Incident Response Jobs

Incident Response
UK

The following table provides summary statistics for permanent job vacancies with a requirement for Incident Response skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Incident Response over the 6 months to 2 June 2024 with a comparison to the same period in the previous 2 years.

6 months to
2 Jun 2024		 Same period 2023 Same period 2022
Rank 293 369 454
Rank change year-on-year +76 +85 -16
Permanent jobs citing Incident Response 1,007 853 1,357
As % of all permanent jobs advertised in the UK 0.96% 0.90% 0.80%
As % of the Processes & Methodologies category 1.14% 0.94% 0.84%
Number of salaries quoted 751 591 832
10th Percentile £42,500 £38,750 £38,750
25th Percentile £50,000 £47,500 £48,000
Median annual salary (50th Percentile) £62,500 £63,500 £62,500
Median % change year-on-year -1.57% +1.60% +4.17%
75th Percentile £78,750 £77,500 £80,000
90th Percentile £97,500 £93,750 £92,500
UK excluding London median annual salary £55,000 £55,000 £52,500
% change year-on-year - +4.76% -

All Process and Methodology Skills
UK

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 87,980 90,493 162,202
As % of all permanent jobs advertised in the UK 83.59% 95.46% 95.93%
Number of salaries quoted 61,356 54,578 82,967
10th Percentile £29,284 £34,000 £33,500
25th Percentile £40,000 £45,000 £43,750
Median annual salary (50th Percentile) £55,000 £60,899 £60,000
Median % change year-on-year -9.69% +1.50% +9.09%
75th Percentile £72,500 £81,250 £80,000
90th Percentile £92,500 £100,000 £96,250
UK excluding London median annual salary £50,000 £55,000 £52,500
% change year-on-year -9.09% +4.76% +9.38%

Incident Response
Job Vacancy Trend

Job postings citing Incident Response as a proportion of all IT jobs advertised.

Job vacancy trend for Incident Response in the UK

Incident Response
Salary Trend

3-month moving average salary quoted in jobs citing Incident Response.

Salary trend for Incident Response in the UK

Incident Response
Salary Histogram

Salary distribution for jobs citing Incident Response over the 6 months to 2 June 2024.

Salary histogram for Incident Response in the UK

Incident Response
Top 19 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Incident Response within the UK over the 6 months to 2 June 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England +112 887 £62,500 -3.85% 253
UK excluding London +68 633 £55,000 - 156
Work from Home -3 330 £70,000 +12.00% 117
London +81 323 £75,000 +4.90% 109
North of England +144 221 £52,084 -13.19% 50
North West +72 139 £52,084 -11.35% 29
Midlands -1 123 £61,439 +22.88% 26
South East -27 117 £60,000 +9.09% 39
West Midlands +10 92 £60,000 +9.09% 16
South West +28 81 £50,000 - 12
Yorkshire +98 71 £60,000 -4.00% 18
Scotland -55 49 £60,000 +20.00% 19
East Midlands -29 30 £65,000 +36.84% 10
Wales -1 16 £56,250 +2.27% 2
East of England -8 13 £50,000 +11.11% 9
North East -3 11 £50,000 -25.93% 3
Isle of Man -13 8 £46,500 +3.33% 1
Northern Ireland +13 4 £50,000 +8.70%
Channel Islands - 1 £100,000 -

Incident Response
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 18 (1.79%) Microsoft Exchange
2 11 (1.09%) SharePoint
3 8 (0.79%) IIS
4 7 (0.70%) Apache
5 1 (0.099%) CMS
5 1 (0.099%) Confluence
5 1 (0.099%) Moodle
5 1 (0.099%) nginx
5 1 (0.099%) WordPress
Applications
1 40 (3.97%) Microsoft Office
2 24 (2.38%) Microsoft Excel
3 23 (2.28%) Microsoft PowerPoint
Business Applications
1 6 (0.60%) Dynamics CRM
2 1 (0.099%) Payment Gateway
2 1 (0.099%) SAP S/4HANA
Cloud Services
1 267 (26.51%) Azure
2 148 (14.70%) Microsoft 365
3 146 (14.50%) AWS
4 67 (6.65%) SaaS
5 42 (4.17%) Azure Sentinel
6 34 (3.38%) GCP
7 28 (2.78%) Entra ID
8 23 (2.28%) Amazon CloudWatch
9 21 (2.09%) PaaS
10 20 (1.99%) Amazon S3
11 19 (1.89%) Amazon GuardDuty
11 19 (1.89%) AWS CloudTrail
11 19 (1.89%) IaaS
11 19 (1.89%) Serverless
12 17 (1.69%) AWS CloudFormation
12 17 (1.69%) Cloud Computing
12 17 (1.69%) Power Platform
13 15 (1.49%) Amazon EC2
14 14 (1.39%) AWS Lambda
14 14 (1.39%) Virtual Private Cloud
Communications & Networking
1 245 (24.33%) Firewall
2 91 (9.04%) Intrusion Detection
3 61 (6.06%) Network Security
4 38 (3.77%) TCP/IP
5 34 (3.38%) VPN
6 29 (2.88%) Internet
7 26 (2.58%) LAN
7 26 (2.58%) WAN
8 20 (1.99%) DNS
9 16 (1.59%) Wireshark
10 11 (1.09%) SAN
11 9 (0.89%) SSL
12 8 (0.79%) DHCP
12 8 (0.79%) HTTP
12 8 (0.79%) SMTP
12 8 (0.79%) VoIP
13 5 (0.50%) VLAN
14 4 (0.40%) NetScaler
15 3 (0.30%) tcpdump
15 3 (0.30%) Wireless
Database & Business Intelligence
1 35 (3.48%) SQL Server
2 22 (2.18%) MySQL
3 16 (1.59%) RDBMS
3 16 (1.59%) Relational Database
4 15 (1.49%) Amazon RDS
5 12 (1.19%) BigQuery
5 12 (1.19%) Data Hub
5 12 (1.19%) DB2
5 12 (1.19%) Enterprise Data Warehouse
5 12 (1.19%) MongoDB
6 10 (0.99%) Power BI
7 6 (0.60%) Azure SQL Database
7 6 (0.60%) SQL Server Reporting Services
8 4 (0.40%) PostgreSQL
9 2 (0.20%) Metabase
9 2 (0.20%) Oracle Database
9 2 (0.20%) Redis
10 1 (0.099%) Hadoop
10 1 (0.099%) MariaDB
Development Applications
1 7 (0.70%) Git
2 6 (0.60%) Visual Studio
3 4 (0.40%) Burp Suite
3 4 (0.40%) Metasploit
4 3 (0.30%) Jenkins
4 3 (0.30%) sqlmap
5 2 (0.20%) JIRA
5 2 (0.20%) Snyk
6 1 (0.099%) Bitbucket
6 1 (0.099%) GitLab
General
1 306 (30.39%) Social Skills
2 213 (21.15%) Finance
3 151 (15.00%) Analytical Skills
4 74 (7.35%) Legal
5 68 (6.75%) Law
6 44 (4.37%) Banking
7 43 (4.27%) Manufacturing
7 43 (4.27%) Military
8 37 (3.67%) Public Sector
9 28 (2.78%) Marketing
10 24 (2.38%) Inclusion and Diversity
11 21 (2.09%) Games
12 20 (1.99%) Documentation Skills
13 17 (1.69%) Financial Institution
14 16 (1.59%) Retail
15 15 (1.49%) Presentation Skills
16 14 (1.39%) Influencing Skills
17 13 (1.29%) Spanish Language
18 8 (0.79%) French Language
18 8 (0.79%) Pharmaceutical
Job Titles
1 288 (28.60%) Analyst
2 166 (16.48%) Security Analyst
3 142 (14.10%) Senior
4 112 (11.12%) Lead
5 95 (9.43%) Security Engineer
6 94 (9.33%) Cybersecurity Analyst
7 84 (8.34%) Senior Analyst
8 65 (6.45%) Security Manager
9 56 (5.56%) SOC Analyst
10 53 (5.26%) Consultant
11 51 (5.06%) Senior Security Analyst
12 47 (4.67%) IT Analyst
13 45 (4.47%) Architect
13 45 (4.47%) Security Consultant
14 41 (4.07%) IT Security Analyst
15 38 (3.77%) Security Architect
16 35 (3.48%) Incident Manager
17 33 (3.28%) Cybersecurity Consultant
17 33 (3.28%) Security Specialist
18 32 (3.18%) Service Manager
Libraries, Frameworks & Software Standards
1 15 (1.49%) .NET
2 11 (1.09%) Web Services
3 8 (0.79%) Laravel
3 8 (0.79%) XML
4 6 (0.60%) .NET Framework
4 6 (0.60%) ARM Templates
4 6 (0.60%) YAML
5 5 (0.50%) Node.js
6 4 (0.40%) EDI
6 4 (0.40%) Kafka
7 3 (0.30%) Elastic Stack
7 3 (0.30%) HTML
7 3 (0.30%) Sass
7 3 (0.30%) web3js
8 2 (0.20%) CSS
8 2 (0.20%) D3.js
8 2 (0.20%) React
8 2 (0.20%) Vue
8 2 (0.20%) XSLT
9 1 (0.099%) SOAP
Miscellaneous
1 169 (16.78%) Cyber Threat
2 156 (15.49%) Management Information System
3 100 (9.93%) Cyberattack
4 99 (9.83%) Security Posture
5 93 (9.24%) Security Operations Centre
6 60 (5.96%) Operational Technology
7 50 (4.97%) Cyber Kill Chain
8 33 (3.28%) Industrial Internet of Things
9 32 (3.18%) Cyber Defence
10 27 (2.68%) Public Cloud
11 25 (2.48%) Driving Licence
12 22 (2.18%) Analytical Mindset
13 19 (1.89%) Client/Server
13 19 (1.89%) Data Centre
14 16 (1.59%) SCADA
15 12 (1.19%) Cloud Security Posture
15 12 (1.19%) Data Fabric
15 12 (1.19%) Data Protection Act
16 11 (1.09%) PropTech
17 10 (0.99%) Onboarding
Operating Systems
1 199 (19.76%) Windows
2 123 (12.21%) Linux
3 58 (5.76%) Unix
4 40 (3.97%) Windows Server
5 18 (1.79%) Mac OS X
6 16 (1.59%) zOS
7 9 (0.89%) Kali Linux
8 8 (0.79%) Ubuntu
9 5 (0.50%) Windows 10
10 4 (0.40%) CentOS
10 4 (0.40%) Solaris
10 4 (0.40%) Windows Server 2012
10 4 (0.40%) Windows Server 2016
10 4 (0.40%) Windows XP
11 3 (0.30%) Mac OS
12 2 (0.20%) AIX
12 2 (0.20%) Apple iOS
12 2 (0.20%) Windows 7
13 1 (0.099%) Android
Processes & Methodologies
1 665 (66.04%) Cybersecurity
2 311 (30.88%) Security Operations
3 294 (29.20%) Information Security
4 275 (27.31%) SIEM
5 194 (19.27%) Incident Management
5 194 (19.27%) Problem-Solving
6 175 (17.38%) Threat Intelligence
7 170 (16.88%) Cyber Threat Intelligence
8 166 (16.48%) Risk Management
9 150 (14.90%) Vulnerability Management
10 107 (10.63%) Computer Science
11 104 (10.33%) Penetration Testing
12 98 (9.73%) Disaster Recovery
13 97 (9.63%) Cloud Security
14 88 (8.74%) Change Management
14 88 (8.74%) ITIL
15 84 (8.34%) Security Architecture
16 83 (8.24%) Service Delivery
17 77 (7.65%) Vulnerability Assessment
18 74 (7.35%) Security Management
Programming Languages
1 75 (7.45%) PowerShell
2 69 (6.85%) Python
3 28 (2.78%) SQL
4 23 (2.28%) Bash
5 13 (1.29%) Java
6 10 (0.99%) C#
6 10 (0.99%) PHP
7 9 (0.89%) Kusto Query Language
8 8 (0.79%) JavaScript
8 8 (0.79%) Rust
9 6 (0.60%) Bicep
9 6 (0.60%) T-SQL
10 5 (0.50%) C++
11 3 (0.30%) Go
12 2 (0.20%) Lisp
13 1 (0.099%) Perl
13 1 (0.099%) Ruby
13 1 (0.099%) Shell Script
13 1 (0.099%) TypeScript
Qualifications
1 270 (26.81%) CISSP
2 256 (25.42%) Degree
3 161 (15.99%) CISM
4 105 (10.43%) Security Cleared
5 58 (5.76%) Cisco Certification
6 55 (5.46%) SC Cleared
7 54 (5.36%) Computer Science Degree
8 53 (5.26%) CEH
9 51 (5.06%) CISA
10 47 (4.67%) CompTIA Security+
11 46 (4.57%) GIAC
12 39 (3.87%) (ISC)2 CCSP
13 35 (3.48%) CCSP
14 33 (3.28%) Master's Degree
15 32 (3.18%) AWS Certification
16 26 (2.58%) GCIH
16 26 (2.58%) OSCP
17 25 (2.48%) CREST Certified
18 23 (2.28%) GCIA
19 22 (2.18%) CompTIA CySA+
Quality Assurance & Compliance
1 249 (24.73%) ISO/IEC 27001
2 160 (15.89%) NIST
3 81 (8.04%) Cyber Essentials
4 76 (7.55%) GDPR
5 65 (6.45%) PCI DSS
6 41 (4.07%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 35 (3.48%) NCSC
8 32 (3.18%) GRC
9 27 (2.68%) ISO 9001
10 24 (2.38%) ISO/IEC 17025
11 20 (1.99%) JSP 440
12 19 (1.89%) Cyber Essentials PLUS
13 13 (1.29%) COBIT
14 11 (1.09%) SLA
15 9 (0.89%) NIST 800
16 8 (0.79%) Accessibility
16 8 (0.79%) HIPAA
16 8 (0.79%) Sarbanes-Oxley
16 8 (0.79%) SOC 2
17 7 (0.70%) QA
System Software
1 79 (7.85%) Active Directory
2 28 (2.78%) VMware Infrastructure
3 13 (1.29%) Hyper-V
4 10 (0.99%) Virtual Machines
5 8 (0.79%) Docker
5 8 (0.79%) Virtual Desktop
6 6 (0.60%) Terminal Services
7 5 (0.50%) VMware NSX
8 2 (0.20%) Virtual Servers
8 2 (0.20%) VMware ESXi
9 1 (0.099%) XenApp
Systems Management
1 26 (2.58%) Terraform
2 25 (2.48%) QRadar
3 22 (2.18%) EnCase
4 18 (1.79%) Microsoft Intune
5 16 (1.59%) CSIRT
6 14 (1.39%) Kubernetes
7 9 (0.89%) SCCM
7 9 (0.89%) Single Sign-On
8 7 (0.70%) Ansible
9 5 (0.50%) Suricata
10 4 (0.40%) Cacti
10 4 (0.40%) CASB
10 4 (0.40%) Computer Emergency Response Teams
10 4 (0.40%) Prometheus
11 3 (0.30%) Grafana
11 3 (0.30%) Nessus
11 3 (0.30%) SELinux
12 2 (0.20%) Data Guard
12 2 (0.20%) Host Intrusion Detection System
12 2 (0.20%) Nmap
Vendors
1 295 (29.29%) Microsoft
2 57 (5.66%) VMware
3 39 (3.87%) Splunk
4 37 (3.67%) Dell
5 34 (3.38%) Oracle
6 31 (3.08%) Qualys
7 30 (2.98%) Cisco
8 24 (2.38%) CrowdStrike
9 20 (1.99%) IBM
10 15 (1.49%) Google
11 14 (1.39%) Darktrace
12 13 (1.29%) Citrix
12 13 (1.29%) Databricks
12 13 (1.29%) ServiceNow
13 12 (1.19%) F5
14 10 (0.99%) BT
15 9 (0.89%) CyberArk
15 9 (0.89%) Datto
15 9 (0.89%) Juniper
15 9 (0.89%) Sun
300 Incident Response jobs Nationwide