Incident Response Jobs

Incident Response
UK

The following table provides summary statistics for permanent job vacancies with a requirement for Incident Response skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Incident Response over the 6 months to 10 May 2024 with a comparison to the same period in the previous 2 years.

6 months to
10 May 2024		 Same period 2023 Same period 2022
Rank 297 379 433
Rank change year-on-year +82 +54 +18
Permanent jobs citing Incident Response 982 895 1,304
As % of all permanent jobs advertised in the UK 0.99% 0.89% 0.83%
As % of the Processes & Methodologies category 1.16% 0.93% 0.87%
Number of salaries quoted 743 614 826
10th Percentile £42,740 £38,750 £38,750
25th Percentile £51,250 £47,500 £48,750
Median annual salary (50th Percentile) £65,000 £65,000 £62,500
Median % change year-on-year - +4.00% +4.17%
75th Percentile £80,000 £77,500 £80,000
90th Percentile £97,500 £93,375 £92,500
UK excluding London median annual salary £55,000 £53,750 £53,112
% change year-on-year +2.33% +1.20% +1.17%

All Process and Methodology Skills
UK

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 84,917 96,578 150,488
As % of all permanent jobs advertised in the UK 85.59% 95.61% 95.67%
Number of salaries quoted 59,883 56,844 82,330
10th Percentile £29,008 £34,000 £33,515
25th Percentile £40,000 £45,000 £43,750
Median annual salary (50th Percentile) £55,000 £61,190 £60,000
Median % change year-on-year -10.12% +1.98% +9.09%
75th Percentile £72,500 £81,250 £80,000
90th Percentile £92,500 £100,000 £96,250
UK excluding London median annual salary £50,000 £55,000 £52,500
% change year-on-year -9.09% +4.76% +9.38%

Incident Response
Job Vacancy Trend

Job postings citing Incident Response as a proportion of all IT jobs advertised.

Job vacancy trend for Incident Response in the UK

Incident Response
Salary Trend

3-month moving average salary quoted in jobs citing Incident Response.

Salary trend for Incident Response in the UK

Incident Response
Salary Histogram

Salary distribution for jobs citing Incident Response over the 6 months to 10 May 2024.

Salary histogram for Incident Response in the UK

Incident Response
Top 19 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Incident Response within the UK over the 6 months to 10 May 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England +118 871 £65,000 - 233
UK excluding London +69 611 £55,000 +2.33% 143
Work from Home -7 328 £70,000 +12.00% 133
London +92 322 £75,000 +4.90% 88
North of England +150 200 £52,084 -13.19% 42
North West +76 132 £52,084 -13.19% 19
Midlands +8 132 £60,000 +20.00% 27
South East -17 115 £62,500 +13.64% 38
West Midlands +29 101 £60,000 +9.09% 20
South West +34 78 £50,000 -0.99% 15
Yorkshire +118 59 £60,000 - 17
Scotland -53 45 £63,750 +24.39% 11
East Midlands -24 31 £65,000 +36.84% 6
East of England +17 16 £52,500 +16.67% 6
Wales -4 14 £62,500 +13.64% 3
North East 0 9 £70,000 +3.70% 6
Isle of Man -14 8 £46,500 +3.33% 2
Northern Ireland +15 2 - - 1
Channel Islands - 1 £100,000 -

Incident Response
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 19 (1.93%) Microsoft Exchange
2 15 (1.53%) SharePoint
3 9 (0.92%) IIS
4 7 (0.71%) Apache
5 1 (0.10%) CMS
5 1 (0.10%) Confluence
5 1 (0.10%) Moodle
5 1 (0.10%) nginx
5 1 (0.10%) WordPress
Applications
1 53 (5.40%) Microsoft Office
2 38 (3.87%) Microsoft Excel
3 37 (3.77%) Microsoft PowerPoint
4 3 (0.31%) Microsoft Project
4 3 (0.31%) MS Visio
Business Applications
1 6 (0.61%) Dynamics CRM
2 1 (0.10%) Payment Gateway
2 1 (0.10%) SAP S/4HANA
Cloud Services
1 265 (26.99%) Azure
2 151 (15.38%) Microsoft 365
3 137 (13.95%) AWS
4 66 (6.72%) SaaS
5 40 (4.07%) Azure Sentinel
6 35 (3.56%) GCP
7 24 (2.44%) Entra ID
8 20 (2.04%) PaaS
9 19 (1.93%) IaaS
10 18 (1.83%) Cloud Computing
11 15 (1.53%) Amazon CloudWatch
12 14 (1.43%) Amazon S3
13 13 (1.32%) Amazon GuardDuty
13 13 (1.32%) AWS CloudTrail
14 12 (1.22%) Serverless
15 11 (1.12%) AWS CloudFormation
15 11 (1.12%) Power Platform
16 9 (0.92%) Amazon EC2
16 9 (0.92%) Amazon ECS
16 9 (0.92%) Virtual Private Cloud
Communications & Networking
1 243 (24.75%) Firewall
2 85 (8.66%) Intrusion Detection
3 64 (6.52%) Network Security
4 43 (4.38%) TCP/IP
5 35 (3.56%) VPN
6 29 (2.95%) Internet
7 21 (2.14%) LAN
8 20 (2.04%) DNS
8 20 (2.04%) WAN
9 13 (1.32%) Wireshark
10 12 (1.22%) SAN
11 7 (0.71%) DHCP
11 7 (0.71%) HTTP
11 7 (0.71%) SMTP
12 6 (0.61%) SSL
13 5 (0.51%) VLAN
14 4 (0.41%) DMZ
14 4 (0.41%) NetScaler
15 3 (0.31%) Broadband
15 3 (0.31%) Wireless
Database & Business Intelligence
1 36 (3.67%) SQL Server
2 22 (2.24%) MySQL
3 16 (1.63%) RDBMS
3 16 (1.63%) Relational Database
4 13 (1.32%) MongoDB
5 12 (1.22%) BigQuery
5 12 (1.22%) Data Hub
5 12 (1.22%) DB2
5 12 (1.22%) Enterprise Data Warehouse
6 10 (1.02%) Amazon RDS
7 6 (0.61%) Azure SQL Database
7 6 (0.61%) SQL Server Reporting Services
8 4 (0.41%) PostgreSQL
8 4 (0.41%) Power BI
9 2 (0.20%) Metabase
9 2 (0.20%) Oracle Database
9 2 (0.20%) Redis
10 1 (0.10%) Hadoop
10 1 (0.10%) MariaDB
Development Applications
1 6 (0.61%) Visual Studio
2 5 (0.51%) Burp Suite
2 5 (0.51%) Metasploit
3 3 (0.31%) Jenkins
3 3 (0.31%) sqlmap
4 2 (0.20%) Git
4 2 (0.20%) GitLab
4 2 (0.20%) JIRA
4 2 (0.20%) Snyk
5 1 (0.10%) Bitbucket
5 1 (0.10%) TeamCity
General
1 323 (32.89%) Social Skills
2 209 (21.28%) Finance
3 145 (14.77%) Analytical Skills
4 81 (8.25%) Legal
5 72 (7.33%) Law
6 50 (5.09%) Public Sector
7 43 (4.38%) Banking
7 43 (4.38%) Military
8 41 (4.18%) Manufacturing
9 30 (3.05%) Marketing
10 24 (2.44%) Inclusion and Diversity
11 21 (2.14%) Documentation Skills
11 21 (2.14%) Games
12 18 (1.83%) Presentation Skills
13 16 (1.63%) Financial Institution
13 16 (1.63%) Retail
13 16 (1.63%) Spanish Language
14 12 (1.22%) Influencing Skills
15 11 (1.12%) French Language
16 8 (0.81%) Pharmaceutical
Job Titles
1 274 (27.90%) Analyst
2 158 (16.09%) Security Analyst
3 144 (14.66%) Senior
4 90 (9.16%) Cybersecurity Analyst
5 89 (9.06%) Security Engineer
6 88 (8.96%) Lead
7 84 (8.55%) Senior Analyst
8 74 (7.54%) Security Manager
9 57 (5.80%) SOC Analyst
10 51 (5.19%) Consultant
10 51 (5.19%) Senior Security Analyst
11 46 (4.68%) Architect
12 45 (4.58%) IT Analyst
13 44 (4.48%) Security Consultant
14 39 (3.97%) IT Security Analyst
14 39 (3.97%) Security Architect
15 36 (3.67%) Security Specialist
16 35 (3.56%) Incident Manager
17 32 (3.26%) Cybersecurity Consultant
17 32 (3.26%) Service Manager
Libraries, Frameworks & Software Standards
1 15 (1.53%) .NET
2 11 (1.12%) Web Services
3 8 (0.81%) Laravel
4 7 (0.71%) XML
5 6 (0.61%) .NET Framework
6 5 (0.51%) Node.js
7 4 (0.41%) EDI
7 4 (0.41%) Kafka
8 3 (0.31%) HTML
8 3 (0.31%) Sass
8 3 (0.31%) Vue
8 3 (0.31%) web3js
9 2 (0.20%) CSS
9 2 (0.20%) D3.js
9 2 (0.20%) Elastic Stack
9 2 (0.20%) React
10 1 (0.10%) OpenID
10 1 (0.10%) REST
10 1 (0.10%) SOAP
10 1 (0.10%) XSLT
Miscellaneous
1 172 (17.52%) Cyber Threat
2 149 (15.17%) Management Information System
3 100 (10.18%) Cyberattack
4 99 (10.08%) Security Posture
5 83 (8.45%) Security Operations Centre
6 62 (6.31%) Operational Technology
7 42 (4.28%) Cyber Kill Chain
8 38 (3.87%) Driving Licence
9 33 (3.36%) Industrial Internet of Things
10 26 (2.65%) Public Cloud
11 25 (2.55%) Cyber Defence
12 23 (2.34%) Analytical Mindset
13 22 (2.24%) Data Centre
14 19 (1.93%) Client/Server
15 16 (1.63%) SCADA
16 13 (1.32%) Cloud Security Posture
17 12 (1.22%) Data Fabric
18 11 (1.12%) Cloud Native
18 11 (1.12%) Data Protection Act
19 8 (0.81%) Social Media
Operating Systems
1 198 (20.16%) Windows
2 122 (12.42%) Linux
3 55 (5.60%) Unix
4 44 (4.48%) Windows Server
5 18 (1.83%) Mac OS X
6 16 (1.63%) zOS
7 10 (1.02%) Kali Linux
8 8 (0.81%) Ubuntu
9 7 (0.71%) Windows Server 2012
10 5 (0.51%) Windows 10
11 4 (0.41%) CentOS
11 4 (0.41%) Solaris
11 4 (0.41%) Windows Server 2016
12 3 (0.31%) Mac OS
13 2 (0.20%) Apple iOS
13 2 (0.20%) Windows 7
14 1 (0.10%) AIX
14 1 (0.10%) Android
14 1 (0.10%) Data ONTAP
14 1 (0.10%) Windows XP
Processes & Methodologies
1 680 (69.25%) Cybersecurity
2 291 (29.63%) Information Security
3 288 (29.33%) Security Operations
4 265 (26.99%) SIEM
5 200 (20.37%) Problem-Solving
6 180 (18.33%) Incident Management
7 173 (17.62%) Threat Intelligence
8 167 (17.01%) Cyber Threat Intelligence
9 161 (16.40%) Risk Management
10 154 (15.68%) Vulnerability Management
11 107 (10.90%) Penetration Testing
12 106 (10.79%) Computer Science
13 101 (10.29%) Disaster Recovery
14 97 (9.88%) Cloud Security
15 84 (8.55%) Security Architecture
16 83 (8.45%) ITIL
17 82 (8.35%) Change Management
18 81 (8.25%) Vulnerability Assessment
19 77 (7.84%) Service Delivery
20 74 (7.54%) Security Management
Programming Languages
1 70 (7.13%) PowerShell
2 66 (6.72%) Python
3 29 (2.95%) SQL
4 25 (2.55%) Bash
5 13 (1.32%) Java
6 11 (1.12%) C#
6 11 (1.12%) PHP
7 9 (0.92%) JavaScript
8 8 (0.81%) Rust
9 6 (0.61%) T-SQL
10 5 (0.51%) C++
11 4 (0.41%) Kusto Query Language
12 3 (0.31%) Go
13 2 (0.20%) Lisp
13 2 (0.20%) Shell Script
14 1 (0.10%) Bicep
14 1 (0.10%) Perl
14 1 (0.10%) Ruby
14 1 (0.10%) TypeScript
Qualifications
1 266 (27.09%) CISSP
2 264 (26.88%) Degree
3 147 (14.97%) CISM
4 113 (11.51%) Security Cleared
5 60 (6.11%) Cisco Certification
6 56 (5.70%) CEH
6 56 (5.70%) Computer Science Degree
7 54 (5.50%) SC Cleared
8 50 (5.09%) CompTIA Security+
9 46 (4.68%) GIAC
10 43 (4.38%) CISA
11 41 (4.18%) (ISC)2 CCSP
12 36 (3.67%) CCSP
13 33 (3.36%) Master's Degree
14 27 (2.75%) AWS Certification
15 25 (2.55%) GCIH
16 24 (2.44%) CREST Certified
17 23 (2.34%) OSCP
18 21 (2.14%) GCIA
19 20 (2.04%) Azure Certification
Quality Assurance & Compliance
1 254 (25.87%) ISO/IEC 27001
2 150 (15.27%) NIST
3 96 (9.78%) Cyber Essentials
4 75 (7.64%) GDPR
5 68 (6.92%) PCI DSS
6 41 (4.18%) ISO 9001
6 41 (4.18%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 38 (3.87%) ISO/IEC 17025
8 35 (3.56%) GRC
8 35 (3.56%) NCSC
9 20 (2.04%) JSP 440
10 18 (1.83%) Cyber Essentials PLUS
11 11 (1.12%) SLA
12 10 (1.02%) COBIT
13 8 (0.81%) Accessibility
13 8 (0.81%) QA
13 8 (0.81%) Sarbanes-Oxley
13 8 (0.81%) SOC 2
14 7 (0.71%) HIPAA
14 7 (0.71%) NIST 800
System Software
1 76 (7.74%) Active Directory
2 29 (2.95%) VMware Infrastructure
3 13 (1.32%) Hyper-V
4 8 (0.81%) Docker
5 5 (0.51%) Virtual Machines
5 5 (0.51%) VMware NSX
6 3 (0.31%) Terminal Services
6 3 (0.31%) Virtual Desktop
6 3 (0.31%) VMware ESXi
7 2 (0.20%) Virtual Servers
8 1 (0.10%) XenApp
Systems Management
1 36 (3.67%) EnCase
2 25 (2.55%) QRadar
3 20 (2.04%) Terraform
4 17 (1.73%) Microsoft Intune
5 16 (1.63%) CSIRT
6 13 (1.32%) Kubernetes
7 9 (0.92%) Single Sign-On
8 8 (0.81%) SCCM
9 7 (0.71%) Ansible
10 5 (0.51%) Prometheus
10 5 (0.51%) Suricata
11 4 (0.41%) Cacti
11 4 (0.41%) CASB
11 4 (0.41%) Computer Emergency Response Teams
11 4 (0.41%) Grafana
12 3 (0.31%) Nessus
12 3 (0.31%) Nmap
12 3 (0.31%) SELinux
13 2 (0.20%) Data Guard
13 2 (0.20%) Host Intrusion Detection System
Vendors
1 296 (30.14%) Microsoft
2 55 (5.60%) VMware
3 42 (4.28%) Splunk
4 39 (3.97%) Dell
5 33 (3.36%) Oracle
5 33 (3.36%) Qualys
6 29 (2.95%) Cisco
7 24 (2.44%) CrowdStrike
8 20 (2.04%) IBM
9 15 (1.53%) Google
10 14 (1.43%) Darktrace
10 14 (1.43%) ServiceNow
11 13 (1.32%) Databricks
12 12 (1.22%) Citrix
12 12 (1.22%) F5
13 9 (0.92%) CyberArk
13 9 (0.92%) Datto
13 9 (0.92%) Juniper
13 9 (0.92%) Sun
14 8 (0.81%) Xero
291 Incident Response jobs Nationwide