Period
to 17 July 2018

The following table provides summary statistics for permanent job vacancies advertised in the UK excluding London with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 17 July 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK > UK excluding London
6 months to
17 Jul 2018
Same period 2017 Same period 2016
Rank 332 359 334
Rank change year-on-year +27 -25 +160
Permanent jobs citing CISM 917 805 1,071
As % of all permanent IT jobs advertised in the UK excluding London 0.92% 0.80% 0.92%
As % of the Qualifications category 3.77% 3.11% 3.22%
Number of salaries quoted 653 604 841
UK excluding London median annual salary £60,000 £55,000 £55,000
Median salary % change year-on-year +9.09% - -
10th Percentile £38,819 £40,575 £39,108
90th Percentile £81,250 £77,500 £75,000
UK median annual salary £65,000 £64,000 £60,000
% change year-on-year +1.56% +6.67% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the UK excluding London with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK excluding London
Permanent vacancies requiring academic qualifications or professional certifications 24,319 25,912 33,228
As % of all permanent IT jobs advertised in the UK excluding London 24.33% 25.68% 28.64%
Number of salaries quoted 18,194 20,320 26,241
UK excluding London median annual salary £44,900 £42,500 £42,500
Median salary % change year-on-year +5.65% - +6.25%
10th Percentile £24,802 £24,250 £24,000
90th Percentile £67,500 £65,000 £65,000
UK median annual salary £50,000 £45,000 £45,500
% change year-on-year +11.11% -1.10% +1.11%

CISM
Job Vacancy Trend in the UK excluding London

Job postings citing CISM as a percentage of all IT jobs advertised in the UK excluding London.

Job vacancy trend for CISM in the UK excluding London

CISM
Salary Trend in the UK excluding London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM in the UK excluding London.

Salary trend for CISM in the UK excluding London

CISM
Salary Histogram in the UK excluding London

The salary distribution of IT jobs citing CISM in the UK excluding London over the 6 months to 17 July 2018.

Salary histogram for CISM in the UK excluding London

CISM
Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK excluding London region over the 6 months to 17 July 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
South East +76 321 £60,000 - 28
North of England -21 203 £57,500 +4.55% 22
Midlands +45 154 £57,500 +6.98% 21
East of England +28 150 £65,000 +30.00% 10
West Midlands +38 118 £57,500 +15.00% 16
North West -21 99 £55,000 - 8
Yorkshire +32 87 £57,500 +9.52% 12
South West -17 42 £55,000 - 8
Scotland -26 33 £45,750 -8.50% 15
East Midlands +15 31 £65,000 +18.18% 5
North East -29 17 £68,250 +51.67% 2
Wales +9 13 £40,210 -10.65% 3
Isle of Man - 5 £55,000 -
Northern Ireland -1 1 £52,500 -8.70%
CISM
UK

For the 6 months to 17 July 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the UK excluding London region with a requirement for CISM.

1 899 (98.04%) CISSP
2 627 (68.38%) Information Security
3 481 (52.45%) ISO/IEC 27001
4 399 (43.51%) CISA
5 323 (35.22%) Cybersecurity
6 281 (30.64%) Risk Management
7 243 (26.50%) Finance
8 239 (26.06%) PCI DSS
9 194 (21.16%) Security Architecture
10 192 (20.94%) SIEM
11 174 (18.97%) ITIL
11 174 (18.97%) GDPR
12 164 (17.88%) Management Information System
13 163 (17.78%) Degree
14 156 (17.01%) SANS
15 150 (16.36%) CEH
16 143 (15.59%) Data Protection
17 134 (14.61%) Penetration Testing
18 132 (14.39%) Firewall
19 131 (14.29%) Security Management
20 125 (13.63%) GIAC
21 122 (13.30%) Stakeholder Management
21 122 (13.30%) Security Operations
22 105 (11.45%) Information Security Management
23 101 (11.01%) Windows
24 100 (10.91%) OWASP
25 99 (10.80%) SSCP
26 96 (10.47%) Vulnerability Management
27 94 (10.25%) CSSLP
28 92 (10.03%) CRISC

CISM
Co-occurring IT Skills in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 23 (2.51%) IIS
2 10 (1.09%) SharePoint
3 3 (0.33%) Confluence
4 2 (0.22%) Apache
5 1 (0.11%) CMS
5 1 (0.11%) JBoss
5 1 (0.11%) MS Exchange
5 1 (0.11%) SAS
5 1 (0.11%) SharePoint 2013
5 1 (0.11%) Tomcat
5 1 (0.11%) WebLogic
Applications
1 13 (1.42%) Microsoft Office
2 5 (0.55%) MS Visio
3 1 (0.11%) Microsoft Project
3 1 (0.11%) Spreadsheet
Business Applications
1 7 (0.76%) assyst
2 6 (0.65%) Sentinel
3 1 (0.11%) SAP GRC
Cloud Services
1 75 (8.18%) Microsoft Azure
2 70 (7.63%) Amazon AWS
3 30 (3.27%) Office 365
4 26 (2.84%) Google Cloud Platform
5 11 (1.20%) SaaS
6 8 (0.87%) Cloud Computing
6 8 (0.87%) IaaS
6 8 (0.87%) Mimecast
7 4 (0.44%) PaaS
8 3 (0.33%) Azure Active Directory
8 3 (0.33%) OneDrive
9 2 (0.22%) Virtual Private Cloud
Communications & Networking
1 132 (14.39%) Firewall
2 57 (6.22%) Network Security
3 40 (4.36%) WAN
4 25 (2.73%) LAN
5 24 (2.62%) VPN
6 23 (2.51%) Intrusion Detection
7 20 (2.18%) Internet
8 18 (1.96%) SSL
9 14 (1.53%) Cisco IPT
9 14 (1.53%) SCCP
10 13 (1.42%) IPsec
11 10 (1.09%) DNS
11 10 (1.09%) TCP/IP
12 9 (0.98%) VoIP
13 8 (0.87%) DKIM
13 8 (0.87%) DMARC
13 8 (0.87%) PBX
14 7 (0.76%) Broadband
14 7 (0.76%) HTTP
14 7 (0.76%) SMS
Database & Business Intelligence
1 11 (1.20%) Big Data
2 6 (0.65%) GIS
3 2 (0.22%) Geospatial Data
3 2 (0.22%) MySQL
4 1 (0.11%) Data Lake
4 1 (0.11%) Hadoop
4 1 (0.11%) Oracle Database
4 1 (0.11%) QlikView
Development Applications
1 14 (1.53%) Metasploit
2 7 (0.76%) AppScan
3 6 (0.65%) Burp Suite
4 3 (0.33%) JIRA
5 2 (0.22%) SonarQube
General
1 243 (26.50%) Finance
2 72 (7.85%) Legal
3 54 (5.89%) Retail
4 34 (3.71%) Banking
5 25 (2.73%) Telecoms
6 22 (2.40%) Manufacturing
7 10 (1.09%) Back Office
7 10 (1.09%) Investment Banking
7 10 (1.09%) Law
8 9 (0.98%) Games
9 8 (0.87%) Financial Institution
10 7 (0.76%) Retail Banking
11 6 (0.65%) Publishing
12 5 (0.55%) Local Government
13 4 (0.44%) Front Office
13 4 (0.44%) Marketing
14 3 (0.33%) Aerospace
14 3 (0.33%) Corporate Banking
14 3 (0.33%) Military
14 3 (0.33%) Pharmaceutical
Job Titles
1 267 (29.12%) Security Manager
2 158 (17.23%) Information Security Manager
3 153 (16.68%) Information Manager
4 148 (16.14%) Analyst
5 109 (11.89%) Security Analyst
6 105 (11.45%) Consultant
7 101 (11.01%) Security Consultant
8 98 (10.69%) Architect
8 98 (10.69%) Security Architect
9 84 (9.16%) Security Engineer
10 77 (8.40%) Information Analyst
11 76 (8.29%) Information Security Analyst
12 67 (7.31%) Security Officer
13 55 (6.00%) IT Manager
14 50 (5.45%) Information Officer
14 50 (5.45%) Information Security Officer
15 43 (4.69%) Senior Analyst
16 41 (4.47%) Senior Security Analyst
17 38 (4.14%) Information Security Consultant
18 37 (4.03%) Cybersecurity Consultant
Libraries, Frameworks & Software Standards
1 18 (1.96%) SailPoint
2 17 (1.85%) Web Services
3 13 (1.42%) Middleware
4 7 (0.76%) .NET
4 7 (0.76%) LDAP
5 3 (0.33%) ADSI
5 3 (0.33%) LAMP
6 2 (0.22%) ModSecurity
7 1 (0.11%) HTML
7 1 (0.11%) HTML5
7 1 (0.11%) OAuth
7 1 (0.11%) Regular Expression
7 1 (0.11%) SAML
7 1 (0.11%) SPNEGO
7 1 (0.11%) Spring
7 1 (0.11%) XACML
Miscellaneous
1 164 (17.88%) Management Information System
2 82 (8.94%) Analytical Skills
3 54 (5.89%) Security Operations Centre
4 53 (5.78%) Data Centre
5 50 (5.45%) PKI
6 46 (5.02%) Self-Motivation
7 44 (4.80%) Data Protection Act
8 39 (4.25%) Computer Science
9 36 (3.93%) CESG
10 34 (3.71%) Cyberthreat
11 25 (2.73%) Distributed Denial-of-Service
12 19 (2.07%) Cyberattack
13 15 (1.64%) BYOD
13 15 (1.64%) Cyber Defence
13 15 (1.64%) Public Cloud
14 14 (1.53%) Freedom of Information
15 12 (1.31%) Video Conferencing
16 11 (1.20%) Life Science
16 11 (1.20%) NHS
17 8 (0.87%) Smart Meter
Operating Systems
1 101 (11.01%) Windows
2 59 (6.43%) Unix
3 48 (5.23%) Linux
4 17 (1.85%) Windows Server
5 14 (1.53%) Kali Linux
6 9 (0.98%) AIX
7 3 (0.33%) CentOS
7 3 (0.33%) Windows 10
8 2 (0.22%) Android
8 2 (0.22%) Apple iOS
9 1 (0.11%) Solaris
Processes & Methodologies
1 627 (68.38%) Information Security
2 323 (35.22%) Cybersecurity
3 281 (30.64%) Risk Management
4 194 (21.16%) Security Architecture
5 192 (20.94%) SIEM
6 174 (18.97%) ITIL
7 143 (15.59%) Data Protection
8 134 (14.61%) Penetration Testing
9 131 (14.29%) Security Management
10 122 (13.30%) Security Operations
10 122 (13.30%) Stakeholder Management
11 105 (11.45%) Information Security Management
12 100 (10.91%) OWASP
13 96 (10.47%) Vulnerability Management
14 90 (9.81%) Problem-Solving
15 83 (9.05%) Continuous Improvement
15 83 (9.05%) TOGAF
16 82 (8.94%) Identity Access Management
17 79 (8.62%) Agile Software Development
18 77 (8.40%) Security Testing
Programming Languages
1 16 (1.74%) Perl
1 16 (1.74%) Python
2 12 (1.31%) C
3 11 (1.20%) PHP
4 9 (0.98%) Go
4 9 (0.98%) Java
4 9 (0.98%) Ruby
5 5 (0.55%) PowerShell
6 3 (0.33%) Bash Shell
7 2 (0.22%) C#
7 2 (0.22%) C++
7 2 (0.22%) Shell Script
Qualifications
1 899 (98.04%) CISSP
2 399 (43.51%) CISA
3 163 (17.78%) Degree
4 156 (17.01%) SANS
5 150 (16.36%) CEH
6 125 (13.63%) GIAC
7 99 (10.80%) SSCP
8 94 (10.25%) CSSLP
9 92 (10.03%) CRISC
10 85 (9.27%) Security Cleared
11 82 (8.94%) CESG Certified Professional
12 78 (8.51%) CompTIA Security+
13 60 (6.54%) Cisco Certification
14 46 (5.02%) SC Cleared
15 44 (4.80%) CREST Certified
16 35 (3.82%) (ISC)2 CCSP
17 30 (3.27%) CISMP
18 29 (3.16%) ISO 27001 Lead Auditor
19 26 (2.84%) CCSP
20 23 (2.51%) TOGAF Certification
Quality Assurance & Compliance
1 481 (52.45%) ISO/IEC 27001
2 239 (26.06%) PCI DSS
3 174 (18.97%) GDPR
4 85 (9.27%) COBIT
5 65 (7.09%) Cyber Essentials
6 50 (5.45%) Sarbanes-Oxley
7 41 (4.47%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
8 35 (3.82%) HIPAA
9 34 (3.71%) HMG Security Policy Framework
10 26 (2.84%) GCP
11 25 (2.73%) Cyber Essentials PLUS
12 20 (2.18%) ISO 9001
13 17 (1.85%) QA
14 12 (1.31%) IASME
15 11 (1.20%) ISO/IEC 20000
16 8 (0.87%) NIST 800
16 8 (0.87%) RMADS
17 7 (0.76%) ISO 14001
17 7 (0.76%) ISO 22301
18 6 (0.65%) SLA
System Software
1 19 (2.07%) Active Directory
2 7 (0.76%) Hyper-V
3 1 (0.11%) Firmware
3 1 (0.11%) ProxySG
3 1 (0.11%) Snort
3 1 (0.11%) Virtual Desktop
3 1 (0.11%) VMware Infrastructure
Systems Management
1 45 (4.91%) Nessus
2 18 (1.96%) QRadar
3 17 (1.85%) Core Impact
3 17 (1.85%) Nexpose
3 17 (1.85%) OpenVAS
4 10 (1.09%) Nmap
5 7 (0.76%) CSIRT
5 7 (0.76%) HP Fortify
5 7 (0.76%) Norton AntiVirus
6 5 (0.55%) WebInspect
7 4 (0.44%) Trend Micro Deep Security
8 3 (0.33%) Microsoft Intune
8 3 (0.33%) Single Sign-On
9 2 (0.22%) CASB
9 2 (0.22%) Computer Emergency Response Teams
9 2 (0.22%) OSSEC
10 1 (0.11%) FortiGate
Vendors
1 79 (8.62%) Microsoft
2 59 (6.43%) Qualys
3 50 (5.45%) Sophos
3 50 (5.45%) Symantec
4 35 (3.82%) Cisco
5 31 (3.38%) Veracode
6 29 (3.16%) Splunk
7 28 (3.05%) Capita
8 24 (2.62%) LogRhythm
9 22 (2.40%) ArcSight
10 21 (2.29%) CyberArk
11 20 (2.18%) Rapid7
11 20 (2.18%) SolarWinds
12 18 (1.96%) CheckPoint
13 17 (1.85%) AlienVault
13 17 (1.85%) Aveksa
13 17 (1.85%) Bomgar
14 15 (1.64%) Forcepoint
15 14 (1.53%) Juniper
16 12 (1.31%) McAfee