Incident Response Jobs

Incident Response
UK

The following table provides summary statistics for permanent job vacancies with a requirement for Incident Response skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Incident Response over the 6 months to 20 May 2024 with a comparison to the same period in the previous 2 years.

6 months to
20 May 2024		 Same period 2023 Same period 2022
Rank 293 376 442
Rank change year-on-year +83 +66 +3
Permanent jobs citing Incident Response 958 884 1,333
As % of all permanent jobs advertised in the UK 0.96% 0.89% 0.82%
As % of the Processes & Methodologies category 1.13% 0.93% 0.85%
Number of salaries quoted 720 605 834
10th Percentile £42,500 £38,750 £38,750
25th Percentile £51,250 £47,500 £48,000
Median annual salary (50th Percentile) £65,000 £65,000 £62,500
Median % change year-on-year - +4.00% +4.17%
75th Percentile £81,250 £77,500 £80,000
90th Percentile £97,500 £93,750 £92,500
UK excluding London median annual salary £55,000 £52,500 £52,500
% change year-on-year +4.76% - -

All Process and Methodology Skills
UK

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 85,108 95,066 155,930
As % of all permanent jobs advertised in the UK 85.18% 95.58% 95.78%
Number of salaries quoted 59,794 56,135 83,138
10th Percentile £29,071 £34,000 £33,645
25th Percentile £40,000 £45,000 £43,750
Median annual salary (50th Percentile) £55,000 £61,180 £60,000
Median % change year-on-year -10.10% +1.97% +9.09%
75th Percentile £72,500 £81,250 £80,000
90th Percentile £92,500 £100,000 £96,250
UK excluding London median annual salary £50,000 £55,000 £52,500
% change year-on-year -9.09% +4.76% +10.53%

Incident Response
Job Vacancy Trend

Job postings citing Incident Response as a proportion of all IT jobs advertised.

Job vacancy trend for Incident Response in the UK

Incident Response
Salary Trend

3-month moving average salary quoted in jobs citing Incident Response.

Salary trend for Incident Response in the UK

Incident Response
Salary Histogram

Salary distribution for jobs citing Incident Response over the 6 months to 20 May 2024.

Salary histogram for Incident Response in the UK

Incident Response
Top 19 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Incident Response within the UK over the 6 months to 20 May 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England +96 850 £65,000 - 272
UK excluding London +68 595 £55,000 +4.76% 189
Work from Home +14 324 £70,000 +14.29% 133
London +79 316 £77,500 +7.25% 107
North of England +140 200 £52,084 -13.19% 54
North West +71 132 £52,084 -13.19% 25
Midlands +1 121 £60,000 +20.00% 32
South East -17 114 £60,000 +9.09% 54
West Midlands +31 89 £60,000 +9.09% 24
South West +31 78 £50,000 - 19
Yorkshire +112 59 £60,000 - 25
Scotland -58 45 £63,750 +27.50% 13
East Midlands -29 31 £65,000 +36.84% 8
Wales -2 14 £62,500 +13.64% 3
East of England +1 12 £50,000 +11.11% 14
North East +5 9 £70,000 +3.70% 4
Isle of Man -14 8 £46,500 +3.33% 2
Northern Ireland +22 2 - - 1
Channel Islands - 1 £100,000 -

Incident Response
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 18 (1.88%) Microsoft Exchange
2 12 (1.25%) SharePoint
3 9 (0.94%) IIS
4 7 (0.73%) Apache
5 1 (0.10%) CMS
5 1 (0.10%) Confluence
5 1 (0.10%) Moodle
5 1 (0.10%) nginx
5 1 (0.10%) WordPress
Applications
1 40 (4.18%) Microsoft Office
2 26 (2.71%) Microsoft Excel
3 25 (2.61%) Microsoft PowerPoint
4 1 (0.10%) Microsoft Project
4 1 (0.10%) MS Visio
Business Applications
1 6 (0.63%) Dynamics CRM
2 1 (0.10%) Payment Gateway
2 1 (0.10%) SAP S/4HANA
Cloud Services
1 258 (26.93%) Azure
2 147 (15.34%) Microsoft 365
3 138 (14.41%) AWS
4 66 (6.89%) SaaS
5 39 (4.07%) Azure Sentinel
6 34 (3.55%) GCP
7 23 (2.40%) Entra ID
8 20 (2.09%) PaaS
9 19 (1.98%) IaaS
10 18 (1.88%) Amazon CloudWatch
10 18 (1.88%) Cloud Computing
11 16 (1.67%) Amazon S3
12 15 (1.57%) Amazon GuardDuty
12 15 (1.57%) AWS CloudTrail
12 15 (1.57%) Serverless
13 13 (1.36%) AWS CloudFormation
14 11 (1.15%) Amazon EC2
14 11 (1.15%) Power Platform
14 11 (1.15%) Virtual Private Cloud
15 10 (1.04%) AWS Lambda
Communications & Networking
1 240 (25.05%) Firewall
2 85 (8.87%) Intrusion Detection
3 62 (6.47%) Network Security
4 40 (4.18%) TCP/IP
5 34 (3.55%) VPN
6 29 (3.03%) Internet
7 22 (2.30%) LAN
8 21 (2.19%) WAN
9 19 (1.98%) DNS
10 14 (1.46%) Wireshark
11 11 (1.15%) SAN
12 7 (0.73%) DHCP
12 7 (0.73%) HTTP
12 7 (0.73%) SMTP
12 7 (0.73%) SSL
13 5 (0.52%) VLAN
14 4 (0.42%) NetScaler
15 3 (0.31%) DMZ
15 3 (0.31%) tcpdump
15 3 (0.31%) Wireless
Database & Business Intelligence
1 36 (3.76%) SQL Server
2 22 (2.30%) MySQL
3 16 (1.67%) RDBMS
3 16 (1.67%) Relational Database
4 13 (1.36%) MongoDB
5 12 (1.25%) Amazon RDS
5 12 (1.25%) BigQuery
5 12 (1.25%) Data Hub
5 12 (1.25%) DB2
5 12 (1.25%) Enterprise Data Warehouse
6 6 (0.63%) Azure SQL Database
6 6 (0.63%) SQL Server Reporting Services
7 4 (0.42%) PostgreSQL
7 4 (0.42%) Power BI
8 2 (0.21%) Metabase
8 2 (0.21%) Oracle Database
8 2 (0.21%) Redis
9 1 (0.10%) Hadoop
9 1 (0.10%) MariaDB
Development Applications
1 6 (0.63%) Visual Studio
2 5 (0.52%) Burp Suite
2 5 (0.52%) Metasploit
3 3 (0.31%) Jenkins
3 3 (0.31%) sqlmap
4 2 (0.21%) Git
4 2 (0.21%) GitLab
4 2 (0.21%) JIRA
4 2 (0.21%) Snyk
5 1 (0.10%) Bitbucket
5 1 (0.10%) TeamCity
General
1 310 (32.36%) Social Skills
2 206 (21.50%) Finance
3 148 (15.45%) Analytical Skills
4 76 (7.93%) Legal
5 69 (7.20%) Law
6 43 (4.49%) Military
7 42 (4.38%) Banking
8 41 (4.28%) Manufacturing
9 38 (3.97%) Public Sector
10 29 (3.03%) Marketing
11 24 (2.51%) Inclusion and Diversity
12 21 (2.19%) Games
13 20 (2.09%) Documentation Skills
14 18 (1.88%) Presentation Skills
15 17 (1.77%) Financial Institution
16 16 (1.67%) Retail
17 14 (1.46%) Spanish Language
18 13 (1.36%) Influencing Skills
19 9 (0.94%) French Language
20 8 (0.84%) Pharmaceutical
Job Titles
1 272 (28.39%) Analyst
2 155 (16.18%) Security Analyst
3 138 (14.41%) Senior
4 90 (9.39%) Security Engineer
5 89 (9.29%) Cybersecurity Analyst
6 87 (9.08%) Lead
7 80 (8.35%) Senior Analyst
8 69 (7.20%) Security Manager
9 55 (5.74%) SOC Analyst
10 50 (5.22%) Consultant
11 47 (4.91%) Senior Security Analyst
12 46 (4.80%) Architect
12 46 (4.80%) IT Analyst
13 43 (4.49%) Security Consultant
14 40 (4.18%) IT Security Analyst
15 39 (4.07%) Security Architect
16 35 (3.65%) Incident Manager
17 33 (3.44%) Security Specialist
18 32 (3.34%) Cybersecurity Consultant
18 32 (3.34%) Service Manager
Libraries, Frameworks & Software Standards
1 15 (1.57%) .NET
2 11 (1.15%) Web Services
3 8 (0.84%) Laravel
4 7 (0.73%) XML
5 6 (0.63%) .NET Framework
6 5 (0.52%) Node.js
7 4 (0.42%) EDI
7 4 (0.42%) Kafka
8 3 (0.31%) HTML
8 3 (0.31%) Sass
8 3 (0.31%) Vue
8 3 (0.31%) web3js
9 2 (0.21%) CSS
9 2 (0.21%) D3.js
9 2 (0.21%) Elastic Stack
9 2 (0.21%) React
10 1 (0.10%) ARM Templates
10 1 (0.10%) OAuth2
10 1 (0.10%) PHP-FPM
10 1 (0.10%) REST
Miscellaneous
1 171 (17.85%) Cyber Threat
2 149 (15.55%) Management Information System
3 100 (10.44%) Cyberattack
4 99 (10.33%) Security Posture
5 83 (8.66%) Security Operations Centre
6 60 (6.26%) Operational Technology
7 44 (4.59%) Cyber Kill Chain
8 33 (3.44%) Industrial Internet of Things
9 26 (2.71%) Driving Licence
9 26 (2.71%) Public Cloud
10 25 (2.61%) Cyber Defence
11 23 (2.40%) Analytical Mindset
12 21 (2.19%) Data Centre
13 19 (1.98%) Client/Server
14 16 (1.67%) SCADA
15 12 (1.25%) Cloud Security Posture
15 12 (1.25%) Data Fabric
16 11 (1.15%) Data Protection Act
17 10 (1.04%) Cloud Native
18 8 (0.84%) Self-Motivation
Operating Systems
1 198 (20.67%) Windows
2 122 (12.73%) Linux
3 57 (5.95%) Unix
4 41 (4.28%) Windows Server
5 18 (1.88%) Mac OS X
6 16 (1.67%) zOS
7 10 (1.04%) Kali Linux
8 8 (0.84%) Ubuntu
9 7 (0.73%) Windows Server 2012
10 5 (0.52%) Windows 10
11 4 (0.42%) CentOS
11 4 (0.42%) Solaris
11 4 (0.42%) Windows Server 2016
12 3 (0.31%) Mac OS
13 2 (0.21%) Apple iOS
13 2 (0.21%) Windows 7
13 2 (0.21%) Windows XP
14 1 (0.10%) AIX
14 1 (0.10%) Amazon Linux
14 1 (0.10%) Android
Processes & Methodologies
1 658 (68.68%) Cybersecurity
2 284 (29.65%) Information Security
3 282 (29.44%) Security Operations
4 262 (27.35%) SIEM
5 192 (20.04%) Problem-Solving
6 182 (19.00%) Incident Management
7 171 (17.85%) Threat Intelligence
8 166 (17.33%) Cyber Threat Intelligence
9 164 (17.12%) Risk Management
10 149 (15.55%) Vulnerability Management
11 108 (11.27%) Computer Science
12 105 (10.96%) Penetration Testing
13 94 (9.81%) Cloud Security
14 93 (9.71%) Disaster Recovery
15 86 (8.98%) ITIL
16 85 (8.87%) Security Architecture
17 82 (8.56%) Change Management
18 79 (8.25%) Service Delivery
19 78 (8.14%) Vulnerability Assessment
20 74 (7.72%) Security Management
Programming Languages
1 70 (7.31%) PowerShell
2 67 (6.99%) Python
3 28 (2.92%) SQL
4 24 (2.51%) Bash
5 13 (1.36%) Java
6 11 (1.15%) C#
6 11 (1.15%) PHP
7 9 (0.94%) JavaScript
8 8 (0.84%) Rust
9 6 (0.63%) T-SQL
10 5 (0.52%) C++
11 4 (0.42%) Kusto Query Language
12 3 (0.31%) Go
13 2 (0.21%) Lisp
13 2 (0.21%) Shell Script
14 1 (0.10%) Bicep
14 1 (0.10%) Perl
14 1 (0.10%) Ruby
14 1 (0.10%) TypeScript
Qualifications
1 263 (27.45%) Degree
2 260 (27.14%) CISSP
3 150 (15.66%) CISM
4 102 (10.65%) Security Cleared
5 59 (6.16%) Cisco Certification
6 56 (5.85%) Computer Science Degree
7 54 (5.64%) SC Cleared
8 53 (5.53%) CEH
9 46 (4.80%) CompTIA Security+
10 45 (4.70%) GIAC
11 42 (4.38%) CISA
12 40 (4.18%) (ISC)2 CCSP
13 36 (3.76%) CCSP
14 33 (3.44%) Master's Degree
15 28 (2.92%) AWS Certification
16 25 (2.61%) CREST Certified
16 25 (2.61%) GCIH
16 25 (2.61%) OSCP
17 21 (2.19%) GCIA
18 19 (1.98%) CRISC
Quality Assurance & Compliance
1 239 (24.95%) ISO/IEC 27001
2 151 (15.76%) NIST
3 82 (8.56%) Cyber Essentials
4 75 (7.83%) GDPR
5 67 (6.99%) PCI DSS
6 41 (4.28%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 34 (3.55%) NCSC
8 33 (3.44%) GRC
9 29 (3.03%) ISO 9001
10 26 (2.71%) ISO/IEC 17025
11 20 (2.09%) JSP 440
12 17 (1.77%) Cyber Essentials PLUS
13 11 (1.15%) COBIT
13 11 (1.15%) SLA
14 8 (0.84%) Accessibility
14 8 (0.84%) Sarbanes-Oxley
14 8 (0.84%) SOC 2
15 7 (0.73%) HIPAA
15 7 (0.73%) NIST 800
15 7 (0.73%) QA
System Software
1 72 (7.52%) Active Directory
2 28 (2.92%) VMware Infrastructure
3 13 (1.36%) Hyper-V
4 9 (0.94%) Docker
5 5 (0.52%) Virtual Machines
5 5 (0.52%) VMware NSX
6 4 (0.42%) Terminal Services
7 3 (0.31%) Virtual Desktop
7 3 (0.31%) VMware ESXi
8 2 (0.21%) Virtual Servers
9 1 (0.10%) XenApp
Systems Management
1 25 (2.61%) QRadar
2 24 (2.51%) EnCase
3 21 (2.19%) Terraform
4 16 (1.67%) CSIRT
4 16 (1.67%) Microsoft Intune
5 14 (1.46%) Kubernetes
6 9 (0.94%) Single Sign-On
7 8 (0.84%) SCCM
8 7 (0.73%) Ansible
9 5 (0.52%) Prometheus
9 5 (0.52%) Suricata
10 4 (0.42%) Cacti
10 4 (0.42%) CASB
10 4 (0.42%) Computer Emergency Response Teams
10 4 (0.42%) Grafana
11 3 (0.31%) Nessus
11 3 (0.31%) Nmap
11 3 (0.31%) SELinux
12 2 (0.21%) Data Guard
12 2 (0.21%) Host Intrusion Detection System
Vendors
1 282 (29.44%) Microsoft
2 55 (5.74%) VMware
3 41 (4.28%) Splunk
4 38 (3.97%) Dell
5 33 (3.44%) Oracle
6 32 (3.34%) Qualys
7 30 (3.13%) Cisco
8 24 (2.51%) CrowdStrike
9 20 (2.09%) IBM
10 15 (1.57%) Google
11 14 (1.46%) Darktrace
12 13 (1.36%) Citrix
12 13 (1.36%) Databricks
12 13 (1.36%) ServiceNow
13 12 (1.25%) F5
14 9 (0.94%) CyberArk
14 9 (0.94%) Datto
14 9 (0.94%) Juniper
14 9 (0.94%) Sun
15 8 (0.84%) Veeam
316 Incident Response jobs Nationwide