Period
to 15 November 2018

The following table provides summary statistics for permanent job vacancies advertised in the UK excluding London with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 15 November 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK > UK excluding London
6 months to
15 Nov 2018
Same period 2017 Same period 2016
Rank 332 366 343
Rank change year-on-year +34 -23 +104
Permanent jobs citing CISM 859 804 971
As % of all permanent IT jobs advertised in the UK excluding London 0.94% 0.80% 0.88%
As % of the Qualifications category 3.74% 3.14% 3.14%
Number of salaries quoted 554 568 707
UK excluding London median annual salary £60,000 £55,000 £60,000
Median salary % change year-on-year +9.09% -8.33% +9.09%
10th Percentile £37,500 £40,000 £37,500
90th Percentile £80,000 £77,500 £77,500
UK median annual salary £65,000 £64,000 £65,000
% change year-on-year +1.56% -1.54% +8.33%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the UK excluding London with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK excluding London
Permanent vacancies requiring academic qualifications or professional certifications 22,968 25,628 30,903
As % of all permanent IT jobs advertised in the UK excluding London 25.09% 25.47% 27.85%
Number of salaries quoted 16,929 20,206 24,304
UK excluding London median annual salary £45,000 £42,500 £42,500
Median salary % change year-on-year +5.88% - +3.66%
10th Percentile £24,750 £24,000 £24,825
90th Percentile £70,000 £65,000 £65,000
UK median annual salary £50,000 £47,500 £45,000
% change year-on-year +5.26% +5.56% -

CISM
Job Vacancy Trend in the UK excluding London

Job postings citing CISM as a percentage of all IT jobs advertised in the UK excluding London.

Job vacancy trend for CISM in the UK excluding London

CISM
Salary Trend in the UK excluding London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM in the UK excluding London.

Salary trend for CISM in the UK excluding London

CISM
Salary Histogram in the UK excluding London

The salary distribution of IT jobs citing CISM in the UK excluding London over the 6 months to 15 November 2018.

Salary histogram for CISM in the UK excluding London

CISM
Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK excluding London region over the 6 months to 15 November 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
South East +30 302 £60,000 +3.45% 39
North of England -23 177 £52,500 - 31
East of England +79 168 £70,000 +21.74% 15
Midlands +41 99 £57,500 +4.55% 8
West Midlands +58 87 £57,500 +4.55% 6
North West -21 84 £52,500 -2.33% 19
Yorkshire +31 72 £50,000 -4.76% 11
South West +24 72 £56,250 +2.27% 21
Scotland +11 33 £51,500 -17.60% 5
North East -16 21 £57,500 -11.54% 1
East Midlands 0 9 £66,000 +20.00% 2
Wales +7 7 £38,311 -33.37% 2
Isle of Man - 1 £55,000 -
CISM
UK

For the 6 months to 15 November 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the UK excluding London region with a requirement for CISM.

1 815 (94.88%) CISSP
2 628 (73.11%) Information Security
3 439 (51.11%) ISO/IEC 27001
4 385 (44.82%) CISA
5 322 (37.49%) Cybersecurity
6 230 (26.78%) Risk Management
7 213 (24.80%) PCI DSS
8 207 (24.10%) Finance
9 194 (22.58%) SIEM
10 179 (20.84%) Management Information System
11 174 (20.26%) ITIL
12 161 (18.74%) GDPR
13 150 (17.46%) CEH
14 143 (16.65%) Degree
15 137 (15.95%) Security Architecture
15 137 (15.95%) SSCP
16 132 (15.37%) Data Protection
17 126 (14.67%) SANS
18 117 (13.62%) Security Operations
18 117 (13.62%) Security Management
19 114 (13.27%) Firewall
20 112 (13.04%) Windows
21 105 (12.22%) GIAC
22 104 (12.11%) Continuous Improvement
23 101 (11.76%) Information Security Management
24 98 (11.41%) Penetration Testing
24 98 (11.41%) CRISC
25 97 (11.29%) Vulnerability Management
26 83 (9.66%) Linux
27 82 (9.55%) ISMS

CISM
Co-occurring IT Skills in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 18 (2.10%) SharePoint
2 12 (1.40%) IIS
3 9 (1.05%) ExpressionEngine
3 9 (1.05%) WordPress
4 7 (0.81%) Apache
5 5 (0.58%) Confluence
6 2 (0.23%) JBoss
6 2 (0.23%) Tomcat
6 2 (0.23%) WebLogic
7 1 (0.12%) SAS
7 1 (0.12%) SharePoint 2013
Applications
1 6 (0.70%) MS Visio
2 5 (0.58%) Microsoft Office
3 3 (0.35%) Microsoft Excel
4 2 (0.23%) Microsoft PowerPoint
5 1 (0.12%) Microsoft Project
5 1 (0.12%) Spreadsheet
Business Applications
1 10 (1.16%) SAP GRC
2 7 (0.81%) assyst
3 5 (0.58%) Sentinel
4 4 (0.47%) Infor M3
5 2 (0.23%) SAP HR
Cloud Services
1 64 (7.45%) Amazon AWS
2 63 (7.33%) Microsoft Azure
3 40 (4.66%) Office 365
4 28 (3.26%) SaaS
5 14 (1.63%) IaaS
6 9 (1.05%) Mimecast
7 6 (0.70%) Cloud Computing
8 4 (0.47%) Google Cloud Platform
9 2 (0.23%) PaaS
Communications & Networking
1 114 (13.27%) Firewall
2 70 (8.15%) Network Security
3 45 (5.24%) Intrusion Detection
4 24 (2.79%) LAN
4 24 (2.79%) WAN
5 21 (2.44%) Internet
6 19 (2.21%) VPN
7 18 (2.10%) SCCP
8 15 (1.75%) Broadband
8 15 (1.75%) DNS
9 13 (1.51%) Wireless
10 11 (1.28%) DKIM
10 11 (1.28%) DMARC
11 9 (1.05%) IPsec
12 8 (0.93%) SSL
13 7 (0.81%) TCP/IP
14 6 (0.70%) HTTP
15 5 (0.58%) DHCP
15 5 (0.58%) DMZ
15 5 (0.58%) VoIP
Database & Business Intelligence
1 21 (2.44%) Big Data
2 13 (1.51%) Geospatial Data
3 9 (1.05%) MongoDB
4 5 (0.58%) Hadoop
5 4 (0.47%) DB2
5 4 (0.47%) SQL Server
6 3 (0.35%) GIS
7 2 (0.23%) MySQL
8 1 (0.12%) Data Lake
8 1 (0.12%) QlikView
Development Applications
1 14 (1.63%) Metasploit
2 5 (0.58%) JIRA
3 3 (0.35%) AppScan
3 3 (0.35%) Burp Suite
General
1 207 (24.10%) Finance
2 57 (6.64%) Retail
3 50 (5.82%) Legal
4 33 (3.84%) Telecoms
5 25 (2.91%) Banking
6 22 (2.56%) Manufacturing
7 12 (1.40%) Marketing
8 11 (1.28%) Law
9 9 (1.05%) Investment Banking
10 7 (0.81%) Publishing
11 4 (0.47%) Local Government
11 4 (0.47%) Pharmaceutical
12 3 (0.35%) Aerospace
12 3 (0.35%) Electronics
12 3 (0.35%) Retail Banking
13 1 (0.12%) Advertising
13 1 (0.12%) Back Office
13 1 (0.12%) Military
13 1 (0.12%) Spanish Language
Job Titles
1 229 (26.66%) Security Manager
2 167 (19.44%) Analyst
3 134 (15.60%) Information Manager
3 134 (15.60%) Security Analyst
4 128 (14.90%) Information Security Manager
5 102 (11.87%) Consultant
6 94 (10.94%) Security Consultant
7 92 (10.71%) Information Analyst
8 90 (10.48%) Information Security Analyst
9 85 (9.90%) Security Engineer
10 65 (7.57%) Architect
10 65 (7.57%) Security Officer
11 64 (7.45%) Security Architect
12 51 (5.94%) Information Security Officer
13 49 (5.70%) Information Officer
14 43 (5.01%) Cybersecurity Consultant
14 43 (5.01%) IT Manager
15 41 (4.77%) Senior Analyst
16 39 (4.54%) Senior Security Analyst
17 38 (4.42%) Head of Security
Libraries, Frameworks & Software Standards
1 17 (1.98%) Web Services
2 10 (1.16%) .NET
2 10 (1.16%) LDAP
2 10 (1.16%) SailPoint
3 9 (1.05%) Node.js
4 5 (0.58%) LAMP
4 5 (0.58%) Spring
5 4 (0.47%) ModSecurity
5 4 (0.47%) REST
6 3 (0.35%) Middleware
7 2 (0.23%) SAML
7 2 (0.23%) SAP Basis
7 2 (0.23%) SPNEGO
7 2 (0.23%) XACML
8 1 (0.12%) HTML
8 1 (0.12%) HTML5
8 1 (0.12%) WF
Miscellaneous
1 179 (20.84%) Management Information System
2 73 (8.50%) Security Operations Centre
3 72 (8.38%) Analytical Skills
4 51 (5.94%) Data Centre
5 46 (5.36%) PKI
6 38 (4.42%) Data Protection Act
7 37 (4.31%) Computer Science
8 33 (3.84%) CESG
8 33 (3.84%) Self-Motivation
9 27 (3.14%) Distributed Denial-of-Service
10 16 (1.86%) Cyberattack
11 12 (1.40%) Public Cloud
12 11 (1.28%) Cyber Kill Chain
13 10 (1.16%) Cyberthreat
14 9 (1.05%) Enterprise Software
15 7 (0.81%) Freedom of Information
15 7 (0.81%) Smart Meter
16 6 (0.70%) Greenfield Project
16 6 (0.70%) Life Science
17 5 (0.58%) Video Conferencing
Operating Systems
1 112 (13.04%) Windows
2 83 (9.66%) Linux
3 68 (7.92%) Unix
4 13 (1.51%) Windows Server
5 12 (1.40%) Kali Linux
6 5 (0.58%) CentOS
7 1 (0.12%) AIX
7 1 (0.12%) Android
7 1 (0.12%) Apple iOS
Processes & Methodologies
1 628 (73.11%) Information Security
2 322 (37.49%) Cybersecurity
3 230 (26.78%) Risk Management
4 194 (22.58%) SIEM
5 174 (20.26%) ITIL
6 137 (15.95%) Security Architecture
7 132 (15.37%) Data Protection
8 117 (13.62%) Security Management
8 117 (13.62%) Security Operations
9 104 (12.11%) Continuous Improvement
10 101 (11.76%) Information Security Management
11 98 (11.41%) Penetration Testing
12 97 (11.29%) Vulnerability Management
13 82 (9.55%) Identity Access Management
13 82 (9.55%) ISMS
14 78 (9.08%) Stakeholder Management
15 76 (8.85%) Agile Software Development
16 72 (8.38%) OWASP
17 69 (8.03%) Incident Management
17 69 (8.03%) TOGAF
Programming Languages
1 16 (1.86%) PHP
2 15 (1.75%) Python
3 14 (1.63%) Perl
4 12 (1.40%) Go
4 12 (1.40%) Ruby
5 11 (1.28%) Java
6 10 (1.16%) C
7 2 (0.23%) Bash Shell
7 2 (0.23%) PowerShell
7 2 (0.23%) Shell Script
7 2 (0.23%) SQL
8 1 (0.12%) C#
8 1 (0.12%) JavaScript
Qualifications
1 815 (94.88%) CISSP
2 385 (44.82%) CISA
3 150 (17.46%) CEH
4 143 (16.65%) Degree
5 137 (15.95%) SSCP
6 126 (14.67%) SANS
7 105 (12.22%) GIAC
8 98 (11.41%) CRISC
9 78 (9.08%) CompTIA Security+
10 69 (8.03%) Security Cleared
11 58 (6.75%) CSSLP
12 55 (6.40%) CESG Certified Professional
13 51 (5.94%) CREST Certified
14 46 (5.36%) Cisco Certification
15 37 (4.31%) ISO 27001 Lead Auditor
15 37 (4.31%) SC Cleared
16 34 (3.96%) CISMP
17 26 (3.03%) (ISC)2 CCSP
18 22 (2.56%) CCSP
19 17 (1.98%) ISACA
Quality Assurance & Compliance
1 439 (51.11%) ISO/IEC 27001
2 213 (24.80%) PCI DSS
3 161 (18.74%) GDPR
4 77 (8.96%) Cyber Essentials
5 66 (7.68%) COBIT
6 30 (3.49%) Sarbanes-Oxley
7 29 (3.38%) HMG Security Policy Framework
8 28 (3.26%) Cyber Essentials PLUS
9 25 (2.91%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
10 20 (2.33%) ISO 22301
11 16 (1.86%) QA
12 13 (1.51%) HIPAA
13 11 (1.28%) ISO/IEC 20000
14 9 (1.05%) NIST 800
15 8 (0.93%) IASME
15 8 (0.93%) ISO/IEC 27005
16 6 (0.70%) ISO 9001
16 6 (0.70%) RMADS
17 4 (0.47%) Government Security Classifications
17 4 (0.47%) ISO 31000
System Software
1 24 (2.79%) Active Directory
2 2 (0.23%) Hyper-V
2 2 (0.23%) Virtual Machines
2 2 (0.23%) VMware Infrastructure
3 1 (0.12%) Firmware
3 1 (0.12%) ProxySG
3 1 (0.12%) Snort
3 1 (0.12%) vSphere
Systems Management
1 35 (4.07%) Nessus
2 14 (1.63%) QRadar
3 13 (1.51%) Nmap
4 10 (1.16%) Nexpose
4 10 (1.16%) Single Sign-On
5 9 (1.05%) Core Impact
5 9 (1.05%) OpenVAS
6 7 (0.81%) CSIRT
7 5 (0.58%) HP Fortify
8 3 (0.35%) CASB
9 2 (0.23%) OSSEC
10 1 (0.12%) Computer Incident Response Team
10 1 (0.12%) FortiGate
10 1 (0.12%) Norton AntiVirus
10 1 (0.12%) Oracle Identity Manager
10 1 (0.12%) Trend Micro Deep Security
10 1 (0.12%) WebInspect
Vendors
1 72 (8.38%) Microsoft
2 54 (6.29%) Sophos
3 53 (6.17%) Symantec
4 39 (4.54%) Qualys
5 34 (3.96%) LogRhythm
6 29 (3.38%) Oracle
7 28 (3.26%) Splunk
8 24 (2.79%) Cisco
9 15 (1.75%) SAP
10 14 (1.63%) ArcSight
10 14 (1.63%) Forcepoint
11 12 (1.40%) Netsparker
12 11 (1.28%) CyberArk
13 10 (1.16%) CheckPoint
13 10 (1.16%) McAfee
14 9 (1.05%) AlienVault
14 9 (1.05%) Aveksa
14 9 (1.05%) Bomgar
14 9 (1.05%) SolarWinds
15 8 (0.93%) Rapid7