Period
to 23 January 2018

The following table provides summary statistics for permanent job vacancies advertised in the UK excluding London with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 23 January 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK > UK excluding London
6 months to
23 Jan 2018
Same period 2017 Same period 2016
Rank 374 362 403
Rank change year-on-year -12 +41 +147
Permanent jobs citing CISM 747 779 800
As % of all permanent IT jobs advertised in the UK excluding London 0.75% 0.76% 0.68%
As % of the Qualifications category 3.06% 2.84% 2.35%
Number of salaries quoted 519 573 616
UK excluding London median annual salary £57,500 £60,000 £55,000
Median salary % change year-on-year -4.17% +9.09% -
10th Percentile £40,000 £37,500 £41,250
90th Percentile £80,000 £80,000 £73,750
UK median annual salary £65,000 £65,000 £60,000
% change year-on-year - +8.33% +9.09%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the UK excluding London with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK excluding London
Permanent vacancies requiring academic qualifications or professional certifications 24,447 27,475 33,976
As % of all permanent IT jobs advertised in the UK excluding London 24.44% 26.92% 28.71%
Number of salaries quoted 19,094 21,492 26,882
UK excluding London median annual salary £42,500 £42,500 £42,000
Median salary % change year-on-year - +1.19% +5.00%
10th Percentile £24,250 £24,750 £24,000
90th Percentile £65,000 £65,000 £65,000
UK median annual salary £47,500 £45,000 £45,000
% change year-on-year +5.56% - -

CISM
Job Vacancy Trend in the UK excluding London

Job postings citing CISM as a percentage of all IT jobs advertised in the UK excluding London.

Job vacancy trend for CISM in the UK excluding London

CISM
Salary Trend in the UK excluding London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM in the UK excluding London.

Salary trend for CISM in the UK excluding London

CISM
Salary Histogram in the UK excluding London

The salary distribution of IT jobs citing CISM in the UK excluding London over the 6 months to 23 January 2018.

Salary histogram for CISM in the UK excluding London

CISM
Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK excluding London region over the 6 months to 23 January 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
South East +97 295 £60,000 - 28
North of England -10 220 £55,000 - 24
North West 0 126 £55,000 -8.33% 13
Midlands -64 93 £50,000 +5.26% 13
East of England +24 81 £59,750 +13.81% 10
Yorkshire -6 76 £52,750 +22.67% 7
West Midlands -74 65 £50,000 +5.26% 4
South West -38 34 £52,750 -12.08% 4
East Midlands +7 28 £50,000 +11.11% 9
North East -19 18 £48,500 +7.78% 4
Scotland -66 18 £67,500 +22.73% 1
Wales +11 4 £40,000 -51.52% 1
Northern Ireland -25 2 £47,500 +18.75%
CISM
UK

For the 6 months to 23 January 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the UK excluding London region with a requirement for CISM.

1 713 (95.45%) CISSP
2 583 (78.05%) Information Security
3 444 (59.44%) ISO/IEC 27001
4 320 (42.84%) CISA
5 235 (31.46%) Cybersecurity
6 225 (30.12%) Finance
7 220 (29.45%) Risk Management
8 187 (25.03%) Firewall
9 180 (24.10%) PCI DSS
10 167 (22.36%) Management Information System
11 161 (21.55%) Penetration Testing
12 143 (19.14%) SIEM
12 143 (19.14%) CRISC
13 140 (18.74%) Data Protection
14 139 (18.61%) Degree
14 139 (18.61%) GDPR
15 127 (17.00%) Network Security
16 126 (16.87%) Security Management
17 125 (16.73%) ITIL
18 112 (14.99%) Security Operations
19 106 (14.19%) Information Security Management
20 104 (13.92%) Windows
21 101 (13.52%) GIAC
22 100 (13.39%) Risk Assessment
23 81 (10.84%) CEH
24 78 (10.44%) Legal
24 78 (10.44%) Active Directory
25 74 (9.91%) Linux
26 72 (9.64%) SSCP
26 72 (9.64%) Security Architecture

CISM
Co-occurring IT Skills in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 19 (2.54%) IIS
2 9 (1.20%) Apache
3 7 (0.94%) MS Exchange
4 3 (0.40%) SharePoint
5 1 (0.13%) WordPress
Applications
1 5 (0.67%) Microsoft Office
2 3 (0.40%) Microsoft PowerPoint
3 2 (0.27%) Microsoft Excel
3 2 (0.27%) MS Visio
Business Applications
1 3 (0.40%) assyst
2 2 (0.27%) Payment Gateway
Cloud Services
1 25 (3.35%) SaaS
2 19 (2.54%) Office 365
3 18 (2.41%) Amazon AWS
4 14 (1.87%) IaaS
4 14 (1.87%) Microsoft Azure
5 13 (1.74%) PaaS
6 6 (0.80%) Google Cloud Platform
7 3 (0.40%) Mimecast
7 3 (0.40%) OneDrive
8 1 (0.13%) AWS CloudFormation
Communications & Networking
1 187 (25.03%) Firewall
2 127 (17.00%) Network Security
3 48 (6.43%) TCP/IP
4 39 (5.22%) VPN
5 38 (5.09%) Internet
6 25 (3.35%) WAN
7 23 (3.08%) Intrusion Detection
8 20 (2.68%) SSL
9 19 (2.54%) LAN
10 18 (2.41%) IPsec
11 14 (1.87%) Wireless
12 10 (1.34%) SCCP
13 8 (1.07%) Cisco ASA
14 7 (0.94%) VLAN
15 6 (0.80%) Cisco PIX
15 6 (0.80%) HTTP
15 6 (0.80%) MPLS
16 5 (0.67%) DNS
17 4 (0.54%) SMTP
17 4 (0.54%) SNMP
Database & Business Intelligence
1 9 (1.20%) MySQL
2 8 (1.07%) Oracle Database
3 2 (0.27%) GIS
4 1 (0.13%) Big Data
4 1 (0.13%) PostgreSQL
4 1 (0.13%) RDBMS
4 1 (0.13%) Relational Database
Development Applications
1 5 (0.67%) Burp Suite
1 5 (0.67%) Metasploit
2 1 (0.13%) AppScan
2 1 (0.13%) Git (software)
2 1 (0.13%) Jenkins
2 1 (0.13%) Subversion
General
1 225 (30.12%) Finance
2 78 (10.44%) Legal
3 38 (5.09%) Retail
4 26 (3.48%) Telecoms
5 20 (2.68%) Manufacturing
6 17 (2.28%) Marketing
7 14 (1.87%) Banking
8 12 (1.61%) Front Office
8 12 (1.61%) Law
9 8 (1.07%) Electronics
9 8 (1.07%) French Language
9 8 (1.07%) German Language
10 5 (0.67%) Games
10 5 (0.67%) Investment Banking
11 4 (0.54%) Digital Economy
12 3 (0.40%) Advertising
13 2 (0.27%) Corporate Banking
14 1 (0.13%) Publishing
14 1 (0.13%) Retail Banking
14 1 (0.13%) Spanish Language
Job Titles
1 186 (24.90%) Security Manager
2 144 (19.28%) Consultant
3 143 (19.14%) Analyst
4 136 (18.21%) Information Security Manager
5 133 (17.80%) Security Consultant
6 132 (17.67%) Security Analyst
7 126 (16.87%) Information Manager
8 93 (12.45%) Information Analyst
8 93 (12.45%) Information Security Analyst
9 56 (7.50%) Information Security Consultant
10 50 (6.69%) Architect
10 50 (6.69%) Security Architect
11 47 (6.29%) IT Manager
12 46 (6.16%) Security Engineer
13 39 (5.22%) IT Security Manager
14 34 (4.55%) Security Officer
14 34 (4.55%) Security Specialist
15 33 (4.42%) Risk Manager
16 28 (3.75%) Cybersecurity Consultant
16 28 (3.75%) Information Security Officer
Libraries, Frameworks & Software Standards
1 12 (1.61%) Web Services
2 11 (1.47%) SailPoint
3 7 (0.94%) Middleware
3 7 (0.94%) OAuth
3 7 (0.94%) OpenID
3 7 (0.94%) REST
3 7 (0.94%) SAML
3 7 (0.94%) SOAP
4 2 (0.27%) .NET
4 2 (0.27%) ASP.NET Web API
4 2 (0.27%) HTML
4 2 (0.27%) HTML5
4 2 (0.27%) JSON
4 2 (0.27%) RESTful
4 2 (0.27%) XML
5 1 (0.13%) LAMP
Miscellaneous
1 167 (22.36%) Management Information System
2 66 (8.84%) Analytical Skills
3 50 (6.69%) Cyberthreat
4 45 (6.02%) Data Protection Act
5 36 (4.82%) Computer Science
6 31 (4.15%) Data Centre
7 30 (4.02%) PKI
7 30 (4.02%) Security Operations Centre
8 18 (2.41%) Cyberattack
9 17 (2.28%) CESG
10 16 (2.14%) Distributed Denial-of-Service
10 16 (2.14%) Greenfield Project
11 14 (1.87%) NHS
12 10 (1.34%) Smart Meter
13 9 (1.20%) Cyber Defence
14 8 (1.07%) Cyber Kill Chain
14 8 (1.07%) Mobile Computing
15 7 (0.94%) Virtual Team
16 6 (0.80%) BYOD
16 6 (0.80%) Mainframe
Operating Systems
1 104 (13.92%) Windows
2 74 (9.91%) Linux
3 64 (8.57%) Unix
4 25 (3.35%) Windows Server
5 8 (1.07%) FreeBSD
6 7 (0.94%) Apple iOS
7 6 (0.80%) Kali Linux
7 6 (0.80%) Solaris
8 4 (0.54%) AIX
9 3 (0.40%) VMS
10 2 (0.27%) Android
10 2 (0.27%) Mac OS X
11 1 (0.13%) Windows 10
11 1 (0.13%) Windows 7
Processes & Methodologies
1 583 (78.05%) Information Security
2 235 (31.46%) Cybersecurity
3 220 (29.45%) Risk Management
4 161 (21.55%) Penetration Testing
5 143 (19.14%) SIEM
6 140 (18.74%) Data Protection
7 126 (16.87%) Security Management
8 125 (16.73%) ITIL
9 112 (14.99%) Security Operations
10 106 (14.19%) Information Security Management
11 100 (13.39%) Risk Assessment
12 72 (9.64%) Security Architecture
13 69 (9.24%) Agile Software Development
13 69 (9.24%) Project Management
14 67 (8.97%) Stakeholder Management
15 61 (8.17%) Vulnerability Management
16 60 (8.03%) ISMS
17 59 (7.90%) Identity Access Management
18 57 (7.63%) Data Security
18 57 (7.63%) Vulnerability Assessment
Programming Languages
1 15 (2.01%) PowerShell
2 13 (1.74%) Python
3 11 (1.47%) Bash Shell
4 9 (1.20%) C
4 9 (1.20%) Perl
5 5 (0.67%) Java
5 5 (0.67%) SQL
6 4 (0.54%) PHP
7 2 (0.27%) C#
7 2 (0.27%) C++
7 2 (0.27%) VB.NET
8 1 (0.13%) JavaScript
8 1 (0.13%) Ruby
Qualifications
1 713 (95.45%) CISSP
2 320 (42.84%) CISA
3 143 (19.14%) CRISC
4 139 (18.61%) Degree
5 101 (13.52%) GIAC
6 81 (10.84%) CEH
7 72 (9.64%) SSCP
8 63 (8.43%) SANS
9 58 (7.76%) Security Cleared
10 51 (6.83%) Cisco Certification
11 45 (6.02%) SC Cleared
12 43 (5.76%) CESG Certified Professional
13 33 (4.42%) CISMP
14 31 (4.15%) CompTIA Security+
15 29 (3.88%) ISO 27001 Lead Auditor
16 26 (3.48%) Computer Science Degree
17 25 (3.35%) CCNA
18 24 (3.21%) CSSLP
19 20 (2.68%) IISP
20 18 (2.41%) (ISC)2 CCSP
Quality Assurance & Compliance
1 444 (59.44%) ISO/IEC 27001
2 180 (24.10%) PCI DSS
3 139 (18.61%) GDPR
4 67 (8.97%) Cyber Essentials
5 53 (7.10%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 39 (5.22%) COBIT
7 25 (3.35%) ISO 22301
8 21 (2.81%) Sarbanes-Oxley
9 19 (2.54%) ISO 31000
9 19 (2.54%) ISO/IEC 27005
10 17 (2.28%) HMG Security Policy Framework
11 15 (2.01%) ISO 9001
12 14 (1.87%) NIST 800
13 10 (1.34%) RMADS
14 9 (1.20%) HIPAA
15 7 (0.94%) Cyber Essentials PLUS
16 6 (0.80%) Data Quality
16 6 (0.80%) GCP
16 6 (0.80%) Government Security Classifications
17 5 (0.67%) COSO
System Software
1 78 (10.44%) Active Directory
2 12 (1.61%) Hyper-V
3 11 (1.47%) VMware Infrastructure
4 6 (0.80%) Firmware
5 5 (0.67%) vSphere
6 2 (0.27%) Snort
7 1 (0.13%) VMware ESXi
7 1 (0.13%) VMware NSX
Systems Management
1 11 (1.47%) QRadar
2 8 (1.07%) Juniper STRM
2 8 (1.07%) Norton AntiVirus
2 8 (1.07%) RSA enVision
2 8 (1.07%) RSA Security Analytics
3 6 (0.80%) Nessus
4 5 (0.67%) CSIRT
4 5 (0.67%) Nagios
5 4 (0.54%) FortiGate
5 4 (0.54%) Host Intrusion Detection System
5 4 (0.54%) Nmap
5 4 (0.54%) ZABBIX
6 3 (0.40%) Computer Emergency Response Teams
6 3 (0.40%) Microsoft Intune
7 1 (0.13%) AirWatch
7 1 (0.13%) Cisco CME
7 1 (0.13%) Consul
7 1 (0.13%) Terraform
7 1 (0.13%) Trend Micro Deep Security
7 1 (0.13%) vRealize
Vendors
1 45 (6.02%) Cisco
2 41 (5.49%) Microsoft
3 22 (2.95%) CheckPoint
4 16 (2.14%) CyberArk
4 16 (2.14%) Splunk
5 15 (2.01%) LogRhythm
6 14 (1.87%) Oracle
6 14 (1.87%) Symantec
6 14 (1.87%) VMware
7 13 (1.74%) IBM
7 13 (1.74%) Sophos
8 11 (1.47%) Capita
9 10 (1.34%) NetIQ
10 8 (1.07%) Forcepoint
10 8 (1.07%) Juniper
10 8 (1.07%) SAP
10 8 (1.07%) Sun
11 7 (0.94%) Citrix
11 7 (0.94%) McAfee
11 7 (0.94%) Reuters