Period
to 22 August 2017

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 22 August 2017 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
22 Aug 2017
Same period 2016 Same period 2015
Rank 312 336 471
Rank change year-on-year +24 +135 +181
Permanent jobs citing CISM 1813 1908 1325
As % of all permanent IT jobs advertised in the UK 1.03% 0.97% 0.61%
As % of the Qualifications category 4.22% 3.61% 2.21%
Number of salaries quoted 1432 1513 1038
UK median annual salary £65,000 £62,500 £60,000
Median salary % change year-on-year +4.00% +4.17% +4.35%
10th Percentile £42,500 £41,250 £41,250
90th Percentile £91,250 £87,500 £86,625
UK excluding London median annual salary £55,000 £55,000 £52,500
% change year-on-year - +4.76% -4.11%

CISM is in the academic qualifications and professional certifications category. The following table is for comparison with the above and provides summary statistics for all academic qualifications and professional certifications cited in permanent job vacancies.

Academic & Professional Certification
UK
Permanent job vacancies requiring academic qualifications or professional certifications 42940 52860 60073
As % of all permanent IT job vacancies advertised in the UK 24.39% 26.83% 27.54%
Number of salaries quoted 32964 42709 47704
UK median annual salary £45,000 £45,000 £45,000
10th Percentile £26,250 £26,250 £25,500
90th Percentile £77,500 £75,000 £73,500
UK excluding London median annual salary £42,500 £42,250 £40,000
% change year-on-year +0.59% +5.63% -

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 22 August 2017.

Salary histogram for CISM in the UK

CISM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 22 August 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +22 1743 £65,000 +4.00% 88
London +60 1010 £70,000 +3.70% 32
UK excluding London -44 770 £55,000 - 60
North of England +1 236 £55,000 - 20
South East -1 215 £60,000 - 23
North West -9 137 £55,000 -3.08% 12
Midlands -64 114 £55,000 - 4
East of England -1 106 £52,500 - 2
West Midlands -51 95 £50,000 -9.09% 4
Yorkshire -1 70 £50,000 -1.96% 7
South West -23 60 £55,000 -15.38% 7
North East +39 29 £47,500 +16.75% 1
Scotland -30 25 £52,500 -6.67% 4
East Midlands -15 15 £55,000 -
Wales +11 7 £45,000 -
Northern Ireland -10 5 £57,500 +43.75%
Channel Islands - 2 £75,000 -

For the 6 months to 22 August 2017, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CISM.

1 1744 (96.19%) CISSP
2 1362 (75.12%) Information Security
3 863 (47.60%) CISA
4 790 (43.57%) ISO/IEC 27001
5 669 (36.90%) Finance
6 599 (33.04%) Cybersecurity
7 452 (24.93%) Risk Management
8 443 (24.43%) Data Protection
8 443 (24.43%) SIEM
9 404 (22.28%) Degree
10 398 (21.95%) Firewall
11 392 (21.62%) ITIL
12 354 (19.53%) PCI DSS
13 322 (17.76%) Security Operations
14 316 (17.43%) Management Information System
15 306 (16.88%) Security Architecture
16 246 (13.57%) Windows
17 245 (13.51%) Linux
18 234 (12.91%) Penetration Testing
19 231 (12.74%) CRISC
20 222 (12.24%) Security Management
21 215 (11.86%) Vulnerability Management
22 213 (11.75%) CEH
22 213 (11.75%) Banking
23 201 (11.09%) Stakeholder Management
24 196 (10.81%) Data Protection Act
25 190 (10.48%) Computer Science
26 186 (10.26%) Agile Software Development
27 183 (10.09%) GDPR
28 180 (9.93%) ISO/IEC 27002 (supersedes ISO/IEC 17799)

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 46 (2.54%) IIS
2 10 (0.55%) Apache
2 10 (0.55%) SharePoint
3 8 (0.44%) WebSphere
4 2 (0.11%) Apache Spark
4 2 (0.11%) OpenStack
5 1 (0.055%) Apache Pig
5 1 (0.055%) Blackberry Enterprise Server
5 1 (0.055%) Elasticsearch
5 1 (0.055%) SAS
Applications
1 28 (1.54%) Microsoft Excel
2 25 (1.38%) Microsoft PowerPoint
3 24 (1.32%) Microsoft Office
4 14 (0.77%) Microsoft Project
5 5 (0.28%) MS Visio
6 3 (0.17%) Maya
7 1 (0.055%) Spreadsheet
Business Applications
1 28 (1.54%) Oracle Applications
2 11 (0.61%) assyst
3 9 (0.50%) Sentinel
4 4 (0.22%) Infor M3
4 4 (0.22%) Payment Gateway
5 1 (0.055%) SAP ERP
5 1 (0.055%) SAP GRC
Cloud Services
1 90 (4.96%) Amazon AWS
2 50 (2.76%) Microsoft Azure
3 37 (2.04%) Office 365
4 29 (1.60%) SaaS
5 25 (1.38%) IaaS
6 11 (0.61%) Google Cloud Platform
7 9 (0.50%) G Suite
8 8 (0.44%) Azure Active Directory
8 8 (0.44%) Cloud Computing
8 8 (0.44%) Sumo Logic
9 7 (0.39%) AWS CloudFormation
10 6 (0.33%) PaaS
10 6 (0.33%) Virtual Private Cloud
11 4 (0.22%) Mimecast
12 1 (0.055%) Amazon CloudWatch
12 1 (0.055%) Amazon EC2
12 1 (0.055%) Amazon S3
12 1 (0.055%) AWS CloudTrail
12 1 (0.055%) CloudFront
12 1 (0.055%) GitHub
Communications & Networking
1 398 (21.95%) Firewall
2 163 (8.99%) Network Security
3 137 (7.56%) TCP/IP
4 116 (6.40%) Intrusion Detection
5 76 (4.19%) Internet
6 69 (3.81%) WAN
7 58 (3.20%) LAN
8 32 (1.77%) Cisco ASA
8 32 (1.77%) VPN
9 27 (1.49%) VoIP
10 25 (1.38%) DNS
11 21 (1.16%) Wireless
12 12 (0.66%) SSL
13 10 (0.55%) DHCP
13 10 (0.55%) SCCP
13 10 (0.55%) Software-Defined Networking
14 8 (0.44%) Cisco PIX
14 8 (0.44%) LDAP
14 8 (0.44%) Value-Added Service
15 7 (0.39%) BGP
Database & Business Intelligence
1 21 (1.16%) SQL Server
2 10 (0.55%) Big Data
3 9 (0.50%) MySQL
4 8 (0.44%) GIS
5 7 (0.39%) NoSQL
6 2 (0.11%) Apache Cassandra
6 2 (0.11%) Hadoop
6 2 (0.11%) MongoDB
6 2 (0.11%) Relational Database
7 1 (0.055%) Amazon RDS
7 1 (0.055%) Apache Hive
7 1 (0.055%) Data Warehouse
7 1 (0.055%) Oracle Database
7 1 (0.055%) PostgreSQL
7 1 (0.055%) SQL Server 2008
7 1 (0.055%) SQL Server 2012
7 1 (0.055%) SQL Server 2014
Development Applications
1 14 (0.77%) Jenkins
1 14 (0.77%) Metasploit
2 12 (0.66%) AppScan
3 11 (0.61%) Burp Suite
4 7 (0.39%) Paros
5 2 (0.11%) Rational DOORS
5 2 (0.11%) WebScarab
6 1 (0.055%) Subversion
General
1 669 (36.90%) Finance
2 213 (11.75%) Banking
3 156 (8.60%) Legal
4 99 (5.46%) Retail
5 96 (5.30%) Telecoms
6 48 (2.65%) Manufacturing
7 43 (2.37%) Law
7 43 (2.37%) Marketing
8 42 (2.32%) Investment Banking
9 41 (2.26%) Retail Banking
10 33 (1.82%) Electronics
11 17 (0.94%) Financial Institution
12 16 (0.88%) Private Banking
13 14 (0.77%) Advertising
14 10 (0.55%) Digital Economy
15 8 (0.44%) Games
15 8 (0.44%) Local Government
16 7 (0.39%) Military
16 7 (0.39%) Pharmaceutical
16 7 (0.39%) Publishing
Job Titles
1 396 (21.84%) Security Manager
2 394 (21.73%) Analyst
3 331 (18.26%) Security Analyst
4 247 (13.62%) Consultant
5 216 (11.91%) Security Consultant
6 164 (9.05%) Information Security Manager
7 163 (8.99%) Information Manager
8 159 (8.77%) Security Engineer
9 141 (7.78%) Information Analyst
9 141 (7.78%) Information Security Analyst
10 112 (6.18%) Architect
11 111 (6.12%) Security Architect
12 106 (5.85%) IT Manager
13 103 (5.68%) Security Specialist
14 102 (5.63%) IT Analyst
15 96 (5.30%) Cybersecurity Manager
16 93 (5.13%) Security Officer
17 90 (4.96%) IT Security Manager
18 84 (4.63%) IT Security Analyst
19 74 (4.08%) Head of Security
Libraries, Frameworks & Software Standards
1 56 (3.09%) SailPoint
2 27 (1.49%) Web Services
3 19 (1.05%) RESTful
4 16 (0.88%) .NET
5 11 (0.61%) HTML
5 11 (0.61%) XML
6 9 (0.50%) 802.1X
6 9 (0.50%) Middleware
6 9 (0.50%) OAuth
7 8 (0.44%) MSMQ
7 8 (0.44%) WebSphere MQ
8 6 (0.33%) J2EE
9 5 (0.28%) ASP.NET
9 5 (0.28%) ASP.NET MVC
9 5 (0.28%) boto
9 5 (0.28%) CSS
9 5 (0.28%) JSP
9 5 (0.28%) XSL
10 4 (0.22%) ASP.NET Web API
10 4 (0.22%) OAuth2
Miscellaneous
1 316 (17.43%) Management Information System
2 196 (10.81%) Data Protection Act
3 190 (10.48%) Computer Science
4 165 (9.10%) Analytical Skills
5 52 (2.87%) Data Centre
6 48 (2.65%) CESG
7 45 (2.48%) Distributed Denial-of-Service
7 45 (2.48%) PKI
8 41 (2.26%) Cyberthreat
9 38 (2.10%) Cyber Attack
10 32 (1.77%) Security Operations Centre
11 23 (1.27%) Cyber Defence
12 21 (1.16%) Greenfield Project
13 17 (0.94%) NHS
14 16 (0.88%) Fintech
15 15 (0.83%) FMCG
16 14 (0.77%) Mainframe
16 14 (0.77%) Smart Meter
17 12 (0.66%) Freedom of Information
17 12 (0.66%) Virtual Team
Operating Systems
1 246 (13.57%) Windows
2 245 (13.51%) Linux
3 135 (7.45%) Windows Server
4 99 (5.46%) Unix
5 58 (3.20%) Apple iOS
6 32 (1.77%) Mac OS X
7 29 (1.60%) Android
8 23 (1.27%) Windows Server 2008
9 18 (0.99%) Windows Server 2012
10 15 (0.83%) Kali Linux
11 11 (0.61%) Windows Server 2003
12 8 (0.44%) CentOS
13 6 (0.33%) Windows 7
14 2 (0.11%) FreeBSD
14 2 (0.11%) HPUX
15 1 (0.055%) AIX
15 1 (0.055%) OpenBSD
15 1 (0.055%) Red Hat Enterprise Linux
15 1 (0.055%) Solaris
15 1 (0.055%) Windows XP
Processes & Methodologies
1 1362 (75.12%) Information Security
2 599 (33.04%) Cybersecurity
3 452 (24.93%) Risk Management
4 443 (24.43%) Data Protection
4 443 (24.43%) SIEM
5 392 (21.62%) ITIL
6 322 (17.76%) Security Operations
7 306 (16.88%) Security Architecture
8 234 (12.91%) Penetration Testing
9 222 (12.24%) Security Management
10 215 (11.86%) Vulnerability Management
11 201 (11.09%) Stakeholder Management
12 186 (10.26%) Agile Software Development
13 177 (9.76%) Risk Assessment
14 165 (9.10%) Project Management
15 153 (8.44%) Incident Management
16 147 (8.11%) Vulnerability Assessment
17 144 (7.94%) Information Security Management
17 144 (7.94%) ISMS
18 138 (7.61%) Identity Access Management
Programming Languages
1 65 (3.59%) Python
2 48 (2.65%) Java
3 43 (2.37%) Perl
4 42 (2.32%) SQL
5 34 (1.88%) C
6 28 (1.54%) JavaScript
7 21 (1.16%) C#
8 19 (1.05%) PHP
9 18 (0.99%) C++
10 13 (0.72%) Ruby
11 11 (0.61%) PowerShell
12 9 (0.50%) VB.NET
13 7 (0.39%) Bourne shell
13 7 (0.39%) Korn
14 5 (0.28%) Objective-C
14 5 (0.28%) VB
15 2 (0.11%) Bash Shell
16 1 (0.055%) Shell Script
Qualifications
1 1744 (96.19%) CISSP
2 863 (47.60%) CISA
3 404 (22.28%) Degree
4 231 (12.74%) CRISC
5 213 (11.75%) CEH
6 148 (8.16%) Cisco Certification
7 145 (8.00%) SANS
8 130 (7.17%) GIAC
9 112 (6.18%) CESG Certified Professional
10 100 (5.52%) Security Cleared
11 88 (4.85%) SSCP
12 82 (4.52%) SC Cleared
13 74 (4.08%) Computer Science Degree
13 74 (4.08%) GSEC
14 72 (3.97%) (ISC)2 CCSP
15 62 (3.42%) CCNP
16 58 (3.20%) CCNA
17 55 (3.03%) CCSP
18 54 (2.98%) GISF
19 44 (2.43%) ISO 27001 Lead Auditor
Quality Assurance & Compliance
1 790 (43.57%) ISO/IEC 27001
2 354 (19.53%) PCI DSS
3 183 (10.09%) GDPR
4 180 (9.93%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 141 (7.78%) COBIT
6 128 (7.06%) Cyber Essentials
7 80 (4.41%) Sarbanes-Oxley
8 44 (2.43%) ISO 22301
9 38 (2.10%) ISO/IEC 27005
10 29 (1.60%) ISO 9001
11 27 (1.49%) HMG Security Policy Framework
12 23 (1.27%) SLA
13 21 (1.16%) Data Quality
14 17 (0.94%) ISO 31000
15 16 (0.88%) ISO 14001
16 14 (0.77%) COSO
16 14 (0.77%) PA-DSS
17 13 (0.72%) QA
18 12 (0.66%) HIPAA
19 9 (0.50%) SSAE 16
System Software
1 162 (8.94%) Active Directory
2 20 (1.10%) Snort
3 14 (0.77%) vSphere
4 13 (0.72%) VMware Infrastructure
5 10 (0.55%) VMware ESXi
6 3 (0.17%) Docker
7 2 (0.11%) XenApp
8 1 (0.055%) Postfix
8 1 (0.055%) Virtual Machines
8 1 (0.055%) Xen
Systems Management
1 106 (5.85%) Nessus
2 64 (3.53%) SCCM
3 57 (3.14%) McAfee ePO
4 36 (1.99%) QRadar
5 29 (1.60%) CSIRT
6 26 (1.43%) PowerBroker
7 22 (1.21%) Core Impact
7 22 (1.21%) Nexpose
7 22 (1.21%) OpenVAS
7 22 (1.21%) RSA Security Analytics
7 22 (1.21%) WSUS
8 17 (0.94%) Network Intrusion Detection System
9 15 (0.83%) Puppet
10 14 (0.77%) Ansible
11 12 (0.66%) Nmap
12 10 (0.55%) Computer Emergency Response Teams
12 10 (0.55%) SCOM
13 7 (0.39%) FortiGate
14 5 (0.28%) Oracle Identity Management
14 5 (0.28%) Oracle Identity Manager
Vendors
1 124 (6.84%) Splunk
2 115 (6.34%) Microsoft
3 108 (5.96%) Cisco
4 73 (4.03%) McAfee
5 71 (3.92%) CyberArk
6 65 (3.59%) CheckPoint
6 65 (3.59%) LogRhythm
7 64 (3.53%) Oracle
7 64 (3.53%) Palo Alto
8 59 (3.25%) Symantec
9 55 (3.03%) AlienVault
10 52 (2.87%) Qualys
11 50 (2.76%) Aveksa
12 36 (1.99%) Apple
13 34 (1.88%) SAP
14 30 (1.65%) ArcSight
15 26 (1.43%) Bomgar
16 24 (1.32%) SolarWinds
17 22 (1.21%) IBM
18 20 (1.10%) Acunetix