Home
Jobs
Upload CV
Find Talent
Careers
The 2025 Barclay Simpson Salary Survey & Recruitment Trends Guide: Cyber Security & Data Privacy
Content overview
Cyber security permanent jobs market
Data privacy permanent jobs market
Contract recruitment in cyber security and data privacy
Key trends in cyber security and data privacy recruitment
Diversity in cyber security and data privacy
Salary and bonus trends
Cyber security and data privacy salaries
Cyber security permanent jobs market
The cyber security recruitment market struggled to find its footing in 2024. It was a year shaped by political and economic uncertainty, both in the UK and abroad, leaving many employers increasingly cost-conscious and reluctant to invest in growth plans. As a result, hiring for cyber security jobs remained underwhelming for large parts of the year and has yet to rebound significantly in early 2025.
“There are still some attractive roles coming onto the market, but there are also a lot of candidates looking for new opportunities,” says Sophie Spencer, Head of Cyber Security and Technology Recruitment at Barclay Simpson.
“At the moment, the supply of available candidates is far outweighing employer demand. This is particularly noticeable at the senior end of the market, where a growing number of professionals are expressing a keen interest in changing roles.”
The business continuity and operational resilience space has bucked these broader trends and remains reasonably buoyant, largely due to recent regulatory pressures. Financial services firms must comply with the UK Operational Resilience Policy (PS21/3) by 31 March 2025, while the Digital Operational Resilience Act (DORA) has been fully in effect since 17 January. This has resulted in steady and ongoing requirements for both permanent staff and interim workers who can support organisations as they work towards compliance.
The market has been quieter across cyber security architecture jobs and cyber security engineering jobs, however, as transformation projects were increasingly put on hold in 2024. Consequently, the demand for these skillsets subsided over the last 12 months and remains relatively subdued so far in 2025. Last year was also slow for the GRC security and tech risk market, with very few organisations hiring within the space. More positively, we have seen a large uptick in GRC and tech risk jobs being advertised in the first quarter of 2025, which brings hope that the market has turned a corner.
Looking ahead to the remainder of this year, the cyber security and data privacy recruitment markets are likely to perform in lockstep with the broader economic and business environment. Inflation and interest rates dropped consistently over the last 18 months, although last year’s change in government has thus far failed to inspire greater confidence among businesses.
Nevertheless, there are a number of reasons to be optimistic. Firstly, cyber security budgets at UK organisations are expected to grow 31% on average in 2025, according to a new Infosecurity Europe report. This is more than double the 15% global average that Gartner has predicted, and a fifth of employers expect to increase their budgets by at least 50%.
If these forecasts are true, there is currently an abundance of skilled talent in the market eager to make a change, and many employers are ready and waiting to fill much-needed skills gaps in their teams once budgetary restraints are loosened.
57% of cyber security employers intend to hire additional staff in 2025
Barriers to hiring
Despite widespread candidate availability, employers tell us they are still struggling to find the right people. According to Barclay Simpson’s annual salary survey, 94% of organisations have found attracting skilled talent in the current job market challenging, with 40% describing it as ‘very challenging.’
Compensation challenges are the most frequently cited factor among employers for why it’s difficult to hire into cyber security teams. Nearly two-thirds (65%) of organisations mentioned pay demands, while a similar amount (63%) say candidates lack the necessary technical and regulatory skills. Companies’ remote working policies come a distant third on 34%.
Interestingly, however, when our survey data is filtered for first-choice responses only, the number of organisations that selected remote working issues as their primary recruitment hurdle matched those who chose insufficient technical and regulatory skills (21% for both). This indicates that while a lack of technical skills is a more common problem across the board, poor remote working policies are an extremely pressing issue for the organisations that have them.
Top four factors preventing hiring
Compensation challenges
Insufficient technical / regulatory knowledge
Remote working policies
Poor cultural fit
Given the current market conditions, it is perhaps unsurprising that candidate confidence has dipped slightly. In last year’s Cyber Security and Data Privacy Salary Survey, 90% of professionals said they were confident in their job prospects. Today, the figure stands at 82%, having dropped steadily year on year since a record high of 97% in our 2022 Market Report.
Data privacy permanent jobs market
The data privacy recruitment market faced many of the same pressures that stifled cyber security hiring in 2024. Namely, a combination of widespread candidate availability, fewer data privacy jobs and a lack of investment in growth created an environment where most employers remained in ‘wait and see’ mode for large portions of the year.
Q1 2024 was an exception to this trend, with recruitment activity enjoying a brief rally after ending the previous year on a flat note. Unfortunately, the market struggled thereafter and the remainder of the year was significantly slower.
“Last year was a quiet one for data privacy recruitment, despite the year starting out on a positive footing,” says Matt Smyth, Principal Consultant at Barclay Simpson.
“Q1 in 2025 is also showing some signs of recovery, so we’re hoping lightning doesn’t strike twice and the market maintains this early momentum throughout the year.”
Employers are still showing some caution in 2025, however. Nearly half (45%) say they are unlikely to hire additional permanent staff this year. This does not appear to be affecting optimism among candidates yet, with 88% of data privacy professionals claiming they are confident about their current job prospects.
What is the main factor preventing you from hiring skilled talent?
When seeking a new role, remuneration is the priority for 49% of candidates, whereas career development and remote working are more important for 18% and 16% of professionals, respectively. Despite the broader focus on pay, more people chose remote working (41%) than an annual bonus (29%) as their most sought-after job benefit.
In terms of skillsets, we are seeing demand rise for people who have experience with AI governance. The growing adoption of AI creates a number of data privacy opportunities and challenges for organisations, as outlined in the ‘Key Trends‘ section of this report.
At the moment, data privacy professionals are expected to incorporate AI into their general remit, but standalone AI governance roles are becoming increasingly common. We predict the recent introduction of the EU AI Act, which came into force in August 2024, and other similar legislative changes will accelerate this trend.
Elsewhere, demand for data privacy compliance and data privacy legal candidates has also picked up in early 2025, although it remains quiet by historic standards.
Contract recruitment trends in Cyber Security & Data Privacy
Persistent headwinds led to another slow year for cyber security and data privacy contract recruitment in 2024. Constrained budgets and an uncertain business environment further curtailed transformation projects, which are traditionally a key driver for contract and temporary jobs.
Indeed, our data reveals a decline in the number of employers primarily hiring contractors and other interim staff for project work, dropping from 54% in last year’s salary survey to 46% this year. There was also a corresponding rise in employers needing ‘support for business-as-usual workloads’ (18% versus 8% in 2023), emphasising a shift away from growth-oriented activities to maintaining operational stability and addressing day-to-day demands.
Despite this, ‘specific projects’ remain the leading reason organisations engage interim staff. It is also worth highlighting that contractors, temporary workers and co-source support remain a much-valued part of many cyber security and data privacy teams. Four-fifths of employers (80%) say they utilised contractors in 2024, which is almost unchanged from the previous year (81%).
Primary reasons for using interim, contract and
co-source staff
2024
2023
“Contractors with broad technical expertise are always in high demand, and this continues to be the case, even when it’s a difficult market overall,” says Jeff Mayger, Principal Consultant at Barclay Simpson.
“The operational resilience space is particularly active and has been for some time due to the various regulatory changes that are occurring. And while the rest of the market has been quiet overall, we saw some green shoots of recovery over the last six months.”
The most commonly reported day rate for cyber security and data privacy professionals is between £600 and £699.
(This is unchanged from our 2024 Cyber Security and Data Privacy Salary Survey)
How have IR35 reforms affected you over the last year?
Unfortunately, IR35 reforms are a consistent hurdle for many employers and candidates. More than half (56%) of organisations say the changes are still affecting their ability to hire preferred contractors, with 16% claiming the impact has been ‘significant’.
Meanwhile, candidates tell us the reforms have fundamentally altered how they approach contracting jobs. The most common response among contractors has been to increase day rates for ‘inside IR35’ roles (30%), while others will now only consider ‘outside IR35’ roles (24%). Nearly a fifth (19%) of candidates say the new IR35 rules have led them to seek or accept permanent jobs, which could have long-term ramifications for the supply of skilled professionals in the contracting market.
Key trends in cyber security and data privacy recruitment
Various political, economic and social forces are shaping the cyber security and data privacy markets, creating both challenges and opportunities in recruitment. Here, we take a closer look at the trends driving demand today and the factors that could influence hiring in the future.
Rising demand for AI skills
Earlier this year, the UK government announced it will “turbocharge AI” as part of plans to boost productivity, attract foreign investment and create new jobs. Research shows AI adoption could unleash £40 billion a year of productivity gains in the public sector alone.
From a cyber security and data privacy perspective, firms must navigate a range of benefits and risks when implementing AI. For example, machine learning and other AI technologies are commonly used to automate and improve cyber security processes, helping organisations to streamline their operations. However, employers are increasingly concerned about data privacy and intellectual property issues, as well as the challenges of securing AI systems across various platforms. Organisations must also address how threat actors can utilise AI for deepfakes and other malicious activity.
Benefits and risks of AI for FS firms
Top benefits
-
Data and analytical insights
-
AML and fraud combatting
-
Cyber security
-
Productivity
-
Customer engagement and services
Top risks
-
Data privacy and protection
-
Data quality
-
Data security
-
Cyber security
-
Data bias and representativeness
Source: Bank of England
These trends are already driving demand for relevant skillsets. Our consultants have experienced an increase in AI-focused roles across some areas of cyber security and data privacy. We expect this momentum to continue, given that AI job postings are growing 3.6 times faster than any other in the UK, according to PwC.
CISO burnout continues
Our 2024 Recruitment Market Update for cyber security and data privacy highlighted the issue of burnout among senior cyber professionals, and sadly this continues to be a problem. A combination of under-resourced teams, elevated expectations and an increasingly complex threat landscape has seen mental health hit an all-time low among CISOs.
Surveys show that 80% of CISOs say they are ‘highly stressed’, with nearly a third worryingly claiming this is compromising their ability to do their job. Approximately a quarter of professionals are considering leaving their current role in the next six months, and a whopping 93% report that stress and unrealistic demands are the main reason they want to quit.
On a positive note, employers appear to be aware of the problem. Mental health is being discussed more at cyber security conferences and briefings, with some businesses introducing measures to combat burnout, such as outsourcing their SOC activities at the weekend to relieve stress on their in-house teams. However, many CISOs say they still aren’t getting the support they need, with 98% working 9 hours a week on average beyond their contractual obligations, according to BlackFog data.
Third-party risk leads to insourcing
Cyber security often goes through regular insourcing and outsourcing cycles. Outsourcing to low-cost centres is popular when budgets are tight and savings are a priority. However, significant breaches or oversight problems often encourage organisations to bring their operations in-house again. This toing and froing is normal, but rising concerns about risks to third parties and supply chains have led to a growing number of businesses erring on the side of insourcing.
Regulatory pressures around operational resilience – both in the UK and Europe – are undoubtedly a key driver of this behaviour. More companies are also exploring automation options within the SOC that allow them to bring outsourced processes in-house. As a result, they can reduce third-party risk while simultaneously saving on costs. It is perhaps too early to tell if this is simply another wave in the typical outsourcing/insourcing cycle, or whether it represents a long-term evolution of the SOC.
The impact on cyber security jobs is also difficult to predict. Job losses are always a concern, but conventional wisdom suggests that the introduction of AI will augment rather than replace employees. AI can automate threat detection, investigation and incident response processes, providing cyber security staff the opportunity to focus more on strategy and growth.
Tech skills highly desirable for GRC roles
With each passing year, the assessments that GRC professionals are expected to perform must cover an ever-expanding range of technology-based risks. As such, firms are expressing more interest in hiring technologists for roles that have traditionally been considered the domain of pure compliance specialists.
This trend is sweeping across jobs in first-line risk, second-line IT risk, and GRC security. For example, technology risk roles are commonly filled by professionals whose backgrounds are in data architecture and engineering. Meanwhile, IT risk is drawing talent from IT operations, and security GRC positions are regularly offered to former network security experts. Ultimately, modern GRC professionals are increasingly expected to be as fluent in technology as they are in governance.
Regulatory changes drive hiring in Germany
Barclay Simpson has a dedicated division that covers all our specialist areas of recruitment in Europe, and our consultants are reporting a rise in hiring activity across Germany in response to various new and upcoming regulations.
The country’s Federal Office for Information Security (BSI) recently stressed the importance of incorporating the NIS-2 Directive into national law as quickly as possible. At the time of writing, the framework – which seeks to strengthen cyber security in key sectors across the EU – is scheduled to enter into force in Germany by March 2025. Other regulatory drivers include the EU AI Act and the EU Cyber Resilience Act (CRA), which are creating opportunities for AI governance professionals and candidates with IOT/OT Security knowledge, respectively.
Frameworks are becoming increasingly important across Germany to enhance their cyber security maturity, and the BSI continues to publish regular guidance advising organisations on how to properly comply with their new obligations. Indeed, a recent PwC study found that 89% of German companies believe recent regulations will have a moderate to significant impact on their cyber security expenditure over the coming year.
“There is a lot of regulatory change occurring across the EU, and the BSI is working hard to safeguard the country’s critical infrastructure and systems from a technical standpoint, while also creating robust policies and guidance more generally,” says Kieran Green, Principal Consultant at Barclay Simpson.
“In terms of hiring, the EU CRA has already led to increased demand across the production and manufacturing industries, while DORA is driving recruitment in financial services firms.”
Diversity in cyber security and data privacy
At Barclay Simpson, we are committed to building diverse and inclusive workplaces where everyone’s contributions are respected and valued. Recruiters are in a unique position to promote the benefits of equality, diversity and inclusion (EDI) within the world of employment, and we believe agencies should not only embrace these values internally, but also promote and support them across their wider communities.
In our 2025 Cyber Security and Data Privacy guide, we will for the first time be publishing additional diversity-focused data gained from our annual salary surveys in order to provide greater insight into employers’ and candidates’ perspectives on EDI. We intend to follow these trends year on year to track the progress and evolution of EDI policies and attitudes in the workplace.
Gender gap gradually closing
Cyber security continues to be a male-dominated profession, with our data showing only 18% of candidates within the industry identify as female. These figures align closely with recent research from LinkedIn, which found an 82% male to 18% female split in cyber security jobs. While the gender gap remains wide, we are nonetheless encouraged to see that the proportion of women in security roles has doubled from just 9% in our 2021 data. Meanwhile, the gender divide across data privacy roles is less stark – although still some way from parity – with a male-to-female split of 57% to 37%.
To which gender do you most identify?
Cyber security professionals
2024
2021
Despite some improvement overall, it is clear more work is needed to ensure greater representation for women across both cyber security and data privacy teams, especially in senior-level positions. In fact, 29% of candidates say that improving representation at the leadership and board levels is the biggest challenge for creating a diverse and inclusive workplace. This was the top response, garnering nearly twice as many mentions as ‘motivating stakeholders’, which was the second most common answer.
Firms focusing less on EDI
EDI efforts are often at risk of being scaled back during a challenging economic environment, and our consultants are seeing some evidence of this in the current market. It is particularly noticeable in highly technical fields, where a shortage of skilled candidates requires employers to prioritise finding people with very specialised skillsets.
Some organisations may also feel they have achieved many of their EDI goals. Seven out of 10 cyber security and data privacy employers agree their company has already established an effective culture of equality, diversity and inclusion, with 31% strongly agreeing. Encouragingly, employees seem to corroborate this, with 70% saying their employer displays a dedicated commitment to EDI.
These results are promising, but there is a danger of organisations taking their foot off the pedal. UK Government research reveals that progress in key areas of diversity within cyber security – including gender, ethnicity and disability – has stalled or even reversed in recent years. Nevertheless, diversity is still important to many of the organisations we speak to. Within financial services, for example, EDI has received a big push in the UK after the PRA and FCA published new proposals in 2023 to improve diversity and inclusion within the sector.
“Employers regularly ask for more diverse shortlists when hiring for cyber security roles in financial services. Some larger organisations are also really proactive in developing initiatives to encourage more women into the tech industry,” says Parveen Gill, Associate Consultant at Barclay Simpson.
“This is always great to see, and we hope more firms follow in their footsteps.”
Clear support for EDI among employees
Most candidates we spoke to agree that EDI is personally important to them. However, men and women show notable differences in how much they value EDI and what they consider its biggest challenges.
How important is EDI to you personally?
For example, only 3% of women in cyber security and data privacy roles say EDI is ‘not at all’ important to them, but this figure rises significantly to 22% of men. However, men are more than twice as likely as women to strongly agree that their organisation’s commitment to diversity is making a real difference (18% compared to 7%).
When it comes to the thorniest challenges facing EDI, both genders point to increasing representation within senior roles as the top concern. From there, employees’ opinions begin to diverge, particularly on issues of pay equity and building fairer recruitment processes. Men see the latter as a more significant problem (12% vs 5%), while women prioritise the former (19% to 10%).
What is the biggest challenge your company faces in creating a diverse and inclusive culture?
Achieving pay equality
Building a fair hiring process
Fear of getting things wrong
Increasing representation among leadership/Board roles
Lack of access to EDI skilled HR resource
Motivating stakeholders
Setting and tracking key performance indicators
For companies serious about EDI, understanding these nuanced perspectives is crucial. By really listening to employees about what matters to them, and using that to shape meaningful policies around diversity and inclusion, organisations have a better chance of creating a sense of belonging and making a positive difference in the workplace.
If you would like to know more about any of the diversity-related findings in this report or the EDI advice and support we can provide, please contact us today.
Salary and bonus trends
Cyber security and data privacy salaries experienced unprecedented growth in 2021 and 2022, before levelling off throughout 2023. With the recruitment market becoming more subdued over the last year, salaries have continued to be largely flat and it is not uncommon for candidates to accept lower pay if they are keen to secure a new role. Senior professionals and contractors who are switching to permanent jobs for greater security are especially likely to take a hit on their income.
“Senior professionals are struggling to secure higher-paying roles because there are currently too many experienced candidates in the market competing for a limited number of positions,” says James Lawrence, Principal Consultant at Barclay Simpson.
“As a result, more people are expressing interest in opportunities abroad, with Asia and the Middle East becoming increasingly attractive destinations for skilled cyber security and data privacy professionals.”
Overall, however, the impact of current market conditions on earnings has been relatively muted, with most employees receiving inflation-linked pay rises. The one exception to these broader trends is business continuity and operational resilience, where we saw a slight uplift in salaries in 2024 due to generally elevated levels of demand within the space.
Salary growth in 2025 is also expected to remain fairly low, with 77% of employers intending to increase base salaries for existing employees by between 1% and 4% over the next 12 months. Similarly, just 13% of organisations plan to pay higher bonuses than last year.
How much will you increase base salaries for existing employees in the next 12 months?
Candidates’ expectations evolving
Remuneration continues to be the main motivation for candidates seeking a new role, with 37% of professionals claiming it is their primary incentive. However, this has dropped from 45% in 2023, indicating people’s priorities may be shifting. There were small, but proportionally significant, increases in candidates citing remote working, job security and better benefits as their reasons for considering new job opportunities.
Remuneration
2024: 37%
2023: 45%
Career development
2024: 18%
2023: 18%
Work/life balance
2024: 18%
2023: 19%
Remote working
2024: 15%
2023: 12%
Job security
2024: 7%
2023: 5%
Better benefits
2024: 5%
2023: <1%
Notably, when asked to choose which employment benefits they value the most, a higher proportion of candidates chose remote working (40%) than an annual bonus (33%). Nearly three-quarters (74%) of professionals also state they would consider changing jobs if they weren’t permitted to have the remote or flexible working arrangements they prefer.
In keeping with this, a sizeable minority of employers admit their hybrid and remote working policies are causing recruitment and retention problems. Approximately a third (32%) say they are experiencing some issues, while a further 12% told us their current approach is a significant impediment to hiring.
An employer-led market gives organisations the upper hand at the moment, but the cyclical nature of recruitment means the tide is bound to turn, with the power likely shifting back towards candidates before too long. When talent is in high demand and short supply, companies unwilling to compromise on remote and flexible working benefits may find themselves struggling to attract the best people in a more competitive landscape.
Cyber security and data privacy salaries
Leadership Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| CISO (Global / EMEA) | £180k + | £180k + | £180k + | £1,000 – £1,500+ |
| Head of Cyber Defence | £130k – £200k | £130k – £200k | £130k – £200k | £900 – £1,000+ |
| Head of IT Risk | £130k – £200k | £130k – £200k | £130k – £200k | £800 – £900 |
| Head of GRC (Cyber Risk) | £120k – £150k | £120k – £150k | £120k – £150k | £750 – £850 |
| Head of Information Security (dept above 10+) | £150k+ | £150k+ | £150k+ | £800 – £900 |
| Head of Information Security (dept under 10+) | £100k – £160k | £100k – £160k | £100k – £160k | £700 – £800 |
| Head of Security Architecture | £130k – £200k | £110k – £160k | £120k – £160k | £900+ |
| Head of Security Operations | £90k – £130k – | £85k – £125k | £80k – £120k | £900+ |
| Head of Incident Response | £110k – £150k | £100k – £140k | £90k – £130k | £900+ |
Governance, Risk & Compliance Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| Business Information Security Officer | £90k – £130k | £90k – £130k | £90k – £130k | £600 – £800 |
| Information Security Manager (team above 5+) | £95k – £120k | £95k – £120k | £95k – £120k | £650 – £800 |
| Information Security Manager (team under 5+) | £80k – £95k | £80k – £95k | £80k – £95k | £600 – £800 |
| Information Security Officer | £80k – £120k | £80k – £120k | £80k – £120k | £600 – £800 |
| IT Risk Manager | £85k – £120k | £85k – £120k | £85k – £120k | £600 – £800 |
| Third Party Risk Lead | £75k – £100k | £75k – £100k | £75k – £100k | £550 – £750 |
| Information Security Analyst, GRC | £60k – £75k | £60k – £75k | £60k – £75k | £500 – £600 |
| Information Security Analyst, GRC (exp below 4+ years) | £50k – £60k | £50k – £60k | £50k – £60k | £400 – £550 |
Security Architecture & Engineering Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| Application Security Architect | £100k – £130k | £90k – £115k | £100k – £130k | £700 – £900 |
| Application Security Engineer | £90 – £110k | £80k – £100k | £85k – £100k | £600 – £750 |
| DevSecOps Engineer | £90k – £110k | £80k – £100k | £85k – £100k | £600 – £850 |
| Information Security Engineer | £75k – £90k | £70k – £85k | £70k – £90k | £550 – £800 |
| Cloud Security Architect | £100k – £130k | £90k – £115k | £100k – £130k | £650 – £850 |
| Cloud Security Engineer | £90k – £110k | £80k – £100k | £80k – £110k | £700 – £850 |
| Enterprise Security Architect | £100k – £140k | £100k – £120k | £100k – £140k | £700 – £900 |
| Security Solutions Architect | £90k – £110k | £80k – £100k | £80k – £110k | £700 – £900 |
Cyber Defence Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| Security Operations Analyst | £45k – £60k | £40k – £55k | £35k – £45k | £500 – £600 |
| Security Operations Manager | £60k – £80k | £60k – £70k | £50k – £65k | £600 – £750 |
| Head of Security Operations | £80k – £110k | £75k – £105k | £50k – £85k | £700 – £900 |
| Cyber Threat Intelligence Analyst | £60k – £80k | £55k – £75k | £60k – £80k | £500 – £600 |
| Head of Cyber Threat Intelligence | £100k – £120k | £95k – £110k | £80k – £110k | £600 – £700 |
| Incident Response Analyst | £60k – £75k | £55k – £70k | £45k – £60k | £500 – £600 |
| Incident Response Lead | £80k – £95k | £75k – £90k | £60k – £85k | £600 – £700 |
| Head of Incident Response | £95k – £120k | £90k – £115k | £80k – £110k | £600 – £700 |
| Head of Cyber Defence | £130k – £160k | £125k – £145k | £120k – £135k | £900 – £1,000+ |
| SOC Engineer | £55k – £70k | £50k – £65k | £45k – £60k | £500 – £650 |
Business Continuity Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| Business Continuity Analyst | £35k – £60k | £30k – £55k | £35k – £60k | £450 – £550 |
| Business Continuity Specialist | £70k – £90k | £70k – £90k | £70k – £90k | £500 – £600 |
| Business Continuity Manager | £60k – £85k | £60k – £75k | £60k – £85k | £550 – £650 |
| Business Continuity Lead | £80k – £100k | £75k – £100k | £75k – £100k | £600 – £700 |
| Head of Business Continuity | £100k – £135k | £100k – £130k | £100k – £130k | £700 – £850 |
Operational Resilience Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| Operational Resilience Analyst | £50k – £60k | £50k – £60k | £50k – £60k | £450 – £550 |
| Operational Resilience Specialist | £70k – £90k | £70k – £90k | £70k – £90k | £550 – £650 |
| Operational Resilience Manager | £70k – £95k | £65k – £80k | £70k – £95k | £750 – £850 |
| Operational Resilience Lead | £80k – £100k | £75k – £100k | £75k – £100k | £600 – £750 |
| Head of Operational Resilience | £100k – £150k | £100k – £130k | £100k – £150k | £750 – £900 |
Identity & Access Management Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| Head of IAM | £120k – £140k+ | £120k – £140k+ | £120k – £140k+ | £750 – £850 |
| IAM Manager | £90k – £120k | £90k – £120k | £90k – £120k | £600 – £700 |
| CIAM/PAM Lead | £95k – £120k | £95k – £120k | £95k – £120k | £500 – £600 |
| IAM Product Owner | £95k – £120k | £95k – £120k | £95k – £120k | £500 – £600 |
| IAM Architect | £90k – £120k+ | £90k – £120k+ | £90k – £120k+ | £600 – £750 |
| IAM Engineer | £75k – £95k | £75k – £95k | £75k – £95k | £500 – £600 |
| IAM Analyst | £60k – £85k | £60k – £85k | £60k – £85k | £400 – £500 |
Data Protection and Privacy Salaries
| Area | Central London | UK-Wide | Fully Remote | Contract Day Rate |
|---|---|---|---|---|
| Analyst | £50k – £65k | £45k – £60k | £50k – £65k | £450 – £500 |
| Senior Analyst | £60k – £75k | £55k – £65k | £60k – £75k | £400 – £500 |
| Manager | £65k – £95k | £60k – £75k | £65k – £95k | £400 – £550 |
| Lead | £90k – £120k | £75k – £100k | £90k – £120k | £500 – £650 |
| Privacy Council (Lawyer) | £90k – £140k | £75k – £120k | £90k – £140k | £500 – £700 |
| Data Protection Officer | £100k – £150k | £90k – £140k | £100k – £150k | £700 – £800 |
| Global Privacy Officer / Director | £140k – £200k | £120k – £160k | £140k – £200k | £700 – £1,000 |
Attract and retain the cyber security and data privacy professionals you need with Barclay Simpson
Barclay Simpson has specialised in the recruitment of cyber security and data privacy professionals since 2001. Our practice covers information security, cyber security, data protection and privacy. Our long-established team has extensive experience of recruiting on a permanent and contract basis for in-house positions in commerce and FS groups, as well as consultancy and systems integration businesses, and security vendors. We can help you create a talent attraction strategy with competitive salary offerings and support you as you build a cyber security or data privacy team that’s future proof. Or we can help you find a role that aligns with your long-term career goals. Arrange a consultation today.
If you are interested in a new cyber security or data privacy position or recruitment services, get in touch today.
