Period
to 29 July 2021

The following table provides summary statistics for permanent job vacancies advertised in England with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 29 July 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK > England
6 months to
29 Jul 2021
Same period 2020 Same period 2019
Rank 449 342 360
Rank change year-on-year -107 +18 -38
Permanent jobs citing CISM 645 548 1,182
As % of all permanent jobs advertised in England 0.65% 0.86% 0.89%
As % of the Qualifications category 3.10% 3.88% 3.64%
Number of salaries quoted 511 449 936
10th Percentile £42,500 £42,500 £42,500
25th Percentile £53,750 £50,000 £52,500
Median annual salary (50th Percentile) £65,000 £63,500 £65,000
Median % change year-on-year +2.36% -2.31% -
75th Percentile £80,000 £77,500 £84,250
90th Percentile £88,750 £88,750 £96,250
UK median annual salary £65,000 £62,500 £65,000
% change year-on-year +4.00% -3.85% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in England with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
England
Permanent vacancies requiring academic qualifications or professional certifications 20,836 14,116 32,511
As % of all permanent IT jobs advertised in England 20.85% 22.22% 24.43%
Number of salaries quoted 12,556 10,641 24,000
10th Percentile £31,250 £30,000 £26,750
25th Percentile £41,250 £38,750 £35,000
Median annual salary (50th Percentile) £55,000 £52,500 £50,000
Median % change year-on-year +4.76% +5.00% -
75th Percentile £72,500 £70,000 £67,250
90th Percentile £88,750 £85,000 £82,500
UK median annual salary £55,000 £52,500 £50,000
% change year-on-year +4.76% +5.00% -

CISM
Job Vacancy Trend in England

Job postings citing CISM as a proportion of all IT jobs advertised in England.

Job vacancy trend for CISM in England

CISM
Salary Trend in England

3-month moving average salary quoted in jobs citing CISM in England.

Salary trend for CISM in England

CISM
Salary Histogram in England

Salary distribution for jobs citing CISM in England over the 6 months to 29 July 2021.

Salary histogram for CISM in England

CISM
Job Locations in England

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the England region over the 6 months to 29 July 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
London -90 323 £67,500 +3.85% 42
South East -42 139 £56,250 +2.27% 27
Midlands -77 54 £67,500 +28.57% 11
North of England -84 47 £60,000 +4.35% 27
West Midlands -69 40 £67,500 +28.57% 6
South West -78 40 £54,000 -16.92% 8
East of England -24 29 £77,500 +19.23% 7
North West -76 18 £55,000 -4.35% 16
Yorkshire -78 17 £61,250 +6.52% 10
North East - 15 £57,500 - 1
East Midlands -39 13 £67,500 +22.73% 5
CISM
UK

For the 6 months to 29 July 2021, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the England region with a requirement for CISM.

1 612 (94.88%) CISSP
2 424 (65.74%) Information Security
3 363 (56.28%) Cybersecurity
4 279 (43.26%) ISO/IEC 27001
5 239 (37.05%) CISA
6 205 (31.78%) Social Skills
7 179 (27.75%) Risk Management
8 172 (26.67%) NIST
9 159 (24.65%) Azure
10 146 (22.64%) Management Information System
11 145 (22.48%) Finance
12 142 (22.02%) GDPR
13 138 (21.40%) SIEM
14 128 (19.84%) Security Architecture
15 114 (17.67%) Security Operations
16 110 (17.05%) Security Management
17 104 (16.12%) Microsoft
18 103 (15.97%) Degree
19 98 (15.19%) Data Protection
20 95 (14.73%) Vulnerability Management
20 95 (14.73%) Firewall
21 92 (14.26%) Cyber Essentials
22 89 (13.80%) PCI DSS
23 85 (13.18%) AWS
24 83 (12.87%) Cisco Certification
25 81 (12.56%) CEH
26 79 (12.25%) ITIL
27 76 (11.78%) Analytical Skills
28 71 (11.01%) Stakeholder Management
28 71 (11.01%) Agile Software Development

CISM
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 26 (4.03%) IIS
2 10 (1.55%) MTS
3 5 (0.78%) SharePoint
4 2 (0.31%) Confluence
4 2 (0.31%) MS Exchange
Applications
1 16 (2.48%) MS Visio
2 13 (2.02%) Microsoft Office
3 9 (1.40%) Microsoft Excel
3 9 (1.40%) Microsoft PowerPoint
Business Applications
1 9 (1.40%) Sentinel
2 1 (0.16%) Distributed Ledger
2 1 (0.16%) Relativity
Cloud Services
1 159 (24.65%) Azure
2 85 (13.18%) AWS
3 67 (10.39%) Microsoft 365
4 32 (4.96%) Cloud Computing
5 24 (3.72%) SaaS
6 22 (3.41%) Azure Sentinel
7 21 (3.26%) IaaS
7 21 (3.26%) PaaS
8 15 (2.33%) Azure Active Directory
9 13 (2.02%) GCP
10 10 (1.55%) Serverless
11 7 (1.09%) Mimecast
12 6 (0.93%) Azure Service Bus
13 5 (0.78%) Akamai
14 4 (0.62%) BPaaS
14 4 (0.62%) Power Platform
14 4 (0.62%) PowerApps
15 2 (0.31%) Azure Key Vault
15 2 (0.31%) Sumo Logic
16 1 (0.16%) Amazon EC2
Communications & Networking
1 95 (14.73%) Firewall
2 70 (10.85%) Network Security
3 27 (4.19%) Intrusion Detection
4 25 (3.88%) DNS
5 21 (3.26%) TCP/IP
6 20 (3.10%) WAN
7 19 (2.95%) DHCP
7 19 (2.95%) LAN
8 17 (2.64%) VPN
9 16 (2.48%) SAN
10 15 (2.33%) Internet
11 10 (1.55%) SMTP
12 9 (1.40%) DMZ
12 9 (1.40%) Wi-Fi
12 9 (1.40%) Wireless
13 7 (1.09%) SCCP
13 7 (1.09%) Unified Communications
14 6 (0.93%) SD-WAN
14 6 (0.93%) Wireless Security
15 5 (0.78%) BGP
Database & Business Intelligence
1 5 (0.78%) Azure SQL Database
1 5 (0.78%) Data Warehouse
1 5 (0.78%) SQL Server
2 2 (0.31%) Amazon RDS
2 2 (0.31%) Oracle Database
2 2 (0.31%) Oracle Database 11g
3 1 (0.16%) Blockchain
3 1 (0.16%) DB2
3 1 (0.16%) GIS
3 1 (0.16%) SQL Server 2012
3 1 (0.16%) SQL Server 2014
Development Applications
1 2 (0.31%) JIRA
2 1 (0.16%) Burp Suite
2 1 (0.16%) Metasploit
General
1 205 (31.78%) Social Skills
2 145 (22.48%) Finance
3 76 (11.78%) Analytical Skills
4 52 (8.06%) Legal
5 30 (4.65%) Telecoms
6 27 (4.19%) Banking
7 26 (4.03%) Retail
8 24 (3.72%) Law
9 23 (3.57%) Public Sector
10 20 (3.10%) Presentation Skills
11 18 (2.79%) Influencing Skills
12 17 (2.64%) Inclusion and Diversity
13 14 (2.17%) Manufacturing
14 13 (2.02%) Police
15 10 (1.55%) Marketing
16 9 (1.40%) Electronics
17 8 (1.24%) French Language
18 7 (1.09%) Organisational Skills
19 6 (0.93%) Aerospace
20 5 (0.78%) Advertising
Job Titles
1 124 (19.22%) Security Manager
2 90 (13.95%) Consultant
3 85 (13.18%) Analyst
4 84 (13.02%) Architect
5 75 (11.63%) Security Analyst
5 75 (11.63%) Security Architect
6 71 (11.01%) Information Manager
7 69 (10.70%) Security Consultant
8 68 (10.54%) Information Security Manager
9 64 (9.92%) Security Engineer
10 44 (6.82%) Head of Security
11 38 (5.89%) Security Specialist
12 32 (4.96%) Security Officer
13 31 (4.81%) IT Manager
14 30 (4.65%) IT Analyst
14 30 (4.65%) IT Security Analyst
15 29 (4.50%) Head of Information Security
16 28 (4.34%) Information Analyst
16 28 (4.34%) Information Security Analyst
17 26 (4.03%) Information Security Consultant
Libraries, Frameworks & Software Standards
1 11 (1.71%) Web Services
2 10 (1.55%) .NET
3 6 (0.93%) .NET Framework
3 6 (0.93%) SAML
4 5 (0.78%) ISPF
4 5 (0.78%) Middleware
4 5 (0.78%) OAuth
5 4 (0.62%) .NET Core
5 4 (0.62%) ASP.NET
5 4 (0.62%) J2EE
5 4 (0.62%) Regular Expression
5 4 (0.62%) RESTful
5 4 (0.62%) SOAP
5 4 (0.62%) XML
Miscellaneous
1 146 (22.64%) Management Information System
2 32 (4.96%) Cyberthreat
3 21 (3.26%) Data Centre
4 19 (2.95%) Cyberattack
5 18 (2.79%) Cyber Kill Chain
5 18 (2.79%) Data Protection Act
6 17 (2.64%) Public Cloud
7 14 (2.17%) Self-Motivation
8 13 (2.02%) Security Operations Centre
9 12 (1.86%) Smart Meter
9 12 (1.86%) Virtual Team
10 11 (1.71%) Private Cloud
10 11 (1.71%) SCADA
11 10 (1.55%) Greenfield Project
11 10 (1.55%) Hybrid Cloud
12 9 (1.40%) Cybercrime
12 9 (1.40%) Life Science
13 8 (1.24%) Cloud Native
14 7 (1.09%) Distributed Denial-of-Service
15 6 (0.93%) PKI
Operating Systems
1 35 (5.43%) Windows
2 31 (4.81%) Linux
3 15 (2.33%) Windows Server
4 10 (1.55%) Unix
5 8 (1.24%) Mac OS
6 6 (0.93%) Windows 10
7 4 (0.62%) Red Hat Enterprise Linux
7 4 (0.62%) SUSE
8 1 (0.16%) AIX
8 1 (0.16%) Kali Linux
8 1 (0.16%) Windows 7
8 1 (0.16%) Windows Server 2008
8 1 (0.16%) Windows Server 2012
Processes & Methodologies
1 424 (65.74%) Information Security
2 363 (56.28%) Cybersecurity
3 179 (27.75%) Risk Management
4 138 (21.40%) SIEM
5 128 (19.84%) Security Architecture
6 114 (17.67%) Security Operations
7 110 (17.05%) Security Management
8 98 (15.19%) Data Protection
9 95 (14.73%) Vulnerability Management
10 79 (12.25%) ITIL
11 71 (11.01%) Agile Software Development
11 71 (11.01%) Stakeholder Management
12 70 (10.85%) Incident Management
13 68 (10.54%) ISMS
14 65 (10.08%) Information Security Management
15 64 (9.92%) Penetration Testing
16 62 (9.61%) Continuous Improvement
16 62 (9.61%) Identity Access Management
17 57 (8.84%) Project Management
17 57 (8.84%) Risk Assessment
Programming Languages
1 19 (2.95%) C
2 16 (2.48%) PowerShell
3 13 (2.02%) Python
4 10 (1.55%) SQL
5 8 (1.24%) Go
6 6 (0.93%) Java
7 3 (0.47%) VBA
Qualifications
1 612 (94.88%) CISSP
2 239 (37.05%) CISA
3 103 (15.97%) Degree
4 83 (12.87%) Cisco Certification
5 81 (12.56%) CEH
6 67 (10.39%) CRISC
7 59 (9.15%) Security Cleared
8 58 (8.99%) (ISC)2 CCSP
9 45 (6.98%) SSCP
10 43 (6.67%) SANS
11 38 (5.89%) CESG Certified Professional
12 36 (5.58%) GIAC
13 35 (5.43%) CompTIA Security+
14 32 (4.96%) CSSLP
15 26 (4.03%) SC Cleared
16 24 (3.72%) OSCP
17 22 (3.41%) IISP
18 19 (2.95%) ISO 27001 Lead Auditor
19 18 (2.79%) CCSP
20 17 (2.64%) CCNP
Quality Assurance & Compliance
1 279 (43.26%) ISO/IEC 27001
2 172 (26.67%) NIST
3 142 (22.02%) GDPR
4 92 (14.26%) Cyber Essentials
5 89 (13.80%) PCI DSS
6 60 (9.30%) GRC
7 49 (7.60%) COBIT
8 43 (6.67%) NCSC
9 21 (3.26%) Cyber Essentials PLUS
10 18 (2.79%) NIST 800
10 18 (2.79%) RMADS
11 14 (2.17%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
12 12 (1.86%) JSP 440
13 7 (1.09%) ISO/IEC 27005
14 6 (0.93%) HMG Security Policy Framework
14 6 (0.93%) ITGC
14 6 (0.93%) Sarbanes-Oxley
15 5 (0.78%) Government Security Classifications
15 5 (0.78%) IASME
15 5 (0.78%) SLA
System Software
1 37 (5.74%) Active Directory
2 6 (0.93%) VMware Infrastructure
3 4 (0.62%) Virtual Desktop
3 4 (0.62%) Virtual Machines
4 3 (0.47%) Firmware
4 3 (0.47%) Hyper-V
5 2 (0.31%) pfSense
5 2 (0.31%) Terminal Server
6 1 (0.16%) BitLocker
6 1 (0.16%) Forefront TMG
Systems Management
1 29 (4.50%) QRadar
2 11 (1.71%) Kubernetes
3 8 (1.24%) Kibana
3 8 (1.24%) Single Sign-On
4 6 (0.93%) Active Directory Federation Services
4 6 (0.93%) Puppet
4 6 (0.93%) RSA Archer
5 4 (0.62%) CASB
5 4 (0.62%) CSIRT
5 4 (0.62%) EMC NetWorker
5 4 (0.62%) Nessus
6 3 (0.47%) SCCM
7 2 (0.31%) Data Guard
7 2 (0.31%) Failover Clustering
7 2 (0.31%) Microsoft Intune
7 2 (0.31%) SCOM
7 2 (0.31%) Terraform
8 1 (0.16%) AirWatch
8 1 (0.16%) Forefront Identity Manager
8 1 (0.16%) Nexpose
Vendors
1 104 (16.12%) Microsoft
2 29 (4.50%) Cisco
3 25 (3.88%) Google
4 24 (3.72%) Palo Alto
5 23 (3.57%) Splunk
6 18 (2.79%) AlienVault
7 14 (2.17%) CheckPoint
8 10 (1.55%) Apple
8 10 (1.55%) Symantec
9 9 (1.40%) Qualys
9 9 (1.40%) SAP
9 9 (1.40%) VMware
10 8 (1.24%) Adobe
11 7 (1.09%) ArcSight
11 7 (1.09%) Juniper
11 7 (1.09%) McAfee
12 5 (0.78%) LogRhythm
12 5 (0.78%) Meraki
12 5 (0.78%) Rapid7
12 5 (0.78%) Varonis