CISM jobs, average salaries and co-occurring skill trends

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 21 August 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM) UK
Location	6 months to 21 Aug 2018	Same period 2017	Same period 2016
Rank	314	323	335
Rank change year-on-year	+9	+12	+150
Permanent jobs citing CISM	1,755	1,811	1,908
As % of all permanent IT jobs advertised in the UK	1.04%	1.03%	0.97%
As % of the Qualifications category	4.39%	4.19%	3.59%
Number of salaries quoted	1,271	1,428	1,516
UK median annual salary	£65,000	£65,000	£62,500
Median salary % change year-on-year	-	+4.00%	+4.17%
10th Percentile	£42,500	£42,500	£41,250
90th Percentile	£95,000	£91,250	£87,500
UK excluding London median annual salary	£60,000	£55,000	£55,000
% change year-on-year	+9.09%	-	+4.76%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications UK
Permanent vacancies requiring academic qualifications or professional certifications	39,972	43,225	53,094
As % of all permanent IT jobs advertised in the UK	23.65%	24.52%	26.94%
Number of salaries quoted	29,732	33,183	42,889
UK median annual salary	£50,000	£45,000	£45,000
Median salary % change year-on-year	+11.11%	-	-
10th Percentile	£26,250	£26,250	£26,250
90th Percentile	£80,000	£77,500	£75,250
UK excluding London median annual salary	£45,000	£42,500	£42,500
% change year-on-year	+5.88%	-	+6.25%

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 21 August 2018.

CISM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 21 August 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	-4	1,670	£65,000	-	143
UK excluding London	+41	922	£60,000	+9.09%	96
London	-30	797	£75,000	+7.14%	52
South East	+61	315	£60,000	-	30
North of England	-3	192	£57,500	+4.55%	21
East of England	+77	172	£70,000	+33.33%	8
Midlands	+38	147	£57,500	+4.55%	15
West Midlands	+49	118	£57,000	+14.00%	12
North West	-25	90	£55,000	-	6
Yorkshire	+46	82	£57,500	+15.00%	12
South West	-9	45	£55,000	-	17
Scotland	0	34	£49,500	-5.71%	4
East Midlands	+9	24	£65,000	+18.18%	3
North East	-26	20	£65,750	+38.42%	3
Wales	+14	13	£40,210	-10.65%	1
Isle of Man	-	5	£55,000	-
Northern Ireland	-3	1	£52,500	-8.70%

CISM
Top 30 Co-occurring IT Skills

For the 6 months to 21 August 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1	1,704 (97.09%)	CISSP
2	1,255 (71.51%)	Information Security
3	882 (50.26%)	CISA
4	806 (45.93%)	ISO/IEC 27001
5	707 (40.28%)	Cybersecurity
6	534 (30.43%)	Risk Management
7	490 (27.92%)	Finance
8	403 (22.96%)	PCI DSS
9	382 (21.77%)	GDPR
10	359 (20.46%)	SIEM
11	317 (18.06%)	Security Architecture
12	313 (17.83%)	Management Information System
13	312 (17.78%)	Degree
14	304 (17.32%)	ITIL
15	291 (16.58%)	Data Protection

16	279 (15.90%)	Firewall
17	259 (14.76%)	Penetration Testing
18	250 (14.25%)	CEH
19	247 (14.07%)	CRISC
20	233 (13.28%)	SANS
21	232 (13.22%)	Stakeholder Management
22	224 (12.76%)	Windows
23	204 (11.62%)	Security Operations
24	199 (11.34%)	GIAC
25	192 (10.94%)	Vulnerability Management
26	181 (10.31%)	Analytical Skills
27	180 (10.26%)	COBIT
28	178 (10.14%)	Security Management
29	174 (9.91%)	Agile Software Development
30	165 (9.40%)	Problem-Solving

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	41 (2.34%)	IIS
2	15 (0.85%)	SharePoint
3	6 (0.34%)	Confluence
4	5 (0.28%)	MS Exchange
5	3 (0.17%)	Apache
6	2 (0.11%)	CMS
7	1 (0.057%)	JBoss
7	1 (0.057%)	SAS
7	1 (0.057%)	SharePoint 2013
7	1 (0.057%)	Tomcat
7	1 (0.057%)	WebLogic

Applications
1	16 (0.91%)	Microsoft Office
2	8 (0.46%)	MS Visio
3	1 (0.057%)	Microsoft Project
3	1 (0.057%)	Spreadsheet

Business Applications
1	9 (0.51%)	assyst
2	7 (0.40%)	Distributed Ledger
2	7 (0.40%)	Sentinel
3	6 (0.34%)	SAP GRC
4	3 (0.17%)	Infor M3
5	1 (0.057%)	Oracle Applications

Cloud Services
1	92 (5.24%)	Amazon AWS
2	81 (4.62%)	Microsoft Azure
3	38 (2.17%)	Office 365
4	24 (1.37%)	Mimecast
5	18 (1.03%)	Google Cloud Platform
6	17 (0.97%)	SaaS
7	11 (0.63%)	Cloud Computing
8	9 (0.51%)	IaaS
9	5 (0.28%)	PaaS
10	4 (0.23%)	OneDrive
11	3 (0.17%)	Azure Active Directory
11	3 (0.17%)	Virtual Private Cloud
12	1 (0.057%)	Yammer

Communications & Networking
1	279 (15.90%)	Firewall
2	120 (6.84%)	Network Security
3	88 (5.01%)	Intrusion Detection
4	56 (3.19%)	TCP/IP
5	49 (2.79%)	WAN
6	47 (2.68%)	Internet
7	36 (2.05%)	LAN
8	27 (1.54%)	VPN
9	18 (1.03%)	DNS
9	18 (1.03%)	SCCP
10	16 (0.91%)	SSL
11	15 (0.85%)	VoIP
12	14 (0.80%)	DKIM
12	14 (0.80%)	DMARC
13	13 (0.74%)	Broadband
13	13 (0.74%)	IPsec
14	12 (0.68%)	Cisco IPT
15	11 (0.63%)	Cisco Firepower
16	9 (0.51%)	HTTP
16	9 (0.51%)	Wireless

Database & Business Intelligence
1	16 (0.91%)	Big Data
2	8 (0.46%)	GIS
3	7 (0.40%)	Blockchain
4	3 (0.17%)	Geospatial Data
5	2 (0.11%)	MySQL
6	1 (0.057%)	Data Lake
6	1 (0.057%)	Hadoop
6	1 (0.057%)	QlikView

Development Applications
1	16 (0.91%)	Metasploit
2	10 (0.57%)	AppScan
3	8 (0.46%)	Burp Suite
4	6 (0.34%)	JIRA
5	2 (0.11%)	SonarQube
6	1 (0.057%)	Jenkins

General
1	490 (27.92%)	Finance
2	152 (8.66%)	Legal
3	96 (5.47%)	Retail
4	94 (5.36%)	Banking
5	44 (2.51%)	Investment Banking
5	44 (2.51%)	Telecoms
6	22 (1.25%)	Law
7	19 (1.08%)	Manufacturing
8	17 (0.97%)	Games
9	16 (0.91%)	Financial Institution
10	14 (0.80%)	Marketing
11	13 (0.74%)	Publishing
12	12 (0.68%)	Local Government
13	10 (0.57%)	Billing
13	10 (0.57%)	Pharmaceutical
14	9 (0.51%)	Retail Banking
15	5 (0.28%)	Advertising
15	5 (0.28%)	Back Office
15	5 (0.28%)	Corporate Banking
16	4 (0.23%)	Aerospace

Job Titles
1	465 (26.50%)	Security Manager
2	281 (16.01%)	Analyst
3	250 (14.25%)	Information Security Manager
4	249 (14.19%)	Information Manager
5	213 (12.14%)	Consultant
6	212 (12.08%)	Security Analyst
7	194 (11.05%)	Security Consultant
8	161 (9.17%)	Architect
9	158 (9.00%)	Security Architect
10	144 (8.21%)	Security Engineer
10	144 (8.21%)	Security Officer
11	131 (7.46%)	Information Analyst
12	129 (7.35%)	Information Security Analyst
13	124 (7.07%)	IT Manager
14	111 (6.32%)	Information Security Officer
15	103 (5.87%)	Information Officer
16	84 (4.79%)	IT Security Manager
17	82 (4.67%)	Cybersecurity Consultant
17	82 (4.67%)	Head of Security
18	79 (4.50%)	Risk Manager

Libraries, Frameworks & Software Standards
1	27 (1.54%)	Web Services
2	24 (1.37%)	SailPoint
3	13 (0.74%)	Elastic Stack
4	10 (0.57%)	.NET
4	10 (0.57%)	Middleware
5	9 (0.51%)	LDAP
6	4 (0.23%)	LAMP
7	3 (0.17%)	ADSI
7	3 (0.17%)	ModSecurity
8	2 (0.11%)	Spring
9	1 (0.057%)	HTML
9	1 (0.057%)	HTML5
9	1 (0.057%)	OAuth
9	1 (0.057%)	Regular Expression
9	1 (0.057%)	SAML
9	1 (0.057%)	SPNEGO
9	1 (0.057%)	XACML

Miscellaneous
1	313 (17.83%)	Management Information System
2	181 (10.31%)	Analytical Skills
3	91 (5.19%)	Computer Science
4	88 (5.01%)	Data Protection Act
5	74 (4.22%)	PKI
6	67 (3.82%)	Security Operations Centre
7	66 (3.76%)	Data Centre
8	55 (3.13%)	Self-Motivation
9	52 (2.96%)	Cyberthreat
10	49 (2.79%)	CESG
11	36 (2.05%)	Distributed Denial-of-Service
12	32 (1.82%)	Cyberattack
13	22 (1.25%)	Fintech
14	19 (1.08%)	Enterprise Software
15	17 (0.97%)	Freedom of Information
16	15 (0.85%)	BYOD
16	15 (0.85%)	Public Cloud
17	13 (0.74%)	Internet of Things
17	13 (0.74%)	Life Science
17	13 (0.74%)	Video Conferencing

Operating Systems
1	224 (12.76%)	Windows
2	151 (8.60%)	Linux
3	109 (6.21%)	Unix
4	49 (2.79%)	Windows Server
5	15 (0.85%)	Kali Linux
5	15 (0.85%)	Windows Server 2008
5	15 (0.85%)	Windows Server 2012
6	12 (0.68%)	AIX
7	10 (0.57%)	CentOS
8	6 (0.34%)	HPUX
8	6 (0.34%)	Red Hat Enterprise Linux
8	6 (0.34%)	Windows Server 2003
8	6 (0.34%)	Windows XP
9	3 (0.17%)	Android
9	3 (0.17%)	Apple iOS
9	3 (0.17%)	Windows 10
10	2 (0.11%)	Ubuntu

Processes & Methodologies
1	1,255 (71.51%)	Information Security
2	707 (40.28%)	Cybersecurity
3	534 (30.43%)	Risk Management
4	359 (20.46%)	SIEM
5	317 (18.06%)	Security Architecture
6	304 (17.32%)	ITIL
7	291 (16.58%)	Data Protection
8	259 (14.76%)	Penetration Testing
9	232 (13.22%)	Stakeholder Management
10	204 (11.62%)	Security Operations
11	192 (10.94%)	Vulnerability Management
12	178 (10.14%)	Security Management
13	174 (9.91%)	Agile Software Development
14	165 (9.40%)	Problem-Solving
15	152 (8.66%)	OWASP
16	140 (7.98%)	Identity Access Management
17	132 (7.52%)	Risk Assessment
18	121 (6.89%)	Information Security Management
19	120 (6.84%)	Continuous Improvement
20	114 (6.50%)	Vulnerability Scanning

Programming Languages
1	25 (1.42%)	Python
2	20 (1.14%)	Perl
3	19 (1.08%)	C
4	15 (0.85%)	Java
5	12 (0.68%)	Bash Shell
6	11 (0.63%)	PHP
7	9 (0.51%)	Go
7	9 (0.51%)	Ruby
8	7 (0.40%)	PowerShell
9	5 (0.28%)	Shell Script
10	4 (0.23%)	C++
11	3 (0.17%)	C#

Qualifications
1	1,704 (97.09%)	CISSP
2	882 (50.26%)	CISA
3	312 (17.78%)	Degree
4	250 (14.25%)	CEH
5	247 (14.07%)	CRISC
6	233 (13.28%)	SANS
7	199 (11.34%)	GIAC
8	146 (8.32%)	SSCP
9	120 (6.84%)	Security Cleared
10	115 (6.55%)	Cisco Certification
11	110 (6.27%)	CESG Certified Professional
12	101 (5.75%)	CompTIA Security+
13	98 (5.58%)	CSSLP
14	75 (4.27%)	SC Cleared
15	57 (3.25%)	CREST Certified
15	57 (3.25%)	ISO 27001 Lead Auditor
16	47 (2.68%)	(ISC)2 CCSP
17	45 (2.56%)	CISMP
18	44 (2.51%)	CCNA
18	44 (2.51%)	Computer Science Degree

Quality Assurance & Compliance
1	806 (45.93%)	ISO/IEC 27001
2	403 (22.96%)	PCI DSS
3	382 (21.77%)	GDPR
4	180 (10.26%)	COBIT
5	114 (6.50%)	Cyber Essentials
6	87 (4.96%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
7	66 (3.76%)	Sarbanes-Oxley
8	55 (3.13%)	HMG Security Policy Framework
9	40 (2.28%)	Cyber Essentials PLUS
10	39 (2.22%)	HIPAA
11	30 (1.71%)	ISO 9001
12	28 (1.60%)	QA
13	23 (1.31%)	ISO 22301
14	22 (1.25%)	NIST 800
15	19 (1.08%)	ISO/IEC 20000
16	17 (0.97%)	GCP
16	17 (0.97%)	MiFID
17	13 (0.74%)	ISAE 3402
18	12 (0.68%)	IASME
18	12 (0.68%)	RMADS

System Software
1	38 (2.17%)	Active Directory
2	14 (0.80%)	Snort
3	9 (0.51%)	Hyper-V
4	5 (0.28%)	VMware Infrastructure
5	4 (0.23%)	vSphere
6	3 (0.17%)	Docker
7	1 (0.057%)	Firmware
7	1 (0.057%)	ProxySG
7	1 (0.057%)	Virtual Desktop

Systems Management
1	54 (3.08%)	Nessus
2	23 (1.31%)	QRadar
3	19 (1.08%)	Core Impact
3	19 (1.08%)	Nexpose
3	19 (1.08%)	OpenVAS
4	17 (0.97%)	Single Sign-On
5	15 (0.85%)	OSSEC
6	11 (0.63%)	Nmap
7	9 (0.51%)	CASB
7	9 (0.51%)	CSIRT
8	8 (0.46%)	HP Fortify
8	8 (0.46%)	Norton AntiVirus
9	5 (0.28%)	Host Intrusion Detection System
10	4 (0.23%)	Trend Micro Deep Security
11	3 (0.17%)	Microsoft Intune
11	3 (0.17%)	Network Intrusion Detection System
11	3 (0.17%)	RSA Archer
11	3 (0.17%)	WebInspect
12	2 (0.11%)	SCCM
12	2 (0.11%)	WSUS

Vendors
1	106 (6.04%)	Microsoft
2	81 (4.62%)	Cisco
3	74 (4.22%)	Sophos
4	72 (4.10%)	Symantec
5	68 (3.87%)	Qualys
6	45 (2.56%)	Splunk
7	43 (2.45%)	LogRhythm
8	35 (1.99%)	Capita
8	35 (1.99%)	CheckPoint
9	29 (1.65%)	ArcSight
10	25 (1.42%)	CyberArk
11	23 (1.31%)	Forcepoint
12	21 (1.20%)	Rapid7
12	21 (1.20%)	SolarWinds
13	20 (1.14%)	Fortinet
13	20 (1.14%)	Palo Alto
13	20 (1.14%)	Veracode
14	19 (1.08%)	AlienVault
14	19 (1.08%)	Aveksa
14	19 (1.08%)	Bomgar

149 CISM job vacancies Nationwide

CISMJob Vacancy Trend

CISMSalary Trend

CISMSalary Histogram

CISMTop 17 Job Locations

CISMTop 30 Co-occurring IT Skills