Period
to 26 April 2018

The following table provides summary statistics for permanent job vacancies advertised in the UK excluding London with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 26 April 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK > UK excluding London
6 months to
26 Apr 2018
Same period 2017 Same period 2016
Rank 372 344 351
Rank change year-on-year -28 +7 +191
Permanent jobs citing CISM 813 790 1,021
As % of all permanent IT jobs advertised in the UK excluding London 0.79% 0.80% 0.88%
As % of the Qualifications category 3.29% 3.10% 3.03%
Number of salaries quoted 611 582 804
UK excluding London median annual salary £58,000 £55,000 £55,000
Median salary % change year-on-year +5.45% - -
10th Percentile £40,000 £37,500 £41,250
90th Percentile £82,500 £77,500 £75,000
UK median annual salary £65,000 £65,000 £60,000
% change year-on-year - +8.33% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the UK excluding London with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK excluding London
Permanent vacancies requiring academic qualifications or professional certifications 24,692 25,475 33,723
As % of all permanent IT jobs advertised in the UK excluding London 24.05% 25.87% 28.98%
Number of salaries quoted 18,822 19,921 26,625
UK excluding London median annual salary £44,000 £42,000 £42,500
Median salary % change year-on-year +4.76% -1.18% +6.25%
10th Percentile £25,000 £24,250 £24,500
90th Percentile £67,291 £63,750 £65,000
UK median annual salary £47,500 £45,000 £45,000
% change year-on-year +5.56% - -

CISM
Job Vacancy Trend in the UK excluding London

Job postings citing CISM as a percentage of all IT jobs advertised in the UK excluding London.

Job vacancy trend for CISM in the UK excluding London

CISM
Salary Trend in the UK excluding London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM in the UK excluding London.

Salary trend for CISM in the UK excluding London

CISM
Salary Histogram in the UK excluding London

The salary distribution of IT jobs citing CISM in the UK excluding London over the 6 months to 26 April 2018.

Salary histogram for CISM in the UK excluding London

CISM
Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK excluding London region over the 6 months to 26 April 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
South East +83 310 £60,000 - 33
North of England -7 216 £57,500 +27.78% 23
Midlands -9 161 £55,000 +15.79% 23
West Midlands -15 113 £55,000 +15.79% 16
North West -32 108 £57,500 +2.68% 14
Yorkshire +18 94 £57,000 +42.50% 6
East of England -68 64 £56,250 +10.29% 9
East Midlands +12 46 £62,500 +42.05% 7
South West -30 30 £55,000 -8.33% 3
Scotland -47 27 £55,000 +10.00% 3
North East -21 14 £49,250 +9.44% 3
Wales +6 9 £45,105 +0.23% 4
Northern Ireland +6 1 £52,500 -4.55%
CISM
UK

For the 6 months to 26 April 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the UK excluding London region with a requirement for CISM.

1 781 (96.06%) CISSP
2 599 (73.68%) Information Security
3 470 (57.81%) ISO/IEC 27001
4 333 (40.96%) CISA
5 261 (32.10%) Cybersecurity
6 248 (30.50%) Risk Management
7 233 (28.66%) Finance
8 221 (27.18%) PCI DSS
9 184 (22.63%) GDPR
10 178 (21.89%) Firewall
11 169 (20.79%) Management Information System
12 159 (19.56%) Data Protection
13 155 (19.07%) Degree
13 155 (19.07%) SIEM
14 148 (18.20%) ITIL
15 144 (17.71%) Security Management
16 137 (16.85%) Penetration Testing
17 116 (14.27%) Information Security Management
18 115 (14.15%) CRISC
18 115 (14.15%) Security Architecture
19 114 (14.02%) SANS
20 113 (13.90%) Security Operations
21 103 (12.67%) Network Security
22 101 (12.42%) CEH
23 96 (11.81%) Vulnerability Management
24 95 (11.69%) Stakeholder Management
25 90 (11.07%) GIAC
26 82 (10.09%) Windows
27 80 (9.84%) Problem-Solving
28 77 (9.47%) OWASP

CISM
Co-occurring IT Skills in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 26 (3.20%) IIS
2 8 (0.98%) Apache
3 7 (0.86%) MS Exchange
4 4 (0.49%) SharePoint
5 1 (0.12%) CMS
Applications
1 10 (1.23%) Microsoft Office
2 3 (0.37%) MS Visio
3 2 (0.25%) Microsoft PowerPoint
4 1 (0.12%) Microsoft Excel
Business Applications
1 3 (0.37%) assyst
Cloud Services
1 66 (8.12%) Microsoft Azure
2 63 (7.75%) Amazon AWS
3 28 (3.44%) Google Cloud Platform
4 27 (3.32%) Office 365
5 22 (2.71%) SaaS
6 13 (1.60%) IaaS
7 12 (1.48%) PaaS
8 4 (0.49%) OneDrive
9 3 (0.37%) Azure Active Directory
9 3 (0.37%) Cloud Computing
9 3 (0.37%) Mimecast
10 2 (0.25%) Virtual Private Cloud
Communications & Networking
1 178 (21.89%) Firewall
2 103 (12.67%) Network Security
3 47 (5.78%) VPN
4 30 (3.69%) Intrusion Detection
4 30 (3.69%) SSL
4 30 (3.69%) WAN
5 27 (3.32%) Internet
6 24 (2.95%) TCP/IP
7 17 (2.09%) IPsec
8 15 (1.85%) SCCP
9 11 (1.35%) LAN
10 10 (1.23%) Cisco IPT
10 10 (1.23%) HTTP
11 8 (0.98%) DNS
12 7 (0.86%) PBX
12 7 (0.86%) VLAN
12 7 (0.86%) VoIP
12 7 (0.86%) Wireless
13 6 (0.74%) SMS
13 6 (0.74%) WebEx
Database & Business Intelligence
1 9 (1.11%) MySQL
2 8 (0.98%) Big Data
3 7 (0.86%) Oracle Database
4 1 (0.12%) GIS
4 1 (0.12%) PostgreSQL
4 1 (0.12%) RDBMS
4 1 (0.12%) Relational Database
Development Applications
1 6 (0.74%) AppScan
2 4 (0.49%) Metasploit
3 3 (0.37%) Burp Suite
4 1 (0.12%) Git (software)
4 1 (0.12%) Jenkins
4 1 (0.12%) SonarQube
4 1 (0.12%) Subversion
General
1 233 (28.66%) Finance
2 72 (8.86%) Legal
3 30 (3.69%) Telecoms
4 28 (3.44%) Retail
5 25 (3.08%) Banking
6 18 (2.21%) Manufacturing
7 15 (1.85%) Law
8 14 (1.72%) Games
9 12 (1.48%) Marketing
10 10 (1.23%) Back Office
10 10 (1.23%) Front Office
11 8 (0.98%) Investment Banking
12 7 (0.86%) Financial Institution
12 7 (0.86%) Retail Banking
13 6 (0.74%) Publishing
14 4 (0.49%) Corporate Banking
15 3 (0.37%) Electronics
16 2 (0.25%) French Language
16 2 (0.25%) German Language
16 2 (0.25%) Local Government
Job Titles
1 250 (30.75%) Security Manager
2 169 (20.79%) Information Security Manager
3 156 (19.19%) Information Manager
4 124 (15.25%) Analyst
5 114 (14.02%) Consultant
6 108 (13.28%) Security Consultant
7 102 (12.55%) Security Analyst
8 79 (9.72%) Architect
8 79 (9.72%) Security Architect
9 62 (7.63%) Information Analyst
9 62 (7.63%) Information Security Analyst
9 62 (7.63%) IT Manager
10 57 (7.01%) Information Security Consultant
11 56 (6.89%) Security Engineer
12 48 (5.90%) Security Officer
13 42 (5.17%) IT Security Manager
14 38 (4.67%) Information Security Officer
15 34 (4.18%) Information Officer
16 31 (3.81%) Risk Manager
17 30 (3.69%) Senior Manager
Libraries, Frameworks & Software Standards
1 18 (2.21%) SailPoint
2 13 (1.60%) Middleware
3 10 (1.23%) Web Services
4 3 (0.37%) ADSI
4 3 (0.37%) LDAP
5 1 (0.12%) LAMP
5 1 (0.12%) Regular Expression
Miscellaneous
1 169 (20.79%) Management Information System
2 76 (9.35%) Analytical Skills
3 52 (6.40%) Computer Science
4 51 (6.27%) Cyberthreat
5 45 (5.54%) Data Centre
6 43 (5.29%) Data Protection Act
7 42 (5.17%) Security Operations Centre
8 35 (4.31%) PKI
9 21 (2.58%) Self-Motivation
10 20 (2.46%) Cyber Defence
10 20 (2.46%) Cyberattack
11 19 (2.34%) Distributed Denial-of-Service
12 18 (2.21%) NHS
13 15 (1.85%) BYOD
13 15 (1.85%) CESG
14 14 (1.72%) Public Cloud
15 12 (1.48%) Virtual Team
16 11 (1.35%) Greenfield Project
17 9 (1.11%) Freedom of Information
18 8 (0.98%) Cyber Kill Chain
Operating Systems
1 82 (10.09%) Windows
2 42 (5.17%) Unix
3 41 (5.04%) Linux
4 21 (2.58%) Windows Server
5 9 (1.11%) AIX
6 8 (0.98%) FreeBSD
7 7 (0.86%) Solaris
8 5 (0.62%) Kali Linux
9 3 (0.37%) Windows 10
10 1 (0.12%) Android
10 1 (0.12%) Apple iOS
Processes & Methodologies
1 599 (73.68%) Information Security
2 261 (32.10%) Cybersecurity
3 248 (30.50%) Risk Management
4 159 (19.56%) Data Protection
5 155 (19.07%) SIEM
6 148 (18.20%) ITIL
7 144 (17.71%) Security Management
8 137 (16.85%) Penetration Testing
9 116 (14.27%) Information Security Management
10 115 (14.15%) Security Architecture
11 113 (13.90%) Security Operations
12 96 (11.81%) Vulnerability Management
13 95 (11.69%) Stakeholder Management
14 80 (9.84%) Problem-Solving
15 77 (9.47%) OWASP
16 71 (8.73%) Risk Assessment
17 65 (8.00%) ISMS
18 64 (7.87%) Identity Access Management
19 63 (7.75%) Security Monitoring
20 62 (7.63%) Agile Software Development
Programming Languages
1 13 (1.60%) C
2 11 (1.35%) PowerShell
3 8 (0.98%) Bash Shell
4 7 (0.86%) Python
5 6 (0.74%) Perl
6 4 (0.49%) C#
6 4 (0.49%) C++
6 4 (0.49%) Java
6 4 (0.49%) SQL
7 3 (0.37%) PHP
8 2 (0.25%) Ruby
9 1 (0.12%) Go
Qualifications
1 781 (96.06%) CISSP
2 333 (40.96%) CISA
3 155 (19.07%) Degree
4 115 (14.15%) CRISC
5 114 (14.02%) SANS
6 101 (12.42%) CEH
7 90 (11.07%) GIAC
8 72 (8.86%) Security Cleared
9 69 (8.49%) SSCP
10 66 (8.12%) Cisco Certification
11 63 (7.75%) CSSLP
12 55 (6.77%) SC Cleared
13 46 (5.66%) CompTIA Security+
14 44 (5.41%) CESG Certified Professional
15 38 (4.67%) (ISC)2 CCSP
15 38 (4.67%) CISMP
16 33 (4.06%) CCSP
16 33 (4.06%) Computer Science Degree
17 27 (3.32%) IISP
18 23 (2.83%) ISO 27001 Lead Auditor
Quality Assurance & Compliance
1 470 (57.81%) ISO/IEC 27001
2 221 (27.18%) PCI DSS
3 184 (22.63%) GDPR
4 75 (9.23%) COBIT
5 70 (8.61%) Cyber Essentials
6 39 (4.80%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 35 (4.31%) Sarbanes-Oxley
8 29 (3.57%) HIPAA
9 28 (3.44%) GCP
10 20 (2.46%) ISO 31000
11 19 (2.34%) ISO 22301
12 18 (2.21%) HMG Security Policy Framework
13 17 (2.09%) ISO 9001
14 14 (1.72%) Cyber Essentials PLUS
15 11 (1.35%) NIST 800
16 7 (0.86%) Government Security Classifications
16 7 (0.86%) ISO/IEC 27005
16 7 (0.86%) RMADS
17 6 (0.74%) GPG13
17 6 (0.74%) PMO
System Software
1 47 (5.78%) Active Directory
2 17 (2.09%) Hyper-V
3 8 (0.98%) VMware Infrastructure
4 1 (0.12%) Virtual Desktop
Systems Management
1 19 (2.34%) QRadar
2 18 (2.21%) Nessus
3 10 (1.23%) Norton AntiVirus
4 9 (1.11%) CSIRT
5 8 (0.98%) Juniper STRM
5 8 (0.98%) RSA enVision
5 8 (0.98%) RSA Security Analytics
6 7 (0.86%) Core Impact
6 7 (0.86%) Nexpose
6 7 (0.86%) OpenVAS
7 6 (0.74%) HP Fortify
7 6 (0.74%) WebInspect
8 4 (0.49%) Microsoft Intune
9 3 (0.37%) Host Intrusion Detection System
9 3 (0.37%) Trend Micro Deep Security
10 2 (0.25%) CASB
10 2 (0.25%) Computer Emergency Response Teams
11 1 (0.12%) Consul
11 1 (0.12%) Opscode Chef
11 1 (0.12%) Single Sign-On
Vendors
1 46 (5.66%) Microsoft
2 39 (4.80%) Cisco
3 34 (4.18%) Veracode
4 30 (3.69%) Qualys
5 22 (2.71%) CheckPoint
6 21 (2.58%) Capita
7 20 (2.46%) CyberArk
8 18 (2.21%) IBM
9 17 (2.09%) LogRhythm
10 16 (1.97%) Juniper
10 16 (1.97%) Symantec
11 15 (1.85%) Sophos
12 14 (1.72%) Oracle
12 14 (1.72%) Splunk
13 13 (1.60%) Rapid7
13 13 (1.60%) VMware
14 11 (1.35%) ArcSight
14 11 (1.35%) SolarWinds
14 11 (1.35%) Sun
15 10 (1.23%) NetIQ