number of hourly rates quoted 6 0 6
10th Percentile £35.06 - £16.02
25th Percentile - - £16.41
Median hourly rate £40.00 - £17.23
75th Percentile - - £19.41
90th Percentile - - £60.00
UK excluding London median hourly rate £40.00 - £16.82

All Process and Methodology Skills
UK

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 37,374 53,774 80,482
As % of all contract IT jobs advertised in the UK 86.31% 89.91% 90.60%
Number of daily rates quoted 24,095 37,304 56,474
10th Percentile £300 £325 £340
25th Percentile £413 £438 £425
Median daily rate (50th Percentile) £525 £550 £525
Median % change year-on-year -4.55% +4.76% +8.25%
75th Percentile £638 £650 £638
90th Percentile £750 £750 £738
UK excluding London median daily rate £500 £500 £475
% change year-on-year - +5.26% +9.20%
Number of hourly rates quoted 2,422 1,763 1,928
10th Percentile £12.75 £11.00 £12.50
25th Percentile £16.00 £16.25 £15.25
Median hourly rate £35.00 £37.34 £25.00
Median % change year-on-year -6.27% +49.36% -
75th Percentile £59.44 £65.00 £49.25
90th Percentile £72.50 £75.00 £63.75
UK excluding London median hourly rate £36.00 £36.00 £20.00
% change year-on-year - +80.00% -8.17%

Incident Response
Job Vacancy Trend

Job postings citing Incident Response as a proportion of all IT jobs advertised.

Job vacancy trend for Incident Response in the UK

Incident Response
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing Incident Response.

Daily rate trend for Incident Response in the UK

Incident Response
Daily Rate Histogram

Daily rate distribution for jobs citing Incident Response over the 6 months to 27 April 2024.

Daily rate histogram for Incident Response in the UK

Incident Response
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing Incident Response.

Hourly rate trend for Incident Response in the UK

Incident Response
Top 14 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Incident Response within the UK over the 6 months to 27 April 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +139 385 £550 -6.06% 351
UK excluding London +152 275 £550 - 257
Work from Home +97 135 £510 -23.39% 110
South West +105 107 £575 -8.00% 27
London +20 101 £544 -9.38% 92
South East +75 65 £482 -16.17% 62
North of England +28 49 £525 -4.55% 97
Midlands +36 42 £625 -3.85% 38
West Midlands +47 39 £630 -3.08% 27
Yorkshire +20 25 £582 +10.86% 23
East of England +13 25 £600 +26.98% 19
North West +12 24 £525 -4.55% 68
Scotland +33 13 £500 +11.11% 11
East Midlands +19 3 £567 -6.01% 11

Incident Response
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 16 (3.67%) CMS
2 10 (2.29%) NetWeaver
3 5 (1.15%) Confluence
4 4 (0.92%) Microsoft Exchange
5 2 (0.46%) Apache Spark
5 2 (0.46%) nginx
6 1 (0.23%) IBM Notes
6 1 (0.23%) SharePoint
Applications
1 5 (1.15%) Microsoft Excel
2 2 (0.46%) Microsoft Project
3 1 (0.23%) Microsoft Office
3 1 (0.23%) Spreadsheet
Business Applications
1 10 (2.29%) SAP IBP
Cloud Services
1 90 (20.64%) Azure
2 45 (10.32%) AWS
3 42 (9.63%) Azure Sentinel
4 13 (2.98%) Microsoft 365
5 9 (2.06%) Entra ID
5 9 (2.06%) GCP
6 8 (1.83%) Virtual Private Cloud
7 7 (1.61%) Azure Monitor
7 7 (1.61%) Microsoft Purview
8 6 (1.38%) AWS CloudTrail
8 6 (1.38%) OpenShift
9 5 (1.15%) Amazon CloudWatch
9 5 (1.15%) Amazon GuardDuty
9 5 (1.15%) Amazon S3
9 5 (1.15%) CloudFront
9 5 (1.15%) Google Kubernetes Engine
10 4 (0.92%) AWS CloudFormation
10 4 (0.92%) Power Platform
11 3 (0.69%) Mimecast
11 3 (0.69%) PaaS
Communications & Networking
1 63 (14.45%) Firewall
2 40 (9.17%) Network Security
3 23 (5.28%) Intrusion Detection
4 13 (2.98%) DNS
4 13 (2.98%) TCP/IP
5 9 (2.06%) VPN
6 5 (1.15%) HTTP
6 5 (1.15%) LAN
6 5 (1.15%) tcpdump
6 5 (1.15%) Wireshark
7 4 (0.92%) Cisco Nexus
7 4 (0.92%) DHCP
7 4 (0.92%) FTP
7 4 (0.92%) SMTP
7 4 (0.92%) SSL
7 4 (0.92%) WAN
8 3 (0.69%) Cisco ISE
8 3 (0.69%) NGFW
8 3 (0.69%) Wireless
9 2 (0.46%) Wi-Fi
Database & Business Intelligence
1 18 (4.13%) Elasticsearch
2 10 (2.29%) SAP BW
2 10 (2.29%) SAP HANA
3 6 (1.38%) Apache Hive
3 6 (1.38%) Hadoop
3 6 (1.38%) PostgreSQL
4 4 (0.92%) Data Lake
4 4 (0.92%) MongoDB
4 4 (0.92%) Power BI
4 4 (0.92%) Tableau
5 3 (0.69%) BigQuery
5 3 (0.69%) SQL Server
6 2 (0.46%) Amazon Redshift
6 2 (0.46%) Big Data
6 2 (0.46%) Bigtable
6 2 (0.46%) Data Warehouse
6 2 (0.46%) HBase
6 2 (0.46%) IBM BigInsights
6 2 (0.46%) NoSQL
6 2 (0.46%) Parquet
Development Applications
1 17 (3.90%) JIRA
2 7 (1.61%) Jenkins
3 4 (0.92%) Git
3 4 (0.92%) IDA Disassembler
4 3 (0.69%) GitLab
5 2 (0.46%) Liquibase
6 1 (0.23%) Subversion
General
1 120 (27.52%) Social Skills
2 68 (15.60%) Analytical Skills
3 47 (10.78%) Finance
4 29 (6.65%) Public Sector
5 20 (4.59%) Banking
6 19 (4.36%) Legal
7 14 (3.21%) Telecoms
8 9 (2.06%) Inclusion and Diversity
8 9 (2.06%) Law
9 8 (1.83%) Retail
10 6 (1.38%) Manufacturing
11 5 (1.15%) Financial Institution
12 4 (0.92%) Documentation Skills
12 4 (0.92%) Influencing Skills
12 4 (0.92%) Presentation Skills
13 2 (0.46%) Advertising
13 2 (0.46%) Aerospace
13 2 (0.46%) Automotive
13 2 (0.46%) Electronics
13 2 (0.46%) Games
Job Titles
1 144 (33.03%) Analyst
2 83 (19.04%) SOC Analyst
3 36 (8.26%) Consultant
3 36 (8.26%) Security Engineer
4 35 (8.03%) SOC Engineer
5 34 (7.80%) Senior
6 33 (7.57%) Lead
7 30 (6.88%) Security Analyst
8 21 (4.82%) Architect
8 21 (4.82%) Senior Analyst
9 17 (3.90%) Security Manager
10 16 (3.67%) Cyber Defence Analyst
11 14 (3.21%) Security Architect
12 13 (2.98%) Cybersecurity Analyst
13 12 (2.75%) Security Specialist
14 11 (2.52%) Cloud Engineer
14 11 (2.52%) Site Engineer
14 11 (2.52%) Site Reliability Engineer
15 10 (2.29%) Cybersecurity Engineer
15 10 (2.29%) SIEM Consultant
Libraries, Frameworks & Software Standards
1 11 (2.52%) Elastic Stack
2 10 (2.29%) Kafka
2 10 (2.29%) SAP Basis
2 10 (2.29%) SAP Fiori
3 6 (1.38%) OAuth
3 6 (1.38%) OAuth2
3 6 (1.38%) SAML
4 4 (0.92%) OLE
5 3 (0.69%) LDAP
5 3 (0.69%) SailPoint
6 2 (0.46%) Apache Avro
6 2 (0.46%) Apache NiFi
6 2 (0.46%) JSON
7 1 (0.23%) .NET
7 1 (0.23%) .NET Core
7 1 (0.23%) ASP.NET Web API
7 1 (0.23%) XML
7 1 (0.23%) YAML
Miscellaneous
1 111 (25.46%) Management Information System
2 98 (22.48%) Security Operations Centre
3 81 (18.58%) Cyber Threat
4 69 (15.83%) Cyber Kill Chain
5 63 (14.45%) Cyber Defence
6 55 (12.61%) Security Posture
7 39 (8.94%) CSOC
8 29 (6.65%) Cyberattack
9 17 (3.90%) Cloud Native
9 17 (3.90%) Onboarding
10 14 (3.21%) Distributed Denial-of-Service
11 11 (2.52%) Public Cloud
12 6 (1.38%) Analytical Mindset
12 6 (1.38%) CMDB
13 4 (0.92%) Cloud Security Posture
13 4 (0.92%) Data Protection Act
13 4 (0.92%) Hedge funds
13 4 (0.92%) Self-Motivation
13 4 (0.92%) YARA
14 3 (0.69%) Hybrid Cloud
Operating Systems
1 60 (13.76%) Linux
1 60 (13.76%) Windows
2 15 (3.44%) Unix
3 5 (1.15%) Windows Server
4 3 (0.69%) Mac OS
4 3 (0.69%) zOS
5 2 (0.46%) Red Hat Enterprise Linux
6 1 (0.23%) Android
6 1 (0.23%) Apple iOS
6 1 (0.23%) Mac OS X
6 1 (0.23%) Windows 10
Processes & Methodologies
1 263 (60.32%) Cybersecurity
2 195 (44.72%) SIEM
3 190 (43.58%) Security Operations
4 125 (28.67%) Information Security
5 102 (23.39%) Threat Intelligence
6 101 (23.17%) Use Case
7 92 (21.10%) Incident Management
8 82 (18.81%) MITRE ATT&CK
9 79 (18.12%) Vulnerability Management
10 78 (17.89%) Problem-Solving
11 77 (17.66%) Cyber Threat Intelligence
12 66 (15.14%) Root Cause Analysis
13 65 (14.91%) SOAR
14 58 (13.30%) Mentoring
15 57 (13.07%) Protective Monitoring
16 56 (12.84%) Analytics
17 50 (11.47%) Case Management
18 48 (11.01%) Threat Detection
19 47 (10.78%) Cloud Security
19 47 (10.78%) Data Security
Programming Languages
1 29 (6.65%) Kusto Query Language
2 28 (6.42%) PowerShell
3 20 (4.59%) Python
4 7 (1.61%) Bash
4 7 (1.61%) SQL
5 5 (1.15%) JavaScript
5 5 (1.15%) Search Processing Language
6 3 (0.69%) Go
6 3 (0.69%) Shell Script
7 2 (0.46%) Perl
7 2 (0.46%) U-SQL
8 1 (0.23%) Bicep
8 1 (0.23%) C#
8 1 (0.23%) Java
8 1 (0.23%) Ruby
Qualifications
1 162 (37.16%) Security Cleared
2 96 (22.02%) DV Cleared
3 74 (16.97%) CISSP
4 65 (14.91%) Degree
5 57 (13.07%) SC Cleared
6 32 (7.34%) Computer Science Degree
7 29 (6.65%) CISM
8 26 (5.96%) CompTIA Security+
8 26 (5.96%) SANS
9 19 (4.36%) Azure Certification
10 16 (3.67%) CEH
10 16 (3.67%) Cisco Certification
10 16 (3.67%) Microsoft Certification
11 11 (2.52%) CCNP
12 8 (1.83%) CCNA
12 8 (1.83%) SAP Certification
13 7 (1.61%) AWS Certification
13 7 (1.61%) BPSS Clearance
13 7 (1.61%) GIAC
14 6 (1.38%) CISA
Quality Assurance & Compliance
1 93 (21.33%) NIST
2 47 (10.78%) ISO/IEC 27001
3 44 (10.09%) NIST 800
4 43 (9.86%) GDPR
5 27 (6.19%) NCSC
6 13 (2.98%) PCI DSS
7 11 (2.52%) GRC
8 7 (1.61%) Cyber Essentials
8 7 (1.61%) HIPAA
9 4 (0.92%) Cyber Essentials PLUS
9 4 (0.92%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 4 (0.92%) SLA
10 3 (0.69%) COBIT
10 3 (0.69%) GPG13
11 2 (0.46%) Data Quality
11 2 (0.46%) Sarbanes-Oxley
12 1 (0.23%) Disclosure Scotland
12 1 (0.23%) GLBA
12 1 (0.23%) ISAE 3402
12 1 (0.23%) SOC 2
System Software
1 20 (4.59%) Active Directory
2 11 (2.52%) Docker
3 5 (1.15%) Virtual Machines
3 5 (1.15%) VMware Infrastructure
4 4 (0.92%) Snort
5 2 (0.46%) XenApp
Systems Management
1 20 (4.59%) Kibana
2 13 (2.98%) Kubernetes
3 10 (2.29%) Prometheus
4 9 (2.06%) logstash
4 9 (2.06%) Nessus
5 8 (1.83%) Istio
6 7 (1.61%) CSIRT
6 7 (1.61%) Grafana
6 7 (1.61%) Terraform
7 6 (1.38%) Argo
8 5 (1.15%) Ansible
9 4 (0.92%) Computer Emergency Response Teams
9 4 (0.92%) Trend Micro Deep Security
10 3 (0.69%) CASB
10 3 (0.69%) FortiGate
10 3 (0.69%) QRadar
11 2 (0.46%) Ambari
11 2 (0.46%) Oozie
11 2 (0.46%) Puppet
11 2 (0.46%) ZABBIX
Vendors
1 168 (38.53%) Microsoft
2 61 (13.99%) Splunk
3 32 (7.34%) LogRhythm
4 30 (6.88%) Qualys
5 22 (5.05%) Darktrace
5 22 (5.05%) Varonis
6 19 (4.36%) Cisco
7 16 (3.67%) FireEye
7 16 (3.67%) Forcepoint
8 13 (2.98%) SAP
9 12 (2.75%) CrowdStrike
9 12 (2.75%) Rapid7
10 10 (2.29%) Google
11 8 (1.83%) CheckPoint
12 7 (1.61%) Virgin Media
13 6 (1.38%) Palo Alto
14 5 (1.15%) Sophos
14 5 (1.15%) VMware
15 4 (0.92%) Oracle
15 4 (0.92%) Symantec
392 Incident Response jobs Nationwide