Period
to 15 February 2019

The following table provides summary statistics for permanent job vacancies advertised in the UK excluding London with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 15 February 2019 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK > UK excluding London
6 months to
15 Feb 2019
Same period 2018 Same period 2017
Rank 337 384 375
Rank change year-on-year +47 -9 +25
Permanent jobs citing CISM 760 753 781
As % of all permanent IT jobs advertised in the UK excluding London 0.90% 0.74% 0.76%
As % of the Qualifications category 3.42% 3.01% 2.87%
Number of salaries quoted 504 530 588
UK excluding London median annual salary £60,000 £58,000 £60,000
Median salary % change year-on-year +3.45% -3.33% +9.09%
10th Percentile £36,500 £41,250 £37,500
90th Percentile £80,000 £82,500 £80,000
UK median annual salary £65,000 £65,000 £65,000

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the UK excluding London with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK excluding London
Permanent vacancies requiring academic qualifications or professional certifications 22,215 25,054 27,220
As % of all permanent IT jobs advertised in the UK excluding London 26.20% 24.69% 26.64%
Number of salaries quoted 16,161 19,411 21,265
UK excluding London median annual salary £45,000 £42,500 £42,500
Median salary % change year-on-year +5.88% - -
10th Percentile £25,250 £24,750 £24,750
90th Percentile £70,000 £65,250 £65,000
UK median annual salary £50,000 £47,500 £45,000
% change year-on-year +5.26% +5.56% -

CISM
Job Vacancy Trend in the UK excluding London

Job postings citing CISM as a percentage of all IT jobs advertised in the UK excluding London.

Job vacancy trend for CISM in the UK excluding London

CISM
Salary Trend in the UK excluding London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM in the UK excluding London.

Salary trend for CISM in the UK excluding London

CISM
Salary Histogram in the UK excluding London

The salary distribution of IT jobs citing CISM in the UK excluding London over the 6 months to 15 February 2019.

Salary histogram for CISM in the UK excluding London

CISM
Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK excluding London region over the 6 months to 15 February 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
South East -16 239 £60,000 - 27
North of England +23 191 £55,000 - 37
South West +100 111 £55,000 +10.00% 18
Midlands +49 109 £57,500 +11.11% 19
North West -2 92 £60,000 +9.09% 18
Yorkshire +55 87 £52,500 -3.67% 18
West Midlands +59 85 £57,500 +7.48% 17
East of England +56 81 £75,000 +25.00% 15
East Midlands +11 23 £62,500 +25.00% 2
Scotland +6 19 £51,500 -26.43% 11
North East +14 12 £65,354 +34.75% 1
Wales +24 10 £70,000 +40.00% 1
CISM
UK

For the 6 months to 15 February 2019, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the UK excluding London region with a requirement for CISM.

1 728 (95.79%) CISSP
2 593 (78.03%) Information Security
3 411 (54.08%) ISO/IEC 27001
4 347 (45.66%) Cybersecurity
5 316 (41.58%) CISA
6 211 (27.76%) Risk Management
7 195 (25.66%) Management Information System
8 192 (25.26%) PCI DSS
9 187 (24.61%) Finance
10 173 (22.76%) SIEM
11 162 (21.32%) ITIL
11 162 (21.32%) CEH
12 156 (20.53%) GDPR
13 138 (18.16%) Security Operations
14 133 (17.50%) Firewall
15 128 (16.84%) Security Management
16 126 (16.58%) Degree
17 125 (16.45%) CRISC
18 121 (15.92%) Data Protection
19 108 (14.21%) Information Security Management
20 103 (13.55%) Vulnerability Management
21 101 (13.29%) SANS
22 91 (11.97%) SSCP
23 89 (11.71%) Microsoft Azure
24 88 (11.58%) Amazon AWS
24 88 (11.58%) Security Cleared
25 86 (11.32%) Linux
26 84 (11.05%) OWASP
27 79 (10.39%) Network Security
27 79 (10.39%) Stakeholder Management

CISM
Co-occurring IT Skills in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 28 (3.68%) ExpressionEngine
1 28 (3.68%) WordPress
2 12 (1.58%) IIS
3 9 (1.18%) Apache
4 8 (1.05%) Confluence
5 7 (0.92%) SharePoint
6 4 (0.53%) OpenStack
7 3 (0.39%) WebSphere
8 2 (0.26%) JBoss
8 2 (0.26%) Tomcat
8 2 (0.26%) WebLogic
Applications
1 4 (0.53%) Microsoft Excel
1 4 (0.53%) Microsoft Office
2 2 (0.26%) Microsoft PowerPoint
2 2 (0.26%) MS Visio
Business Applications
1 5 (0.66%) SAP GRC
2 2 (0.26%) Infor M3
2 2 (0.26%) SAP HR
Cloud Services
1 89 (11.71%) Microsoft Azure
2 88 (11.58%) Amazon AWS
3 40 (5.26%) SaaS
4 38 (5.00%) IaaS
5 15 (1.97%) Google Cloud Platform
6 13 (1.71%) Office 365
7 10 (1.32%) PaaS
8 4 (0.53%) GitHub
9 1 (0.13%) Cloud Computing
9 1 (0.13%) Dropbox
9 1 (0.13%) Mimecast
Communications & Networking
1 133 (17.50%) Firewall
2 79 (10.39%) Network Security
3 45 (5.92%) Intrusion Detection
4 44 (5.79%) Internet
5 20 (2.63%) DNS
6 17 (2.24%) VPN
7 16 (2.11%) SCCP
8 14 (1.84%) WAN
9 13 (1.71%) HTTP
9 13 (1.71%) TCP/IP
10 10 (1.32%) Wireless
11 8 (1.05%) FTP
12 7 (0.92%) DHCP
12 7 (0.92%) DMZ
12 7 (0.92%) VoIP
13 6 (0.79%) IPv4
13 6 (0.79%) IPv6
13 6 (0.79%) LAN
14 5 (0.66%) Intranet
14 5 (0.66%) SMTP
Database & Business Intelligence
1 29 (3.82%) Big Data
2 28 (3.68%) MongoDB
3 13 (1.71%) Geospatial Data
4 10 (1.32%) DB2
4 10 (1.32%) Hadoop
4 10 (1.32%) SQL Server
5 1 (0.13%) GIS
Development Applications
1 12 (1.58%) JIRA
2 9 (1.18%) Metasploit
3 7 (0.92%) AppScan
4 4 (0.53%) Git (software)
5 2 (0.26%) Ant
6 1 (0.13%) Burp Suite
General
1 187 (24.61%) Finance
2 63 (8.29%) Legal
3 34 (4.47%) Retail
4 27 (3.55%) Telecoms
5 25 (3.29%) Publishing
6 19 (2.50%) Banking
7 16 (2.11%) Law
8 15 (1.97%) Manufacturing
9 11 (1.45%) Marketing
10 5 (0.66%) Investment Banking
11 4 (0.53%) Electronics
12 1 (0.13%) French Language
12 1 (0.13%) Games
12 1 (0.13%) German Language
12 1 (0.13%) Spanish Language
Job Titles
1 187 (24.61%) Security Manager
2 170 (22.37%) Analyst
3 138 (18.16%) Security Analyst
4 122 (16.05%) Information Manager
5 118 (15.53%) Information Security Manager
6 89 (11.71%) Consultant
7 77 (10.13%) Information Analyst
7 77 (10.13%) Information Security Analyst
8 70 (9.21%) Security Consultant
9 67 (8.82%) Security Engineer
10 65 (8.55%) Architect
11 64 (8.42%) Security Architect
12 47 (6.18%) Senior Analyst
13 44 (5.79%) Head of Security
14 42 (5.53%) Senior Security Analyst
15 38 (5.00%) Incident Manager
15 38 (5.00%) Security Incident Manager
16 37 (4.87%) IT Engineer
16 37 (4.87%) IT Security Engineer
16 37 (4.87%) Security Officer
Libraries, Frameworks & Software Standards
1 28 (3.68%) Node.js
2 13 (1.71%) Web Services
3 12 (1.58%) REST
4 11 (1.45%) ModSecurity
5 10 (1.32%) LDAP
6 8 (1.05%) .NET
6 8 (1.05%) SAML
7 7 (0.92%) Spring
8 6 (0.79%) OAuth
9 4 (0.53%) .NET Framework
9 4 (0.53%) JSON
9 4 (0.53%) Protocol Buffers
9 4 (0.53%) RESTful
9 4 (0.53%) XML
10 3 (0.39%) OpenID
10 3 (0.39%) SOAP
11 2 (0.26%) SailPoint
11 2 (0.26%) SAP Basis
11 2 (0.26%) SPNEGO
11 2 (0.26%) XACML
Miscellaneous
1 195 (25.66%) Management Information System
2 73 (9.61%) Security Operations Centre
3 61 (8.03%) Analytical Skills
4 37 (4.87%) PKI
5 36 (4.74%) Data Protection Act
6 30 (3.95%) Distributed Denial-of-Service
7 23 (3.03%) Data Centre
8 18 (2.37%) CESG
9 17 (2.24%) Driving Licence
10 15 (1.97%) Cyber Kill Chain
10 15 (1.97%) Cyberattack
11 14 (1.84%) Public Cloud
12 13 (1.71%) Self-Motivation
13 10 (1.32%) Smart Meter
14 8 (1.05%) Enterprise Cloud
15 6 (0.79%) Cyberthreat
16 5 (0.66%) LIMS
16 5 (0.66%) Private Cloud
16 5 (0.66%) SWIFT
17 4 (0.53%) NHS
Operating Systems
1 86 (11.32%) Linux
2 75 (9.87%) Windows
3 27 (3.55%) Unix
4 9 (1.18%) Apple iOS
5 8 (1.05%) Windows Server
6 7 (0.92%) Kali Linux
7 4 (0.53%) Android
7 4 (0.53%) Mac OS
8 1 (0.13%) CentOS
8 1 (0.13%) Windows Server 2008
Processes & Methodologies
1 593 (78.03%) Information Security
2 347 (45.66%) Cybersecurity
3 211 (27.76%) Risk Management
4 173 (22.76%) SIEM
5 162 (21.32%) ITIL
6 138 (18.16%) Security Operations
7 128 (16.84%) Security Management
8 121 (15.92%) Data Protection
9 108 (14.21%) Information Security Management
10 103 (13.55%) Vulnerability Management
11 84 (11.05%) OWASP
12 79 (10.39%) Stakeholder Management
13 78 (10.26%) Incident Management
13 78 (10.26%) ISMS
14 72 (9.47%) Agile Software Development
15 69 (9.08%) Security Architecture
16 68 (8.95%) Penetration Testing
17 64 (8.42%) Problem-Solving
18 59 (7.76%) Information Assurance
19 51 (6.71%) Business Continuity
Programming Languages
1 11 (1.45%) Python
2 9 (1.18%) C
2 9 (1.18%) Go
2 9 (1.18%) Perl
2 9 (1.18%) Ruby
3 7 (0.92%) PHP
3 7 (0.92%) PowerShell
3 7 (0.92%) Shell Script
4 5 (0.66%) Java
5 4 (0.53%) SQL
5 4 (0.53%) VBScript
6 2 (0.26%) JavaScript
7 1 (0.13%) C#
Qualifications
1 728 (95.79%) CISSP
2 316 (41.58%) CISA
3 162 (21.32%) CEH
4 126 (16.58%) Degree
5 125 (16.45%) CRISC
6 101 (13.29%) SANS
7 91 (11.97%) SSCP
8 88 (11.58%) Security Cleared
9 68 (8.95%) SC Cleared
10 65 (8.55%) Cisco Certification
11 49 (6.45%) (ISC)2 CCSP
12 43 (5.66%) CCSP
13 42 (5.53%) CESG Certified Professional
13 42 (5.53%) GIAC
14 39 (5.13%) CompTIA Security+
15 34 (4.47%) CISMP
16 28 (3.68%) Computer Science Degree
16 28 (3.68%) OSCP
17 27 (3.55%) ISO 27001 Lead Auditor
17 27 (3.55%) Microsoft Certification
Quality Assurance & Compliance
1 411 (54.08%) ISO/IEC 27001
2 192 (25.26%) PCI DSS
3 156 (20.53%) GDPR
4 64 (8.42%) Cyber Essentials
5 38 (5.00%) COBIT
6 34 (4.47%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 21 (2.76%) Cyber Essentials PLUS
8 18 (2.37%) ISO 22301
8 18 (2.37%) Sarbanes-Oxley
9 17 (2.24%) ISO/IEC 27005
10 15 (1.97%) HMG Security Policy Framework
11 11 (1.45%) HIPAA
12 7 (0.92%) ISO 31000
12 7 (0.92%) QA
12 7 (0.92%) RMADS
13 6 (0.79%) ISAE 3402
14 5 (0.66%) SLA
15 4 (0.53%) GxP
15 4 (0.53%) ISO 9001
15 4 (0.53%) NIST 800
System Software
1 34 (4.47%) Active Directory
2 8 (1.05%) VMware Infrastructure
3 4 (0.53%) Docker
4 3 (0.39%) NDS
4 3 (0.39%) Virtual Machines
5 1 (0.13%) Hyper-V
5 1 (0.13%) VMware NSX
5 1 (0.13%) vSphere
Systems Management
1 30 (3.95%) Nessus
2 15 (1.97%) CSIRT
3 13 (1.71%) Single Sign-On
4 8 (1.05%) HP Fortify
4 8 (1.05%) Nmap
5 6 (0.79%) CASB
5 6 (0.79%) QRadar
6 5 (0.66%) Norton AntiVirus
7 4 (0.53%) Kubernetes
7 4 (0.53%) OSSEC
7 4 (0.53%) RSA Archer
8 3 (0.39%) CA Single Sign-On
8 3 (0.39%) Forum Sentry
8 3 (0.39%) Tivoli
9 1 (0.13%) Computer Incident Response Team
9 1 (0.13%) MIIS
9 1 (0.13%) Nexpose
9 1 (0.13%) Oracle Identity Manager
9 1 (0.13%) Symantec Endpoint Protection
Vendors
1 51 (6.71%) Oracle
2 48 (6.32%) Microsoft
3 25 (3.29%) Qualys
4 21 (2.76%) IBM
5 15 (1.97%) Cisco
5 15 (1.97%) SAP
5 15 (1.97%) Splunk
5 15 (1.97%) Symantec
5 15 (1.97%) VMware
6 13 (1.71%) Google
7 12 (1.58%) CheckPoint
7 12 (1.58%) LogRhythm
7 12 (1.58%) McAfee
8 11 (1.45%) ArcSight
8 11 (1.45%) F5
9 10 (1.32%) Rapid7
9 10 (1.32%) Sybase
10 7 (0.92%) Dell
10 7 (0.92%) HP
11 6 (0.79%) Apple