Incident Response Contracts

Incident Response
UK

The following table provides summary statistics for contract job vacancies with a requirement for Incident Response skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Incident Response over the 6 months to 9 June 2024 with a comparison to the same period in the previous 2 years.

6 months to
9 Jun 2024		 Same period 2023 Same period 2022
Rank 222 338 496
Rank change year-on-year +116 +158 -34
Contract jobs citing Incident Response 475 403 398
As % of all contract jobs advertised in the UK 1.10% 0.73% 0.45%
As % of the Processes & Methodologies category 1.29% 0.81% 0.50%
Number of daily rates quoted 345 305 304
10th Percentile £419 £408 £400
25th Percentile £458 £488 £475
Median daily rate (50th Percentile) £567 £593 £550
Median % change year-on-year -4.42% +7.86% +4.76%
75th Percentile £675 £745 £663
90th Percentile £763 £813 £750
UK excluding London median daily rate £573 £585 £568
% change year-on-year -2.14% +2.95% +3.32%
Number of hourly rates quoted 7 0 7
10th Percentile £36.05 - £16.10
25th Percentile - - £16.41
Median hourly rate £40.00 - £17.64
75th Percentile - - £31.46
90th Percentile £47.50 - £65.76
UK excluding London median hourly rate £40.00 - £17.23

All Process and Methodology Skills
UK

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 36,914 49,809 79,437
As % of all contract IT jobs advertised in the UK 85.21% 89.64% 90.63%
Number of daily rates quoted 23,592 34,469 55,846
10th Percentile £300 £325 £350
25th Percentile £413 £438 £435
Median daily rate (50th Percentile) £525 £550 £538
Median % change year-on-year -4.55% +2.33% +7.50%
75th Percentile £638 £650 £649
90th Percentile £750 £750 £743
UK excluding London median daily rate £500 £500 £490
% change year-on-year - +2.04% +8.89%
Number of hourly rates quoted 2,564 1,687 1,868
10th Percentile £12.75 £10.70 £12.50
25th Percentile £16.00 £15.75 £15.75
Median hourly rate £36.50 £35.80 £25.68
Median % change year-on-year +1.96% +39.41% +11.65%
75th Percentile £61.25 £65.00 £50.00
90th Percentile £72.50 £75.00 £65.00
UK excluding London median hourly rate £38.12 £35.00 £20.51
% change year-on-year +8.91% +70.69% -2.36%

Incident Response
Job Vacancy Trend

Job postings citing Incident Response as a proportion of all IT jobs advertised.

Job vacancy trend for Incident Response in the UK

Incident Response
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing Incident Response.

Daily rate trend for Incident Response in the UK

Incident Response
Daily Rate Histogram

Daily rate distribution for jobs citing Incident Response over the 6 months to 9 June 2024.

Daily rate histogram for Incident Response in the UK

Incident Response
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing Incident Response.

Hourly rate trend for Incident Response in the UK

Incident Response
Hourly Rate Histogram

Hourly rate distribution of jobs citing Incident Response over the 6 months to 9 June 2024.

Hourly rate histogram for Incident Response in the UK

Incident Response
Top 14 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Incident Response within the UK over the 6 months to 9 June 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +112 428 £550 -8.33% 192
UK excluding London +132 306 £573 -2.14% 132
Work from Home +69 129 £500 -25.93% 95
South West +103 118 £650 +8.33% 16
London +4 108 £525 -16.00% 68
South East +89 93 £500 -18.03% 27
North of England +17 54 £525 -10.64% 35
Midlands +35 45 £636 -2.12% 28
West Midlands +30 41 £639 -1.73% 21
Yorkshire +21 28 £604 +9.73% 13
East of England +2 27 £625 +58.23% 8
North West -5 26 £500 -15.72% 21
Scotland +36 11 £525 +16.67% 15
East Midlands +10 4 £534 -13.11% 7

Incident Response
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 18 (3.79%) CMS
2 12 (2.53%) NetWeaver
3 5 (1.05%) Confluence
4 4 (0.84%) Microsoft Exchange
5 2 (0.42%) Apache Spark
5 2 (0.42%) nginx
5 2 (0.42%) SharePoint
6 1 (0.21%) Blackberry Enterprise Server
6 1 (0.21%) IBM Notes
Applications
1 2 (0.42%) Microsoft Excel
1 2 (0.42%) Microsoft Project
2 1 (0.21%) Microsoft Office
Business Applications
1 12 (2.53%) SAP IBP
Cloud Services
1 91 (19.16%) Azure
2 47 (9.89%) AWS
3 37 (7.79%) Azure Sentinel
4 15 (3.16%) Microsoft 365
5 13 (2.74%) Entra ID
6 11 (2.32%) GCP
7 10 (2.11%) Microsoft Purview
7 10 (2.11%) OpenShift
8 7 (1.47%) Azure DevOps
8 7 (1.47%) Azure Monitor
8 7 (1.47%) Virtual Private Cloud
9 6 (1.26%) GitHub
10 5 (1.05%) Amazon CloudWatch
10 5 (1.05%) Amazon GuardDuty
10 5 (1.05%) AWS CloudTrail
10 5 (1.05%) CloudFront
10 5 (1.05%) Google Kubernetes Engine
11 4 (0.84%) Amazon S3
11 4 (0.84%) AWS CloudFormation
11 4 (0.84%) PaaS
Communications & Networking
1 59 (12.42%) Firewall
2 38 (8.00%) Network Security
3 23 (4.84%) Intrusion Detection
4 18 (3.79%) DNS
5 17 (3.58%) NX-OS
6 16 (3.37%) SD-WAN
6 16 (3.37%) TCP/IP
7 12 (2.53%) VPN
8 10 (2.11%) HTTP
9 8 (1.68%) FTP
10 7 (1.47%) DHCP
11 6 (1.26%) SMTP
12 5 (1.05%) LAN
12 5 (1.05%) SSL
12 5 (1.05%) tcpdump
12 5 (1.05%) Wireshark
13 4 (0.84%) Cisco ISE
13 4 (0.84%) Cisco Nexus
13 4 (0.84%) WAN
14 3 (0.63%) Wireless
Database & Business Intelligence
1 21 (4.42%) Elasticsearch
2 12 (2.53%) SAP BW
2 12 (2.53%) SAP HANA
3 10 (2.11%) PostgreSQL
4 9 (1.89%) SQL Server
5 6 (1.26%) Apache Hive
5 6 (1.26%) Hadoop
5 6 (1.26%) MongoDB
6 5 (1.05%) BigQuery
7 4 (0.84%) Data Lake
7 4 (0.84%) Tableau
8 3 (0.63%) Data Hub
8 3 (0.63%) DB2
8 3 (0.63%) Enterprise Data Warehouse
9 2 (0.42%) Big Data
9 2 (0.42%) Data Warehouse
9 2 (0.42%) HBase
9 2 (0.42%) IBM BigInsights
9 2 (0.42%) Parquet
9 2 (0.42%) Power BI
Development Applications
1 17 (3.58%) JIRA
2 5 (1.05%) Git
2 5 (1.05%) Jenkins
3 4 (0.84%) IDA Disassembler
4 3 (0.63%) GitLab
5 2 (0.42%) Artifactory
5 2 (0.42%) Liquibase
5 2 (0.42%) Octopus Deploy
5 2 (0.42%) TeamCity
6 1 (0.21%) Subversion
General
1 131 (27.58%) Social Skills
2 64 (13.47%) Analytical Skills
3 51 (10.74%) Finance
4 43 (9.05%) Public Sector
5 23 (4.84%) Banking
6 21 (4.42%) Telecoms
7 20 (4.21%) Legal
8 9 (1.89%) Inclusion and Diversity
8 9 (1.89%) Law
8 9 (1.89%) Retail
9 7 (1.47%) Manufacturing
10 5 (1.05%) Documentation Skills
10 5 (1.05%) Presentation Skills
11 3 (0.63%) Financial Institution
11 3 (0.63%) Games
11 3 (0.63%) Influencing Skills
12 2 (0.42%) Aerospace
12 2 (0.42%) Electronics
12 2 (0.42%) Military
12 2 (0.42%) Organisational Skills
Job Titles
1 144 (30.32%) Analyst
2 82 (17.26%) SOC Analyst
3 48 (10.11%) Consultant
4 42 (8.84%) Security Engineer
5 38 (8.00%) Architect
6 36 (7.58%) Senior
7 32 (6.74%) Lead
8 30 (6.32%) Security Analyst
9 24 (5.05%) SOC Engineer
10 20 (4.21%) Senior Analyst
11 16 (3.37%) Security Architect
12 15 (3.16%) Cyber Defence Analyst
12 15 (3.16%) Cybersecurity Analyst
12 15 (3.16%) Network Architect
12 15 (3.16%) Security Manager
12 15 (3.16%) Site Engineer
12 15 (3.16%) Site Reliability Engineer
13 14 (2.95%) Cybersecurity Engineer
13 14 (2.95%) SIEM Consultant
14 12 (2.53%) SAP Consultant
Libraries, Frameworks & Software Standards
1 21 (4.42%) Elastic Stack
2 16 (3.37%) Kafka
3 12 (2.53%) SAP Basis
3 12 (2.53%) SAP Fiori
4 6 (1.26%) OAuth
4 6 (1.26%) OAuth2
4 6 (1.26%) SAML
5 5 (1.05%) JSON
5 5 (1.05%) LDAP
5 5 (1.05%) SailPoint
5 5 (1.05%) XML
6 4 (0.84%) Ajax
6 4 (0.84%) AngularJS
6 4 (0.84%) CSS
6 4 (0.84%) HTML
6 4 (0.84%) OLE
6 4 (0.84%) Web Services
7 3 (0.63%) SOAP
8 2 (0.42%) .NET
8 2 (0.42%) scikit-learn
Miscellaneous
1 120 (25.26%) Management Information System
2 106 (22.32%) Cyber Threat
3 88 (18.53%) Security Operations Centre
4 84 (17.68%) Cyber Kill Chain
5 80 (16.84%) Cyber Defence
6 48 (10.11%) Security Posture
7 40 (8.42%) CSOC
8 36 (7.58%) Cloud Native
9 29 (6.11%) Cyberattack
10 18 (3.79%) Onboarding
11 15 (3.16%) Data Centre
12 13 (2.74%) Distributed Denial-of-Service
12 13 (2.74%) Public Cloud
13 8 (1.68%) CMDB
14 7 (1.47%) Data Protection Act
15 6 (1.26%) Self-Motivation
16 5 (1.05%) Analytical Mindset
16 5 (1.05%) Cloud Security Posture
16 5 (1.05%) YARA
17 4 (0.84%) Hedge funds
Operating Systems
1 72 (15.16%) Linux
2 67 (14.11%) Windows
3 17 (3.58%) Unix
4 7 (1.47%) zOS
5 6 (1.26%) Windows Server
6 2 (0.42%) Mac OS
6 2 (0.42%) Red Hat Enterprise Linux
7 1 (0.21%) Mac OS X
7 1 (0.21%) Windows 10
Processes & Methodologies
1 279 (58.74%) Cybersecurity
2 205 (43.16%) SIEM
3 189 (39.79%) Security Operations
4 134 (28.21%) Information Security
5 118 (24.84%) Threat Intelligence
6 114 (24.00%) Incident Management
7 111 (23.37%) Use Case
8 98 (20.63%) MITRE ATT&CK
9 91 (19.16%) Cyber Threat Intelligence
10 88 (18.53%) Vulnerability Management
11 78 (16.42%) Mentoring
12 76 (16.00%) Root Cause Analysis
12 76 (16.00%) SOAR
13 72 (15.16%) Protective Monitoring
14 71 (14.95%) Problem-Solving
15 60 (12.63%) Case Management
16 50 (10.53%) Data Security
17 49 (10.32%) CRM
18 47 (9.89%) Analytics
19 46 (9.68%) Cloud Security
Programming Languages
1 31 (6.53%) PowerShell
2 26 (5.47%) Python
3 25 (5.26%) Kusto Query Language
4 9 (1.89%) Bash
4 9 (1.89%) JavaScript
4 9 (1.89%) SQL
5 6 (1.26%) Search Processing Language
6 5 (1.05%) Perl
7 4 (0.84%) Go
8 3 (0.63%) Java
8 3 (0.63%) Shell Script
9 2 (0.42%) Bicep
9 2 (0.42%) C
9 2 (0.42%) C#
9 2 (0.42%) C++
9 2 (0.42%) R
9 2 (0.42%) U-SQL
10 1 (0.21%) Ruby
Qualifications
1 194 (40.84%) Security Cleared
2 111 (23.37%) DV Cleared
3 69 (14.53%) SC Cleared
4 57 (12.00%) Degree
5 49 (10.32%) CISSP
6 28 (5.89%) SANS
7 20 (4.21%) Computer Science Degree
8 18 (3.79%) CISM
9 17 (3.58%) CompTIA Security+
10 16 (3.37%) Cisco Certification
11 14 (2.95%) CEH
12 12 (2.53%) Azure Certification
13 11 (2.32%) GIAC
14 10 (2.11%) CCNP
14 10 (2.11%) GCIH
14 10 (2.11%) Microsoft Certification
15 9 (1.89%) CCNA
15 9 (1.89%) GCIA
16 8 (1.68%) SAP Certification
17 7 (1.47%) BPSS Clearance
Quality Assurance & Compliance
1 99 (20.84%) NIST
2 54 (11.37%) NIST 800
3 49 (10.32%) GDPR
4 46 (9.68%) ISO/IEC 27001
5 27 (5.68%) NCSC
6 12 (2.53%) PCI DSS
7 9 (1.89%) GRC
8 7 (1.47%) Cyber Essentials
9 6 (1.26%) HIPAA
9 6 (1.26%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
10 4 (0.84%) SLA
11 3 (0.63%) Cyber Essentials PLUS
11 3 (0.63%) GPG13
12 2 (0.42%) Sarbanes-Oxley
13 1 (0.21%) Data Quality
13 1 (0.21%) Disclosure Scotland
13 1 (0.21%) GLBA
13 1 (0.21%) ISAE 3402
13 1 (0.21%) QA
13 1 (0.21%) SOC 2
System Software
1 23 (4.84%) Active Directory
2 20 (4.21%) VMware Infrastructure
3 16 (3.37%) VMware NSX
3 16 (3.37%) vSphere
4 12 (2.53%) Docker
5 7 (1.47%) Virtual Machines
6 4 (0.84%) Snort
7 2 (0.42%) XenApp
8 1 (0.21%) Firmware
8 1 (0.21%) Virtual Desktop
Systems Management
1 33 (6.95%) Kibana
2 26 (5.47%) CSIRT
3 19 (4.00%) Kubernetes
3 19 (4.00%) logstash
4 14 (2.95%) Prometheus
4 14 (2.95%) Terraform
5 13 (2.74%) Nessus
6 12 (2.53%) Istio
7 11 (2.32%) Grafana
8 10 (2.11%) Argo
9 7 (1.47%) Ansible
10 6 (1.26%) QRadar
11 4 (0.84%) Computer Emergency Response Teams
11 4 (0.84%) Puppet
11 4 (0.84%) Trend Micro Deep Security
12 3 (0.63%) CASB
12 3 (0.63%) Progress Chef
13 2 (0.42%) Kiali
13 2 (0.42%) Single Sign-On
13 2 (0.42%) ZABBIX
Vendors
1 192 (40.42%) Microsoft
2 63 (13.26%) Splunk
3 34 (7.16%) Cisco
3 34 (7.16%) LogRhythm
4 27 (5.68%) Qualys
5 24 (5.05%) Darktrace
6 23 (4.84%) VMware
7 22 (4.63%) Varonis
8 19 (4.00%) FireEye
9 16 (3.37%) Forcepoint
10 15 (3.16%) CrowdStrike
10 15 (3.16%) SAP
11 13 (2.74%) Tanium
12 12 (2.53%) Google
13 9 (1.89%) CheckPoint
13 9 (1.89%) Oracle
14 8 (1.68%) Rapid7
15 7 (1.47%) F5
15 7 (1.47%) Symantec
15 7 (1.47%) Virgin Media
241 Incident Response jobs Nationwide