Period
to 15 July 2019

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 15 July 2019 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
15 Jul 2019
Same period 2018 Same period 2017
Rank 358 320 318
Rank change year-on-year -38 -2 +19
Permanent jobs citing CISM 1,264 1,844 1,844
As % of all permanent IT jobs advertised in the UK 0.87% 1.05% 1.03%
As % of the Qualifications category 3.57% 4.41% 4.16%
Number of salaries quoted 997 1,362 1,459
UK median annual salary £65,000 £65,000 £63,500
Median salary % change year-on-year - +2.36% +5.83%
10th Percentile £42,500 £45,000 £42,500
90th Percentile £95,000 £97,500 £90,000
UK excluding London median annual salary £60,000 £60,000 £55,000
% change year-on-year - +9.09% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 35,438 41,842 44,338
As % of all permanent IT jobs advertised in the UK 24.28% 23.77% 24.81%
Number of salaries quoted 25,669 31,138 34,450
UK median annual salary £50,000 £50,000 £45,000
Median salary % change year-on-year - +11.11% -2.17%
10th Percentile £26,500 £26,250 £26,250
90th Percentile £82,500 £80,000 £77,500
UK excluding London median annual salary £45,000 £44,582 £42,500
% change year-on-year +0.94% +4.90% -

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 15 July 2019.

Salary histogram for CISM in the UK

CISM
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 15 July 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -41 1,194 £65,000 - 166
UK excluding London -21 721 £60,000 - 107
London -69 515 £77,500 +3.33% 69
North of England +19 195 £58,500 +1.74% 21
South East -58 193 £62,500 +4.17% 27
Midlands +13 115 £55,000 -4.35% 19
North West +34 108 £59,000 +7.27% 9
East of England +28 90 £64,000 -1.54% 8
Yorkshire +5 81 £58,500 +1.74% 10
South West +61 80 £53,750 -2.27% 22
West Midlands -3 80 £53,750 -6.52% 14
East Midlands +28 34 £57,500 -11.54% 5
Scotland +7 32 £58,500 +30.36% 7
Wales +20 16 £70,000 +74.09% 2
North East +5 5 £54,500 -20.15% 2

For the 6 months to 15 July 2019, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 1,228 (97.15%) CISSP
2 888 (70.25%) Information Security
3 658 (52.06%) ISO/IEC 27001
4 615 (48.66%) Cybersecurity
5 604 (47.78%) CISA
6 372 (29.43%) Risk Management
7 331 (26.19%) Finance
8 314 (24.84%) Degree
9 312 (24.68%) Management Information System
10 273 (21.60%) PCI DSS
11 267 (21.12%) Security Architecture
11 267 (21.12%) NIST
12 262 (20.73%) GDPR
13 236 (18.67%) CRISC
14 231 (18.28%) SIEM
15 207 (16.38%) ITIL
16 191 (15.11%) Security Management
17 185 (14.64%) Security Operations
18 179 (14.16%) Agile Software Development
19 176 (13.92%) Firewall
20 172 (13.61%) Penetration Testing
21 167 (13.21%) Data Protection
22 165 (13.05%) CEH
23 146 (11.55%) Vulnerability Management
24 142 (11.23%) Stakeholder Management
25 135 (10.68%) Information Security Management
26 130 (10.28%) Retail
26 130 (10.28%) Cisco Certification
27 127 (10.05%) TOGAF
28 118 (9.34%) Microsoft Azure

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 21 (1.66%) IIS
2 13 (1.03%) SharePoint
3 6 (0.47%) WebSphere
4 3 (0.24%) Skype for Business
5 2 (0.16%) BizTalk Server
5 2 (0.16%) Confluence
5 2 (0.16%) MS Exchange
6 1 (0.079%) Apache
6 1 (0.079%) CMS
6 1 (0.079%) ExpressionEngine
6 1 (0.079%) OpenStack
6 1 (0.079%) WordPress
Applications
1 24 (1.90%) Microsoft Excel
2 17 (1.34%) Microsoft PowerPoint
3 4 (0.32%) Microsoft Office
4 2 (0.16%) MS Visio
Business Applications
1 5 (0.40%) Sparx Enterprise Architect
2 2 (0.16%) assyst
3 1 (0.079%) SAP ERP
Cloud Services
1 118 (9.34%) Microsoft Azure
2 100 (7.91%) Amazon AWS
3 51 (4.03%) Google Cloud Platform
4 25 (1.98%) SaaS
5 14 (1.11%) Cloud Computing
6 13 (1.03%) IaaS
7 12 (0.95%) PaaS
8 11 (0.87%) Office 365
8 11 (0.87%) Power Platform
9 8 (0.63%) Azure Active Directory
10 5 (0.40%) Microsoft Flow
11 4 (0.32%) Mimecast
12 1 (0.079%) Amazon EC2
12 1 (0.079%) Amazon S3
12 1 (0.079%) CloudFront
12 1 (0.079%) Dynamics 365
12 1 (0.079%) GitHub
12 1 (0.079%) IBM Cloud
12 1 (0.079%) Sumo Logic
12 1 (0.079%) Yammer
Communications & Networking
1 176 (13.92%) Firewall
2 80 (6.33%) Network Security
3 47 (3.72%) HTTP
4 40 (3.16%) Intrusion Detection
5 33 (2.61%) TCP/IP
6 30 (2.37%) VPN
7 28 (2.22%) DNS
8 16 (1.27%) WAN
9 12 (0.95%) LAN
10 11 (0.87%) IPsec
11 10 (0.79%) Internet
12 7 (0.55%) BGP
12 7 (0.55%) Cisco Nexus
12 7 (0.55%) EIGRP
12 7 (0.55%) SSL
13 6 (0.47%) Cisco IPT
13 6 (0.47%) VLAN
14 5 (0.40%) MPLS
14 5 (0.40%) SCCP
14 5 (0.40%) Wireless
Database & Business Intelligence
1 28 (2.22%) Big Data
2 7 (0.55%) Power BI
3 5 (0.40%) GIS
4 3 (0.24%) Maltego
5 2 (0.16%) Data Lake
6 1 (0.079%) Amazon RDS
6 1 (0.079%) Data Warehouse
6 1 (0.079%) EDRMS
6 1 (0.079%) MongoDB
6 1 (0.079%) MySQL
6 1 (0.079%) Oracle Database
6 1 (0.079%) PostgreSQL
6 1 (0.079%) SQL Server
Development Applications
1 10 (0.79%) JIRA
2 7 (0.55%) SonarQube
2 7 (0.55%) Visual Studio
3 5 (0.40%) AppScan
4 3 (0.24%) Metasploit
5 1 (0.079%) Git (software)
General
1 331 (26.19%) Finance
2 130 (10.28%) Retail
3 108 (8.54%) Banking
4 89 (7.04%) Legal
5 27 (2.14%) Law
6 22 (1.74%) Telecoms
7 16 (1.27%) Billing
8 14 (1.11%) Marketing
9 10 (0.79%) Multimedia
10 7 (0.55%) Back Office
11 6 (0.47%) Aerospace
11 6 (0.47%) Financial Institution
11 6 (0.47%) Games
12 4 (0.32%) Retail Banking
13 3 (0.24%) Pharmaceutical
14 2 (0.16%) Private Banking
14 2 (0.16%) Publishing
15 1 (0.079%) Electronics
15 1 (0.079%) International Banking
15 1 (0.079%) Local Government
Job Titles
1 270 (21.36%) Security Manager
2 224 (17.72%) Analyst
3 205 (16.22%) Security Analyst
4 170 (13.45%) Consultant
5 154 (12.18%) Security Consultant
6 146 (11.55%) Architect
7 142 (11.23%) Security Architect
8 140 (11.08%) Information Security Manager
9 136 (10.76%) Information Analyst
9 136 (10.76%) Information Security Analyst
10 134 (10.60%) Information Manager
11 84 (6.65%) Security Officer
12 76 (6.01%) Security Specialist
13 69 (5.46%) Head of Security
14 64 (5.06%) Security Engineer
15 59 (4.67%) Information Security Officer
16 58 (4.59%) Cybersecurity Consultant
17 56 (4.43%) Cybersecurity Manager
18 53 (4.19%) Senior Analyst
19 52 (4.11%) Information Officer
Libraries, Frameworks & Software Standards
1 36 (2.85%) SailPoint
2 18 (1.42%) Web Services
3 5 (0.40%) SAML
4 3 (0.24%) ModSecurity
4 3 (0.24%) OAuth
4 3 (0.24%) REST
5 2 (0.16%) .NET
5 2 (0.16%) OpenID
5 2 (0.16%) SOAP
6 1 (0.079%) .NET Framework
6 1 (0.079%) CSS
6 1 (0.079%) HTML
6 1 (0.079%) JSON
6 1 (0.079%) Middleware
6 1 (0.079%) Node.js
6 1 (0.079%) Regular Expression
6 1 (0.079%) RESTful
6 1 (0.079%) Sass
6 1 (0.079%) Spring
6 1 (0.079%) XML
Miscellaneous
1 312 (24.68%) Management Information System
2 102 (8.07%) Analytical Skills
3 58 (4.59%) Cyberthreat
4 43 (3.40%) Data Centre
5 39 (3.09%) Driving Licence
5 39 (3.09%) Security Operations Centre
6 32 (2.53%) PKI
7 30 (2.37%) Cyberattack
7 30 (2.37%) Distributed Denial-of-Service
8 28 (2.22%) Data Protection Act
9 26 (2.06%) BYOD
9 26 (2.06%) CESG
10 23 (1.82%) Self-Motivation
10 23 (1.82%) Social Media
11 16 (1.27%) Cyber Kill Chain
12 15 (1.19%) PMI
13 12 (0.95%) NHS
14 11 (0.87%) Greenfield Project
14 11 (0.87%) Hybrid Cloud
15 10 (0.79%) Public Cloud
Operating Systems
1 81 (6.41%) Linux
2 79 (6.25%) Windows
3 35 (2.77%) Unix
4 21 (1.66%) Windows Server
5 9 (0.71%) Apple iOS
6 7 (0.55%) Solaris
6 7 (0.55%) Windows Server 2008
7 6 (0.47%) Windows Server 2012
8 5 (0.40%) AIX
8 5 (0.40%) CentOS
8 5 (0.40%) HPUX
8 5 (0.40%) Red Hat Enterprise Linux
8 5 (0.40%) Windows Server 2003
8 5 (0.40%) Windows XP
9 3 (0.24%) Kali Linux
9 3 (0.24%) Mac OS X
10 2 (0.16%) Android
11 1 (0.079%) Mac OS
11 1 (0.079%) Windows 10
11 1 (0.079%) Windows 7
Processes & Methodologies
1 888 (70.25%) Information Security
2 615 (48.66%) Cybersecurity
3 372 (29.43%) Risk Management
4 267 (21.12%) Security Architecture
5 231 (18.28%) SIEM
6 207 (16.38%) ITIL
7 191 (15.11%) Security Management
8 185 (14.64%) Security Operations
9 179 (14.16%) Agile Software Development
10 172 (13.61%) Penetration Testing
11 167 (13.21%) Data Protection
12 146 (11.55%) Vulnerability Management
13 142 (11.23%) Stakeholder Management
14 135 (10.68%) Information Security Management
15 127 (10.05%) TOGAF
16 114 (9.02%) ISMS
17 111 (8.78%) Identity Access Management
18 106 (8.39%) SABSA
19 103 (8.15%) Architectural Design
20 96 (7.59%) Risk Assessment
Programming Languages
1 39 (3.09%) Python
2 26 (2.06%) Java
3 19 (1.50%) PowerShell
4 14 (1.11%) SQL
5 12 (0.95%) C++
6 11 (0.87%) Perl
7 9 (0.71%) C
8 7 (0.55%) Bash Shell
8 7 (0.55%) C#
8 7 (0.55%) Go
9 6 (0.47%) Ruby
9 6 (0.47%) Shell Script
10 5 (0.40%) Bourne shell
10 5 (0.40%) Korn
11 3 (0.24%) JavaScript
12 2 (0.16%) PHP
13 1 (0.079%) VBScript
Qualifications
1 1,228 (97.15%) CISSP
2 604 (47.78%) CISA
3 314 (24.84%) Degree
4 236 (18.67%) CRISC
5 165 (13.05%) CEH
6 130 (10.28%) Cisco Certification
7 115 (9.10%) Security Cleared
8 96 (7.59%) (ISC)2 CCSP
9 90 (7.12%) SANS
10 88 (6.96%) GIAC
11 72 (5.70%) SC Cleared
12 68 (5.38%) SSCP
13 61 (4.83%) CESG Certified Professional
14 49 (3.88%) CCSP
15 45 (3.56%) ISO 27001 Lead Auditor
16 43 (3.40%) Computer Science Degree
17 41 (3.24%) CISMP
18 38 (3.01%) ISO 27001 Lead Implementer
19 35 (2.77%) CompTIA Security+
20 34 (2.69%) CREST Certified
Quality Assurance & Compliance
1 658 (52.06%) ISO/IEC 27001
2 273 (21.60%) PCI DSS
3 267 (21.12%) NIST
4 262 (20.73%) GDPR
5 107 (8.47%) COBIT
6 78 (6.17%) Cyber Essentials
7 75 (5.93%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
8 46 (3.64%) Sarbanes-Oxley
9 29 (2.29%) ISAE 3402
9 29 (2.29%) NCSC
10 21 (1.66%) ISO 31000
10 21 (1.66%) ISO/IEC 27005
10 21 (1.66%) NIST 800
11 19 (1.50%) HMG Security Policy Framework
11 19 (1.50%) QA
12 17 (1.34%) ISO 22301
12 17 (1.34%) RMADS
13 14 (1.11%) ISO 9001
14 11 (0.87%) COSO
14 11 (0.87%) SLA
System Software
1 35 (2.77%) Active Directory
2 18 (1.42%) VMware Infrastructure
3 12 (0.95%) Docker
4 8 (0.63%) Hyper-V
5 7 (0.55%) ISA Server
6 5 (0.40%) Virtual Machines
7 1 (0.079%) Snort
Systems Management
1 61 (4.83%) Nessus
2 21 (1.66%) McAfee ePO
3 16 (1.27%) SCCM
4 14 (1.11%) Kubernetes
5 12 (0.95%) IBM Guardium
6 7 (0.55%) Terraform
6 7 (0.55%) Trend Micro Deep Security
7 6 (0.47%) CSIRT
7 6 (0.47%) Single Sign-On
8 5 (0.40%) Forum Sentry
8 5 (0.40%) OSSEC
8 5 (0.40%) RSA Archer
9 4 (0.32%) Ansible
9 4 (0.32%) Computer Emergency Response Teams
10 3 (0.24%) Nmap
10 3 (0.24%) QRadar
11 2 (0.16%) HP Fortify
11 2 (0.16%) Microsoft Intune
12 1 (0.079%) CASB
12 1 (0.079%) Host Intrusion Detection System
Vendors
1 102 (8.07%) Microsoft
2 51 (4.03%) Splunk
3 48 (3.80%) Cisco
4 38 (3.01%) McAfee
5 36 (2.85%) Qualys
6 33 (2.61%) Google
7 27 (2.14%) IBM
8 22 (1.74%) CheckPoint
8 22 (1.74%) Palo Alto
8 22 (1.74%) Symantec
9 20 (1.58%) Forcepoint
9 20 (1.58%) VMware
10 19 (1.50%) Oracle
11 17 (1.34%) CA Agile Central
11 17 (1.34%) LogRhythm
12 16 (1.27%) Aveksa
13 15 (1.19%) CyberArk
13 15 (1.19%) Progress
14 13 (1.03%) Apple
14 13 (1.03%) Trend Micro