ISO/IEC 27001 Contracts, Co-occurring Skills & Contractor Rates

ISO/IEC 27001
UK

The following table provides summary statistics for contract job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 20 May 2024 with a comparison to the same period in the previous 2 years.

Location	6 months to 20 May 2024	Same period 2023	Same period 2022
Rank	219	224	305
Rank change year-on-year	+5	+81	+18
Contract jobs citing ISO/IEC 27001	456	670	812
As % of all contract jobs advertised in the UK	1.07%	1.17%	0.92%
As % of the Quality Assurance & Compliance category	7.56%	8.74%	6.92%
Number of daily rates quoted	347	480	615
10^th Percentile	£363	£425	£367
25^th Percentile	£461	£500	£463
Median daily rate (50^th Percentile)	£575	£600	£550
Median % change year-on-year	-4.17%	+9.09%	+7.00%
75^th Percentile	£666	£700	£675
90^th Percentile	£755	£800	£763
UK excluding London median daily rate	£550	£600	£550
% change year-on-year	-8.33%	+9.09%	+24.35%
Number of hourly rates quoted	1	16	9
10^th Percentile	-	£44.38	£43.21
25^th Percentile	-	£45.94	£43.95
Median hourly rate	£83.41	£67.07	£54.96
Median % change year-on-year	+24.36%	+22.05%	-11.26%
75^th Percentile	-	£74.11	£69.83
90^th Percentile	-	£78.63	£76.86
UK excluding London median hourly rate	£83.41	£70.00	£54.69
% change year-on-year	+19.16%	+27.99%	-11.68%

All Quality Assurance and Compliance Skills
UK

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for quality assurance or compliance skills.

Contract vacancies with a requirement for quality assurance or compliance skills	6,035	7,662	11,737
As % of all contract IT jobs advertised in the UK	14.19%	13.38%	13.29%
Number of daily rates quoted	3,843	5,232	8,045
10^th Percentile	£280	£281	£300
25^th Percentile	£402	£413	£405
Median daily rate (50^th Percentile)	£510	£525	£515
Median % change year-on-year	-2.86%	+1.94%	+8.42%
75^th Percentile	£625	£638	£625
90^th Percentile	£750	£743	£713
UK excluding London median daily rate	£480	£480	£450
% change year-on-year	+0.10%	+6.56%	+5.88%
Number of hourly rates quoted	381	242	315
10^th Percentile	£10.95	£13.33	£12.03
25^th Percentile	£13.18	£18.71	£16.50
Median hourly rate	£21.00	£35.00	£30.00
Median % change year-on-year	-40.00%	+16.67%	+42.86%
75^th Percentile	£45.00	£61.50	£50.39
90^th Percentile	£68.75	£77.35	£68.93
UK excluding London median hourly rate	£18.27	£31.89	£22.50
% change year-on-year	-42.70%	+41.71%	+7.14%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing ISO/IEC 27001.

Daily rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Daily Rate Histogram

Daily rate distribution for jobs citing ISO/IEC 27001 over the 6 months to 20 May 2024.

Daily rate histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing ISO/IEC 27001.

Hourly rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 16 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 20 May 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Contract IT Job Ads	Median Daily Rate Past 6 Months	Median Daily Rate % Change on Same Period Last Year	Live Jobs
England	+4	384	£575	-4.17%	436
UK excluding London	-11	209	£550	-8.33%	305
London	+26	204	£585	-6.79%	151
Work from Home	+20	178	£575	-4.17%	206
North of England	+43	52	£575	+12.20%	78
South West	+9	48	£600	-4.00%	34
North West	+39	43	£600	+33.33%	33
Scotland	+42	41	£550	-5.82%	10
South East	-44	32	£413	-34.00%	91
Midlands	-13	24	£450	-20.00%	51
West Midlands	-13	16	£525	-6.67%	33
East of England	+16	11	£365	-33.64%	36
East Midlands	+21	8	£450	-35.71%	18
Yorkshire	+7	7	£550	-15.38%	36
North East	-	2	£525	-	9
Wales	+15	1	£638	+10.87%	4

ISO/IEC 27001
Top 30 Co-occurring Skills and Capabilities

For the 6 months to 20 May 2024, contractor job vacancies citing ISO/IEC 27001 also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for ISO/IEC 27001.

1	223 (48.90%)	NIST
2	221 (48.46%)	Cybersecurity
3	190 (41.67%)	Information Security
4	130 (28.51%)	Risk Management
5	129 (28.29%)	CISSP
6	112 (24.56%)	Security Cleared
7	102 (22.37%)	Social Skills
8	95 (20.83%)	SC Cleared
9	93 (20.39%)	CISM
10	88 (19.30%)	Microsoft
10	88 (19.30%)	Finance
11	86 (18.86%)	Public Sector
12	85 (18.64%)	Azure
13	74 (16.23%)	SIEM
13	74 (16.23%)	GDPR

14	72 (15.79%)	Security Architecture
15	70 (15.35%)	Management Information System
16	66 (14.47%)	AWS
17	64 (14.04%)	PCI DSS
18	59 (12.94%)	Firewall
18	59 (12.94%)	Cloud Security
19	54 (11.84%)	Vulnerability Management
20	53 (11.62%)	CISA
21	52 (11.40%)	Risk Assessment
21	52 (11.40%)	Penetration Testing
22	51 (11.18%)	Data Protection
22	51 (11.18%)	Network Security
23	50 (10.96%)	Linux
24	49 (10.75%)	Stakeholder Management
25	47 (10.31%)	Legal

ISO/IEC 27001
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	9 (1.97%)	Microsoft Exchange
1	9 (1.97%)	SharePoint
2	8 (1.75%)	nginx
3	4 (0.88%)	Apache Solr
3	4 (0.88%)	CMS
3	4 (0.88%)	Skype for Business
4	3 (0.66%)	Confluence
5	2 (0.44%)	IIS
5	2 (0.44%)	Jupyter
6	1 (0.22%)	IBM Notes
6	1 (0.22%)	SharePoint Server

Applications
1	13 (2.85%)	Microsoft Office
2	5 (1.10%)	Microsoft Excel
3	4 (0.88%)	MS Visio
4	3 (0.66%)	Microsoft PowerPoint
4	3 (0.66%)	Spreadsheet

Business Applications
1	8 (1.75%)	Sparx Enterprise Architect
2	1 (0.22%)	Remedy ITSM

Cloud Services
1	85 (18.64%)	Azure
2	66 (14.47%)	AWS
3	25 (5.48%)	Azure Sentinel
4	23 (5.04%)	Microsoft 365
5	17 (3.73%)	GCP
6	10 (2.19%)	Entra ID
7	9 (1.97%)	Amazon CloudWatch
7	9 (1.97%)	SaaS
8	8 (1.75%)	Cloud Computing
9	7 (1.54%)	AWS CloudFormation
9	7 (1.54%)	AWS CloudTrail
9	7 (1.54%)	AWS Lambda
9	7 (1.54%)	Azure DevOps
9	7 (1.54%)	Serverless
10	6 (1.32%)	GitHub
11	5 (1.10%)	Amazon GuardDuty
11	5 (1.10%)	Amazon S3
12	4 (0.88%)	Azure Monitor
12	4 (0.88%)	IaaS
12	4 (0.88%)	Microsoft Purview

Communications & Networking
1	59 (12.94%)	Firewall
2	51 (11.18%)	Network Security
3	20 (4.39%)	WAN
4	13 (2.85%)	DNS
4	13 (2.85%)	Intrusion Detection
4	13 (2.85%)	SD-WAN
5	12 (2.63%)	TCP/IP
6	10 (2.19%)	VPN
7	7 (1.54%)	Internet
8	6 (1.32%)	LAN
9	5 (1.10%)	HTTPS
9	5 (1.10%)	IPsec
10	4 (0.88%)	Intranet
10	4 (0.88%)	SCCP
10	4 (0.88%)	Skype
11	3 (0.66%)	Broadband
11	3 (0.66%)	Wi-Fi
11	3 (0.66%)	Wireless
12	2 (0.44%)	DHCP
12	2 (0.44%)	HTTP

Database & Business Intelligence
1	7 (1.54%)	MySQL
1	7 (1.54%)	NoSQL
2	4 (0.88%)	Big Data
2	4 (0.88%)	Couchbase
2	4 (0.88%)	Data Lake
2	4 (0.88%)	SQL Server
3	3 (0.66%)	DynamoDB
4	2 (0.44%)	Amazon Athena
4	2 (0.44%)	Amazon RDS
4	2 (0.44%)	Amazon Redshift
4	2 (0.44%)	Data Warehouse
4	2 (0.44%)	Hadoop
4	2 (0.44%)	MongoDB
4	2 (0.44%)	Relational Database
4	2 (0.44%)	Snowflake Schema

Development Applications
1	10 (2.19%)	Jenkins
2	6 (1.32%)	JIRA
3	5 (1.10%)	Git
4	3 (0.66%)	SonarQube
5	2 (0.44%)	Burp Suite
5	2 (0.44%)	CircleCI
5	2 (0.44%)	Cypress.io
5	2 (0.44%)	GitLab
5	2 (0.44%)	Mocha
5	2 (0.44%)	Octopus Deploy
5	2 (0.44%)	RStudio

General
1	102 (22.37%)	Social Skills
2	88 (19.30%)	Finance
3	86 (18.86%)	Public Sector
4	47 (10.31%)	Legal
5	34 (7.46%)	Analytical Skills
6	23 (5.04%)	Banking
7	18 (3.95%)	Manufacturing
8	13 (2.85%)	Telecoms
9	10 (2.19%)	Local Government
10	8 (1.75%)	Inclusion and Diversity
10	8 (1.75%)	Retail
11	5 (1.10%)	Electronics
11	5 (1.10%)	Financial Institution
11	5 (1.10%)	German Language
11	5 (1.10%)	Law
11	5 (1.10%)	Marketing
11	5 (1.10%)	Organisational Skills
12	4 (0.88%)	French Language
12	4 (0.88%)	Influencing Skills
12	4 (0.88%)	Investment Banking

Job Titles
1	86 (18.86%)	Architect
2	72 (15.79%)	Analyst
3	65 (14.25%)	Consultant
4	61 (13.38%)	Security Architect
5	50 (10.96%)	Security Consultant
6	47 (10.31%)	Senior
7	34 (7.46%)	Security Engineer
8	32 (7.02%)	Security Analyst
9	30 (6.58%)	Lead
10	28 (6.14%)	Security Manager
11	18 (3.95%)	SOC Analyst
12	17 (3.73%)	Security Specialist
13	16 (3.51%)	Cybersecurity Analyst
14	15 (3.29%)	Information Security Consultant
14	15 (3.29%)	Project Manager
15	14 (3.07%)	Security Advisor
15	14 (3.07%)	Senior Analyst
16	12 (2.63%)	Information Manager
16	12 (2.63%)	IT Manager
16	12 (2.63%)	Security Officer

Libraries, Frameworks & Software Standards
1	8 (1.75%)	RabbitMQ
2	7 (1.54%)	YAML
3	5 (1.10%)	JSON
3	5 (1.10%)	Kafka
4	4 (0.88%)	LEMP Stack
4	4 (0.88%)	OAuth
5	3 (0.66%)	.NET
5	3 (0.66%)	JWT
5	3 (0.66%)	OAuth2
6	2 (0.44%)	AngularJS
6	2 (0.44%)	Express.js
6	2 (0.44%)	GraphQL
6	2 (0.44%)	MEAN Stack
6	2 (0.44%)	MERN Stack
6	2 (0.44%)	NestJS
6	2 (0.44%)	Node.js
6	2 (0.44%)	OpenAPI
6	2 (0.44%)	React
6	2 (0.44%)	SAML
6	2 (0.44%)	Web Services

Miscellaneous
1	70 (15.35%)	Management Information System
2	31 (6.80%)	Security Posture
3	26 (5.70%)	Cyber Threat
4	16 (3.51%)	Data Protection Act
5	13 (2.85%)	Cloud Native
5	13 (2.85%)	PKI
6	9 (1.97%)	CCTV
6	9 (1.97%)	Onboarding
7	8 (1.75%)	CESG
7	8 (1.75%)	Data Centre
7	8 (1.75%)	Public Cloud
8	7 (1.54%)	Greenfield Project
8	7 (1.54%)	Product Ownership
9	6 (1.32%)	Freedom of Information
9	6 (1.32%)	Hybrid Cloud
9	6 (1.32%)	Security Operations Centre
10	5 (1.10%)	Cyberattack
10	5 (1.10%)	Operational Technology
11	4 (0.88%)	Cyber Kill Chain
11	4 (0.88%)	Virtual Team

Operating Systems
1	50 (10.96%)	Linux
2	37 (8.11%)	Windows
3	12 (2.63%)	Windows Server
4	11 (2.41%)	Mac OS X
5	6 (1.32%)	Unix
6	4 (0.88%)	CentOS
7	3 (0.66%)	Windows 10
7	3 (0.66%)	Windows Server 2016
7	3 (0.66%)	zOS
8	2 (0.44%)	Windows Server 2012
8	2 (0.44%)	Windows Server 2019
9	1 (0.22%)	Mac OS
9	1 (0.22%)	Oracle Linux

Processes & Methodologies
1	221 (48.46%)	Cybersecurity
2	190 (41.67%)	Information Security
3	130 (28.51%)	Risk Management
4	74 (16.23%)	SIEM
5	72 (15.79%)	Security Architecture
6	59 (12.94%)	Cloud Security
7	54 (11.84%)	Vulnerability Management
8	52 (11.40%)	Penetration Testing
8	52 (11.40%)	Risk Assessment
9	51 (11.18%)	Data Protection
10	49 (10.75%)	Stakeholder Management
11	46 (10.09%)	Incident Response
12	45 (9.87%)	Problem-Solving
13	43 (9.43%)	Identity Access Management
14	41 (8.99%)	Incident Management
15	36 (7.89%)	Security Management
16	35 (7.68%)	Agile
16	35 (7.68%)	DevOps
16	35 (7.68%)	ISMS
17	33 (7.24%)	Information Assurance

Programming Languages
1	20 (4.39%)	PowerShell
2	15 (3.29%)	Python
3	12 (2.63%)	Kusto Query Language
4	10 (2.19%)	Bash
5	9 (1.97%)	C#
5	9 (1.97%)	C++
6	7 (1.54%)	SQL
7	4 (0.88%)	PHP
8	3 (0.66%)	Go
8	3 (0.66%)	Java
8	3 (0.66%)	JavaScript
9	2 (0.44%)	Kotlin
9	2 (0.44%)	R
9	2 (0.44%)	TypeScript
10	1 (0.22%)	Ruby

Qualifications
1	129 (28.29%)	CISSP
2	112 (24.56%)	Security Cleared
3	95 (20.83%)	SC Cleared
4	93 (20.39%)	CISM
5	53 (11.62%)	CISA
6	37 (8.11%)	Degree
7	29 (6.36%)	Cisco Certification
8	24 (5.26%)	DV Cleared
9	21 (4.61%)	CRISC
10	20 (4.39%)	(ISC)2 CCSP
11	18 (3.95%)	CompTIA Security+
12	15 (3.29%)	CEH
12	15 (3.29%)	CISMP
13	14 (3.07%)	ISO 27001 Lead Auditor
14	12 (2.63%)	ISO 27001 Lead Implementer
15	11 (2.41%)	CREST Certified
16	10 (2.19%)	CCSK
16	10 (2.19%)	CLAS
17	9 (1.97%)	CESG Certified Professional
17	9 (1.97%)	TOGAF Certification

Quality Assurance & Compliance
1	223 (48.90%)	NIST
2	74 (16.23%)	GDPR
3	64 (14.04%)	PCI DSS
4	44 (9.65%)	GRC
5	41 (8.99%)	Cyber Essentials
5	41 (8.99%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
6	33 (7.24%)	COBIT
7	32 (7.02%)	HIPAA
8	30 (6.58%)	NCSC
9	19 (4.17%)	ISO 9001
10	14 (3.07%)	ISO 22301
11	12 (2.63%)	California Consumer Privacy Act
11	12 (2.63%)	ISO/IEC 20000
12	10 (2.19%)	JSP 440
12	10 (2.19%)	QA
13	9 (1.97%)	HMG Security Policy Framework
13	9 (1.97%)	Sarbanes-Oxley
14	8 (1.75%)	RMADS
15	7 (1.54%)	Disclosure Scotland
16	6 (1.32%)	SOC 2

System Software
1	20 (4.39%)	Active Directory
2	11 (2.41%)	Docker
3	3 (0.66%)	Virtual Machines
3	3 (0.66%)	VMware Infrastructure
4	2 (0.44%)	Firmware
4	2 (0.44%)	Hyper-V
4	2 (0.44%)	Squid

Systems Management
1	26 (5.70%)	Terraform
2	20 (4.39%)	Kubernetes
3	13 (2.85%)	Ansible
4	4 (0.88%)	Nessus
4	4 (0.88%)	Trend Micro Deep Security
5	3 (0.66%)	CASB
5	3 (0.66%)	Grafana
5	3 (0.66%)	HP Fortify
5	3 (0.66%)	Prometheus
5	3 (0.66%)	SCCM
5	3 (0.66%)	Single Sign-On
6	2 (0.44%)	HAProxy
6	2 (0.44%)	Kibana
6	2 (0.44%)	logstash
6	2 (0.44%)	Microsoft Intune
6	2 (0.44%)	Nmap
6	2 (0.44%)	Packer
6	2 (0.44%)	SCOrch
7	1 (0.22%)	Active Directory Federation Services
7	1 (0.22%)	IBM BigFix

Vendors
1	88 (19.30%)	Microsoft
2	21 (4.61%)	Cisco
3	11 (2.41%)	ServiceNow
3	11 (2.41%)	Splunk
4	9 (1.97%)	Google
5	8 (1.75%)	Qualys
5	8 (1.75%)	Sparx
6	7 (1.54%)	Rapid7
7	6 (1.32%)	Palo Alto
7	6 (1.32%)	SAP
8	5 (1.10%)	Citrix
8	5 (1.10%)	CrowdStrike
8	5 (1.10%)	Darktrace
8	5 (1.10%)	VMware
9	4 (0.88%)	Becrypt
9	4 (0.88%)	Netskope
10	3 (0.66%)	Atlassian
10	3 (0.66%)	BiZZdesign
10	3 (0.66%)	F5
10	3 (0.66%)	Fortinet

ISO/IEC 27001UK

All Quality Assurance and Compliance SkillsUK

ISO/IEC 27001Job Vacancy Trend

ISO/IEC 27001Contractor Daily Rate Trend

ISO/IEC 27001Daily Rate Histogram

ISO/IEC 27001Contractor Hourly Rate Trend

ISO/IEC 27001Top 16 Contract Locations

ISO/IEC 27001Top 30 Co-occurring Skills and Capabilities

ISO/IEC 27001Co-occurring Skills and Capabilities by Category