Period
to 22 September 2018

The following table provides summary statistics for permanent job vacancies advertised in the UK excluding London with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 22 September 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK > UK excluding London
6 months to
22 Sep 2018
Same period 2017 Same period 2016
Rank 323 378 341
Rank change year-on-year +55 -37 +139
Permanent jobs citing CISM 894 771 965
As % of all permanent IT jobs advertised in the UK excluding London 0.95% 0.79% 0.87%
As % of the Qualifications category 3.91% 3.07% 3.07%
Number of salaries quoted 627 578 719
UK excluding London median annual salary £60,000 £55,000 £57,500
Median salary % change year-on-year +9.09% -4.35% +9.52%
10th Percentile £38,250 £40,000 £38,300
90th Percentile £80,000 £78,000 £75,000
UK median annual salary £65,000 £65,000 £65,000

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the UK excluding London with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK excluding London
Permanent vacancies requiring academic qualifications or professional certifications 22,860 25,134 31,434
As % of all permanent IT jobs advertised in the UK excluding London 24.35% 25.66% 28.27%
Number of salaries quoted 17,065 19,821 24,807
UK excluding London median annual salary £45,000 £42,500 £42,500
Median salary % change year-on-year +5.88% - +6.25%
10th Percentile £24,750 £23,750 £24,500
90th Percentile £68,750 £65,000 £65,000
UK median annual salary £50,000 £46,000 £45,000
% change year-on-year +8.70% +2.22% -

CISM
Job Vacancy Trend in the UK excluding London

Job postings citing CISM as a percentage of all IT jobs advertised in the UK excluding London.

Job vacancy trend for CISM in the UK excluding London

CISM
Salary Trend in the UK excluding London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM in the UK excluding London.

Salary trend for CISM in the UK excluding London

CISM
Salary Histogram in the UK excluding London

The salary distribution of IT jobs citing CISM in the UK excluding London over the 6 months to 22 September 2018.

Salary histogram for CISM in the UK excluding London

CISM
Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK excluding London region over the 6 months to 22 September 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
South East +54 308 £60,000 - 39
North of England -23 182 £55,000 - 30
East of England +74 172 £70,000 +27.27% 8
Midlands +58 129 £57,500 +4.55% 20
West Midlands +52 107 £57,000 +14.00% 15
North West -47 84 £55,000 - 18
Yorkshire +44 78 £55,000 +4.76% 10
South West +5 49 £57,500 +4.55% 16
Scotland +9 36 £49,500 -22.96% 3
North East -19 20 £65,750 +1.15% 2
East Midlands +9 19 £66,000 +20.00% 5
Wales +16 13 £40,210 -10.65% 1
Isle of Man - 5 £55,000 -
CISM
UK

For the 6 months to 22 September 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the UK excluding London region with a requirement for CISM.

1 864 (96.64%) CISSP
2 612 (68.46%) Information Security
3 466 (52.13%) ISO/IEC 27001
4 402 (44.97%) CISA
5 321 (35.91%) Cybersecurity
6 263 (29.42%) Risk Management
7 231 (25.84%) PCI DSS
8 212 (23.71%) Finance
9 200 (22.37%) SIEM
10 184 (20.58%) ITIL
11 177 (19.80%) GDPR
12 169 (18.90%) Security Architecture
12 169 (18.90%) Degree
13 161 (18.01%) Management Information System
14 156 (17.45%) CEH
15 145 (16.22%) SANS
16 136 (15.21%) Data Protection
17 120 (13.42%) SSCP
18 119 (13.31%) Penetration Testing
19 118 (13.20%) GIAC
20 116 (12.98%) Firewall
21 112 (12.53%) Windows
22 111 (12.42%) Security Management
23 104 (11.63%) Security Operations
24 101 (11.30%) Stakeholder Management
24 101 (11.30%) Vulnerability Management
25 94 (10.51%) Information Security Management
26 89 (9.96%) Continuous Improvement
27 88 (9.84%) CompTIA Security+
28 86 (9.62%) OWASP

CISM
Co-occurring IT Skills in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 20 (2.24%) IIS
2 16 (1.79%) SharePoint
3 4 (0.45%) Apache
4 3 (0.34%) Confluence
5 1 (0.11%) JBoss
5 1 (0.11%) SAS
5 1 (0.11%) SharePoint 2013
5 1 (0.11%) Tomcat
5 1 (0.11%) WebLogic
Applications
1 11 (1.23%) Microsoft Office
2 5 (0.56%) MS Visio
3 1 (0.11%) Microsoft Project
3 1 (0.11%) Spreadsheet
Business Applications
1 9 (1.01%) assyst
2 7 (0.78%) SAP GRC
2 7 (0.78%) Sentinel
3 3 (0.34%) Infor M3
Cloud Services
1 66 (7.38%) Microsoft Azure
2 64 (7.16%) Amazon AWS
3 37 (4.14%) Office 365
4 18 (2.01%) SaaS
5 13 (1.45%) Google Cloud Platform
6 9 (1.01%) Mimecast
7 6 (0.67%) IaaS
8 5 (0.56%) Cloud Computing
9 3 (0.34%) OneDrive
9 3 (0.34%) PaaS
10 2 (0.22%) Virtual Private Cloud
Communications & Networking
1 116 (12.98%) Firewall
2 58 (6.49%) Network Security
3 34 (3.80%) WAN
4 32 (3.58%) Intrusion Detection
5 25 (2.80%) LAN
6 20 (2.24%) SCCP
7 19 (2.13%) VPN
8 14 (1.57%) DNS
8 14 (1.57%) Internet
9 13 (1.45%) Broadband
10 11 (1.23%) DKIM
10 11 (1.23%) DMARC
10 11 (1.23%) SSL
10 11 (1.23%) TCP/IP
10 11 (1.23%) Wireless
11 10 (1.12%) Cisco IPT
11 10 (1.12%) IPsec
12 7 (0.78%) HTTP
12 7 (0.78%) VoIP
13 6 (0.67%) SMS
Database & Business Intelligence
1 14 (1.57%) Big Data
2 7 (0.78%) Geospatial Data
3 6 (0.67%) GIS
4 2 (0.22%) MySQL
5 1 (0.11%) Data Lake
5 1 (0.11%) Hadoop
5 1 (0.11%) QlikView
Development Applications
1 13 (1.45%) Metasploit
2 5 (0.56%) Burp Suite
3 3 (0.34%) AppScan
3 3 (0.34%) JIRA
4 2 (0.22%) SonarQube
General
1 212 (23.71%) Finance
2 61 (6.82%) Retail
3 57 (6.38%) Legal
4 31 (3.47%) Telecoms
5 26 (2.91%) Banking
6 19 (2.13%) Manufacturing
7 9 (1.01%) Law
8 8 (0.89%) Marketing
9 6 (0.67%) Investment Banking
9 6 (0.67%) Publishing
10 5 (0.56%) Financial Institution
11 4 (0.45%) Aerospace
11 4 (0.45%) Front Office
11 4 (0.45%) Local Government
11 4 (0.45%) Pharmaceutical
12 3 (0.34%) Retail Banking
13 2 (0.22%) Military
13 2 (0.22%) Spanish Language
14 1 (0.11%) Advertising
14 1 (0.11%) Electronics
Job Titles
1 235 (26.29%) Security Manager
2 163 (18.23%) Analyst
3 144 (16.11%) Information Manager
4 138 (15.44%) Information Security Manager
5 125 (13.98%) Security Analyst
6 97 (10.85%) Consultant
7 91 (10.18%) Security Consultant
8 90 (10.07%) Information Analyst
9 88 (9.84%) Information Security Analyst
10 87 (9.73%) Security Engineer
11 86 (9.62%) Architect
12 85 (9.51%) Security Architect
13 74 (8.28%) Security Officer
14 60 (6.71%) Information Security Officer
15 58 (6.49%) Information Officer
16 53 (5.93%) IT Manager
17 44 (4.92%) Cybersecurity Consultant
18 36 (4.03%) Risk Manager
19 35 (3.91%) Senior Analyst
20 33 (3.69%) Senior Security Analyst
Libraries, Frameworks & Software Standards
1 19 (2.13%) Web Services
2 17 (1.90%) SailPoint
3 10 (1.12%) Middleware
4 9 (1.01%) LDAP
5 8 (0.89%) .NET
6 4 (0.45%) LAMP
6 4 (0.45%) ModSecurity
7 3 (0.34%) Spring
8 1 (0.11%) HTML
8 1 (0.11%) HTML5
8 1 (0.11%) OAuth
8 1 (0.11%) Regular Expression
8 1 (0.11%) REST
8 1 (0.11%) SAML
8 1 (0.11%) SPNEGO
8 1 (0.11%) XACML
Miscellaneous
1 161 (18.01%) Management Information System
2 79 (8.84%) Analytical Skills
3 61 (6.82%) Data Centre
4 56 (6.26%) Security Operations Centre
5 49 (5.48%) PKI
6 44 (4.92%) CESG
7 41 (4.59%) Data Protection Act
8 39 (4.36%) Self-Motivation
9 38 (4.25%) Computer Science
10 25 (2.80%) Distributed Denial-of-Service
11 20 (2.24%) Cyberattack
12 18 (2.01%) Cyberthreat
13 14 (1.57%) Freedom of Information
14 13 (1.45%) Public Cloud
15 12 (1.34%) BYOD
16 11 (1.23%) Life Science
17 9 (1.01%) Enterprise Software
17 9 (1.01%) Video Conferencing
18 7 (0.78%) Smart Meter
19 6 (0.67%) SCADA
Operating Systems
1 112 (12.53%) Windows
2 74 (8.28%) Unix
3 64 (7.16%) Linux
4 14 (1.57%) Windows Server
5 13 (1.45%) Kali Linux
6 6 (0.67%) AIX
7 4 (0.45%) CentOS
8 2 (0.22%) Android
8 2 (0.22%) Apple iOS
Processes & Methodologies
1 612 (68.46%) Information Security
2 321 (35.91%) Cybersecurity
3 263 (29.42%) Risk Management
4 200 (22.37%) SIEM
5 184 (20.58%) ITIL
6 169 (18.90%) Security Architecture
7 136 (15.21%) Data Protection
8 119 (13.31%) Penetration Testing
9 111 (12.42%) Security Management
10 104 (11.63%) Security Operations
11 101 (11.30%) Stakeholder Management
11 101 (11.30%) Vulnerability Management
12 94 (10.51%) Information Security Management
13 89 (9.96%) Continuous Improvement
14 86 (9.62%) OWASP
15 83 (9.28%) ISMS
16 82 (9.17%) Identity Access Management
17 78 (8.72%) TOGAF
18 74 (8.28%) Cryptography
19 73 (8.17%) Problem-Solving
Programming Languages
1 16 (1.79%) Python
2 15 (1.68%) Perl
3 11 (1.23%) C
3 11 (1.23%) PHP
4 10 (1.12%) Java
5 9 (1.01%) Go
5 9 (1.01%) Ruby
6 4 (0.45%) PowerShell
7 2 (0.22%) Bash Shell
7 2 (0.22%) C#
7 2 (0.22%) C++
7 2 (0.22%) Shell Script
Qualifications
1 864 (96.64%) CISSP
2 402 (44.97%) CISA
3 169 (18.90%) Degree
4 156 (17.45%) CEH
5 145 (16.22%) SANS
6 120 (13.42%) SSCP
7 118 (13.20%) GIAC
8 88 (9.84%) CompTIA Security+
9 78 (8.72%) CRISC
10 74 (8.28%) CESG Certified Professional
10 74 (8.28%) CSSLP
11 65 (7.27%) Security Cleared
12 50 (5.59%) Cisco Certification
13 45 (5.03%) CREST Certified
14 35 (3.91%) ISO 27001 Lead Auditor
15 34 (3.80%) SC Cleared
16 28 (3.13%) (ISC)2 CCSP
17 23 (2.57%) CISMP
18 20 (2.24%) CCSP
18 20 (2.24%) PCI QSA
Quality Assurance & Compliance
1 466 (52.13%) ISO/IEC 27001
2 231 (25.84%) PCI DSS
3 177 (19.80%) GDPR
4 81 (9.06%) Cyber Essentials
5 80 (8.95%) COBIT
6 40 (4.47%) Sarbanes-Oxley
7 36 (4.03%) HMG Security Policy Framework
8 33 (3.69%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 32 (3.58%) Cyber Essentials PLUS
10 24 (2.68%) ISO 22301
11 21 (2.35%) HIPAA
12 19 (2.13%) QA
13 18 (2.01%) ISO 9001
14 14 (1.57%) ISO/IEC 20000
15 12 (1.34%) IASME
16 7 (0.78%) ISO/IEC 27005
17 6 (0.67%) ISO 14001
17 6 (0.67%) ISO 31000
17 6 (0.67%) NIST 800
17 6 (0.67%) RMADS
System Software
1 23 (2.57%) Active Directory
2 4 (0.45%) Hyper-V
3 1 (0.11%) Firmware
3 1 (0.11%) ProxySG
3 1 (0.11%) Snort
Systems Management
1 44 (4.92%) Nessus
2 17 (1.90%) QRadar
3 16 (1.79%) Core Impact
3 16 (1.79%) Nexpose
3 16 (1.79%) OpenVAS
4 10 (1.12%) Nmap
5 8 (0.89%) Norton AntiVirus
5 8 (0.89%) Single Sign-On
6 4 (0.45%) CSIRT
6 4 (0.45%) Trend Micro Deep Security
7 3 (0.34%) HP Fortify
7 3 (0.34%) Microsoft Intune
7 3 (0.34%) OSSEC
8 2 (0.22%) CASB
9 1 (0.11%) FortiGate
9 1 (0.11%) Oracle Identity Manager
9 1 (0.11%) WebInspect
Vendors
1 83 (9.28%) Microsoft
2 61 (6.82%) Sophos
3 59 (6.60%) Symantec
4 54 (6.04%) Qualys
5 39 (4.36%) LogRhythm
6 34 (3.80%) Splunk
7 33 (3.69%) Cisco
8 21 (2.35%) ArcSight
9 19 (2.13%) Forcepoint
9 19 (2.13%) Rapid7
10 18 (2.01%) CyberArk
10 18 (2.01%) SolarWinds
11 16 (1.79%) AlienVault
11 16 (1.79%) Aveksa
11 16 (1.79%) Bomgar
11 16 (1.79%) CheckPoint
12 13 (1.45%) Juniper
12 13 (1.45%) Oracle
13 11 (1.23%) Veracode
14 10 (1.12%) Netsparker