Period
to 25 October 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 25 October 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
25 Oct 2021
Same period 2020 Same period 2019
Rank 480 328 351
Rank change year-on-year -152 +23 -5
Permanent jobs citing CISM 762 441 1,271
As % of all permanent jobs advertised in the UK 0.60% 0.90% 0.93%
As % of the Qualifications category 2.79% 4.21% 4.06%
Number of salaries quoted 539 350 1,009
10th Percentile £42,500 £42,500 £42,500
25th Percentile £53,000 £50,000 £52,500
Median annual salary (50th Percentile) £65,000 £65,000 £65,000
75th Percentile £79,750 £76,250 £81,250
90th Percentile £90,250 £90,000 £95,000
UK excluding London median annual salary £60,000 £60,000 £58,500
% change year-on-year +0.00% +2.56% -2.50%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 27,308 10,464 31,334
As % of all permanent IT jobs advertised in the UK 21.61% 21.41% 23.00%
Number of salaries quoted 15,200 8,066 23,389
10th Percentile £31,000 £31,250 £27,000
25th Percentile £40,500 £41,250 £35,000
Median annual salary (50th Percentile) £55,000 £55,000 £50,000
Median % change year-on-year - +10.00% -
75th Percentile £72,500 £71,250 £67,250
90th Percentile £88,750 £87,500 £82,500
UK excluding London median annual salary £48,000 £48,750 £45,000
% change year-on-year -1.54% +8.33% -

CISM
Job Vacancy Trend

Job postings citing CISM as a proportion of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

3-month moving average salary quoted in jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

Salary distribution for jobs citing CISM over the 6 months to 25 October 2021.

Salary histogram for CISM in the UK

CISM
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 25 October 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -142 679 £65,000 - 94
UK excluding London -83 390 £60,000 +0.00% 68
London -193 303 £70,000 +7.69% 36
Work from Home -110 189 £72,500 +16.00% 14
South East -62 150 £60,000 +2.13% 17
Midlands -86 71 £65,000 +23.81% 8
South West -59 62 £62,350 -4.08% 14
North of England -113 62 £60,275 +4.83% 14
West Midlands -92 46 £67,500 +35.00% 8
North West -92 35 £70,000 +14.29% 8
Scotland -87 23 £65,000 +36.63% 8
East Midlands -68 21 £65,000 -7.14%
Yorkshire -88 21 £60,000 +9.09% 5
East of England -101 18 £77,500 +19.23% 4
Wales - 12 £37,000 - 3
North East - 11 £62,500 - 1

For the 6 months to 25 October 2021, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 718 (94.23%) CISSP
2 522 (68.50%) Information Security
3 466 (61.15%) Cybersecurity
4 391 (51.31%) ISO/IEC 27001
5 284 (37.27%) Risk Management
6 281 (36.88%) CISA
7 249 (32.68%) Social Skills
8 214 (28.08%) NIST
9 203 (26.64%) Finance
10 177 (23.23%) GDPR
11 166 (21.78%) Degree
12 165 (21.65%) Management Information System
13 159 (20.87%) Security Architecture
14 151 (19.82%) SIEM
15 142 (18.64%) Security Management
16 141 (18.50%) Azure
17 137 (17.98%) Data Protection
18 127 (16.67%) Cyber Essentials
19 121 (15.88%) Risk Assessment
20 118 (15.49%) Security Cleared
21 116 (15.22%) ITIL
22 115 (15.09%) PCI DSS
23 109 (14.30%) CRISC
23 109 (14.30%) Vulnerability Management
24 106 (13.91%) Security Operations
25 105 (13.78%) Continuous Improvement
25 105 (13.78%) Firewall
26 101 (13.25%) CEH
27 97 (12.73%) Agile Software Development
28 93 (12.20%) Regulatory Compliance

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 28 (3.67%) IIS
2 12 (1.57%) MTS
3 2 (0.26%) SharePoint
4 1 (0.13%) MS Exchange
Applications
1 12 (1.57%) Microsoft Office
2 8 (1.05%) MS Visio
3 4 (0.52%) Microsoft PowerPoint
Business Applications
1 4 (0.52%) Sentinel
2 1 (0.13%) NetSuite
2 1 (0.13%) Unit4 Business World
Cloud Services
1 141 (18.50%) Azure
2 89 (11.68%) AWS
3 64 (8.40%) Microsoft 365
4 28 (3.67%) Cloud Computing
5 24 (3.15%) GCP
6 11 (1.44%) SaaS
7 10 (1.31%) IaaS
7 10 (1.31%) Mimecast
7 10 (1.31%) PaaS
8 7 (0.92%) Serverless
9 6 (0.79%) Akamai
10 4 (0.52%) Azure Active Directory
10 4 (0.52%) Azure Sentinel
11 3 (0.39%) Sumo Logic
12 1 (0.13%) Azure Service Bus
12 1 (0.13%) Dynamics 365
12 1 (0.13%) GitHub
12 1 (0.13%) Power Platform
12 1 (0.13%) PowerApps
Communications & Networking
1 105 (13.78%) Firewall
2 65 (8.53%) Network Security
3 26 (3.41%) Intrusion Detection
3 26 (3.41%) WAN
4 25 (3.28%) LAN
5 20 (2.62%) Internet
6 19 (2.49%) TCP/IP
7 17 (2.23%) DNS
8 12 (1.57%) DHCP
8 12 (1.57%) HTTP
8 12 (1.57%) Wi-Fi
9 11 (1.44%) Wireless
10 10 (1.31%) Cisco ISE
11 9 (1.18%) SAN
11 9 (1.18%) VPN
11 9 (1.18%) Wireless Security
12 8 (1.05%) DMZ
12 8 (1.05%) SCCP
13 5 (0.66%) SD-WAN
13 5 (0.66%) Unified Communications
Database & Business Intelligence
1 6 (0.79%) Blockchain
2 2 (0.26%) DB2
2 2 (0.26%) GIS
3 1 (0.13%) Amazon RDS
3 1 (0.13%) Azure SQL Database
3 1 (0.13%) Big Data
3 1 (0.13%) Data Warehouse
3 1 (0.13%) DTS
3 1 (0.13%) SQL Server
Development Applications
1 10 (1.31%) JIRA
2 8 (1.05%) Rational DOORS
2 8 (1.05%) SonarQube
2 8 (1.05%) Visual Studio
3 1 (0.13%) Jenkins
3 1 (0.13%) Sonatype Nexus
General
1 249 (32.68%) Social Skills
2 203 (26.64%) Finance
3 81 (10.63%) Analytical Skills
4 77 (10.10%) Legal
5 35 (4.59%) Telecoms
6 34 (4.46%) Influencing Skills
6 34 (4.46%) Law
6 34 (4.46%) Presentation Skills
7 29 (3.81%) Police
8 25 (3.28%) Public Sector
9 23 (3.02%) Inclusion and Diversity
9 23 (3.02%) Retail
10 20 (2.62%) Banking
11 13 (1.71%) Manufacturing
12 12 (1.57%) French Language
12 12 (1.57%) Marketing
13 11 (1.44%) Advertising
13 11 (1.44%) Back Office
14 10 (1.31%) Local Government
15 8 (1.05%) Electronics
Job Titles
1 147 (19.29%) Consultant
2 142 (18.64%) Security Manager
3 120 (15.75%) Security Consultant
4 94 (12.34%) Analyst
5 93 (12.20%) Architect
6 92 (12.07%) Security Architect
7 78 (10.24%) Security Analyst
8 74 (9.71%) Information Manager
8 74 (9.71%) Information Security Manager
9 73 (9.58%) Cybersecurity Consultant
10 44 (5.77%) Security Engineer
11 41 (5.38%) Head of Security
12 38 (4.99%) Information Analyst
13 37 (4.86%) Information Security Analyst
13 37 (4.86%) Security Officer
14 34 (4.46%) Head of Information Security
14 34 (4.46%) Senior Consultant
15 33 (4.33%) Cybersecurity Manager
16 31 (4.07%) Senior Security Consultant
17 29 (3.81%) Junior Consultant
Libraries, Frameworks & Software Standards
1 8 (1.05%) Web Services
2 6 (0.79%) SAML
3 4 (0.52%) ISPF
4 3 (0.39%) .NET
4 3 (0.39%) LDAP
5 2 (0.26%) .NET Framework
5 2 (0.26%) J2EE
5 2 (0.26%) REST
5 2 (0.26%) SOAP
6 1 (0.13%) ASP.NET
6 1 (0.13%) SailPoint
Miscellaneous
1 165 (21.65%) Management Information System
2 51 (6.69%) Cyberthreat
3 29 (3.81%) Smart Meter
4 28 (3.67%) Data Protection Act
5 27 (3.54%) Cyberattack
6 25 (3.28%) Self-Motivation
7 24 (3.15%) Public Cloud
8 21 (2.76%) Cyber Kill Chain
9 19 (2.49%) Data Centre
10 17 (2.23%) Security Operations Centre
11 13 (1.71%) Distributed Denial-of-Service
12 10 (1.31%) SCADA
12 10 (1.31%) Virtual Team
13 9 (1.18%) BYOD
13 9 (1.18%) Fibre Optics
13 9 (1.18%) Private Cloud
14 8 (1.05%) Cybercrime
14 8 (1.05%) Driving Licence
14 8 (1.05%) Mobile Payment
14 8 (1.05%) Smartcard
Operating Systems
1 41 (5.38%) Linux
2 40 (5.25%) Windows
3 16 (2.10%) Windows Server
4 13 (1.71%) Unix
5 11 (1.44%) Mac OS
6 8 (1.05%) Solaris
7 3 (0.39%) Windows 10
8 2 (0.26%) AIX
8 2 (0.26%) zOS
9 1 (0.13%) Android
9 1 (0.13%) Apple iOS
9 1 (0.13%) Windows 7
Processes & Methodologies
1 522 (68.50%) Information Security
2 466 (61.15%) Cybersecurity
3 284 (37.27%) Risk Management
4 159 (20.87%) Security Architecture
5 151 (19.82%) SIEM
6 142 (18.64%) Security Management
7 137 (17.98%) Data Protection
8 121 (15.88%) Risk Assessment
9 116 (15.22%) ITIL
10 109 (14.30%) Vulnerability Management
11 106 (13.91%) Security Operations
12 105 (13.78%) Continuous Improvement
13 97 (12.73%) Agile Software Development
14 93 (12.20%) Regulatory Compliance
15 91 (11.94%) Stakeholder Management
16 89 (11.68%) ISMS
16 89 (11.68%) Penetration Testing
17 79 (10.37%) Information Security Management
17 79 (10.37%) TOGAF
18 71 (9.32%) Incident Management
Programming Languages
1 21 (2.76%) Python
2 20 (2.62%) C
3 13 (1.71%) Go
3 13 (1.71%) Java
4 11 (1.44%) C#
4 11 (1.44%) PowerShell
5 6 (0.79%) SQL
6 3 (0.39%) PHP
6 3 (0.39%) Rust
7 2 (0.26%) Bash Shell
Qualifications
1 718 (94.23%) CISSP
2 281 (36.88%) CISA
3 166 (21.78%) Degree
4 118 (15.49%) Security Cleared
5 109 (14.30%) CRISC
6 101 (13.25%) CEH
7 87 (11.42%) Cisco Certification
8 61 (8.01%) SC Cleared
9 56 (7.35%) CESG Certified Professional
10 51 (6.69%) (ISC)2 CCSP
11 46 (6.04%) SANS
12 41 (5.38%) CompTIA Security+
12 41 (5.38%) SSCP
13 33 (4.33%) ISO 27001 Lead Auditor
14 31 (4.07%) CCSP
15 28 (3.67%) CCNP
15 28 (3.67%) IISP
16 27 (3.54%) GIAC
17 22 (2.89%) CCNA
18 19 (2.49%) DV Cleared
Quality Assurance & Compliance
1 391 (51.31%) ISO/IEC 27001
2 214 (28.08%) NIST
3 177 (23.23%) GDPR
4 127 (16.67%) Cyber Essentials
5 115 (15.09%) PCI DSS
6 79 (10.37%) NCSC
7 70 (9.19%) GRC
8 51 (6.69%) COBIT
9 41 (5.38%) Cyber Essentials PLUS
10 36 (4.72%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
11 21 (2.76%) Sarbanes-Oxley
12 19 (2.49%) ISO/IEC 27005
13 17 (2.23%) ISO 22301
13 17 (2.23%) ITGC
13 17 (2.23%) RMADS
14 13 (1.71%) ISO 9001
14 13 (1.71%) NIST 800
15 12 (1.57%) ISO 31000
15 12 (1.57%) SLA
16 10 (1.31%) ISO/IEC 20000
System Software
1 13 (1.71%) Active Directory
2 8 (1.05%) ISA Server
3 7 (0.92%) VMware Infrastructure
4 5 (0.66%) Hyper-V
5 3 (0.39%) BitLocker
5 3 (0.39%) Firmware
6 2 (0.26%) OpenAM
6 2 (0.26%) OpenIDM
6 2 (0.26%) RACF
7 1 (0.13%) Forefront TMG
7 1 (0.13%) pfSense
7 1 (0.13%) Terminal Server
7 1 (0.13%) Virtual Machines
Systems Management
1 22 (2.89%) QRadar
2 12 (1.57%) Kubernetes
2 12 (1.57%) Nessus
3 10 (1.31%) Kibana
4 8 (1.05%) Single Sign-On
4 8 (1.05%) Trend Micro Deep Security
5 5 (0.66%) CASB
6 3 (0.39%) Microsoft Intune
6 3 (0.39%) RSA Archer
7 2 (0.26%) CA Single Sign-On
7 2 (0.26%) EnCase
7 2 (0.26%) FTK
7 2 (0.26%) Nexpose
7 2 (0.26%) Oracle Identity Management
7 2 (0.26%) SCCM
8 1 (0.13%) Active Directory Federation Services
8 1 (0.13%) AirWatch
8 1 (0.13%) BMC PATROL
8 1 (0.13%) Failover Clustering
8 1 (0.13%) Forefront Identity Manager
Vendors
1 85 (11.15%) Microsoft
2 38 (4.99%) Cisco
3 30 (3.94%) Splunk
4 27 (3.54%) Google
5 13 (1.71%) Oracle
6 11 (1.44%) Apple
7 10 (1.31%) CrowdStrike
7 10 (1.31%) OneTrust
7 10 (1.31%) VMware
8 9 (1.18%) Okta
8 9 (1.18%) SolarWinds
9 8 (1.05%) Adobe
9 8 (1.05%) Centrify
9 8 (1.05%) F5
9 8 (1.05%) Imperva
9 8 (1.05%) Palo Alto
9 8 (1.05%) SAP
9 8 (1.05%) Trend Micro
9 8 (1.05%) Tripwire
10 7 (0.92%) AlienVault