CISM Jobs, Trends & Salaries

ISACA Certified Information Security Manager (CISM)
UK

The table below provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. It includes a benchmarking guide to the salaries offered over the 6 months leading up to 1 May 2025, comparing them to the same period in the previous two years.

Location	6 months to 1 May 2025	Same period 2024	Same period 2023
Rank	290	392	387
Rank change year-on-year	+102	-5	+145
Permanent jobs citing CISM	518	641	872
As % of all permanent jobs advertised in the UK	1.00%	0.65%	0.84%
As % of the Qualifications category	2.04%	2.34%	2.57%
Number of salaries quoted	263	518	650
10^th Percentile	£47,500	£47,500	£46,250
25^th Percentile	£55,000	£57,500	£55,125
Median annual salary (50^th Percentile)	£72,500	£73,750	£72,500
Median % change year-on-year	-1.69%	+1.72%	+3.57%
75^th Percentile	£83,750	£85,000	£85,938
90^th Percentile	£95,000	£101,250	£100,000
UK excluding London median annual salary	£65,000	£66,500	£65,000
% change year-on-year	-2.26%	+2.31%	-

All Academic and Professional Certifications
UK

CISM falls under the Academic Qualifications and Professional Certifications category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring academic qualifications or professional certifications.

Permanent vacancies requiring academic qualifications or professional certifications	25,404	27,420	33,991
As % of all permanent jobs advertised in the UK	48.81%	27.84%	32.71%
Number of salaries quoted	11,182	17,336	15,221
10^th Percentile	£32,500	£28,250	£31,250
25^th Percentile	£44,000	£38,500	£41,750
Median annual salary (50^th Percentile)	£55,000	£54,000	£58,000
Median % change year-on-year	+1.85%	-6.90%	+5.45%
75^th Percentile	£68,568	£71,000	£77,500
90^th Percentile	£85,000	£87,500	£95,000
UK excluding London median annual salary	£52,000	£50,000	£50,500
% change year-on-year	+4.00%	-0.99%	+1.00%

CISM
Job Vacancy Trend

Job postings citing CISM as a proportion of all IT jobs advertised.

CISM
Salary Trend

3-month moving average salary quoted in jobs citing CISM.

CISM
Salary Histogram

Salary distribution for jobs citing CISM over the 6 months to 1 May 2025.

CISM
Top 18 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 1 May 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Jobs
England	+108	488	£70,000	-3.45%	297
UK excluding London	+172	362	£65,000	-2.26%	184
Midlands	+181	182	£60,000	-14.29%	20
London	+11	133	£82,500	+3.13%	145
West Midlands	+132	130	£58,750	-21.67%	12
Work from Home	+79	113	£62,500	-13.79%	175
South East	+137	67	£65,000	-	64
East Midlands	+84	52	£62,500	-4.94%	7
North of England	+35	52	£57,500	-4.17%	41
North West	-9	45	£56,500	+8.48%	25
South West	+50	25	£66,250	-3.28%	27
East of England	+48	16	£70,000	+40.00%	24
Scotland	+102	14	£85,000	+47.83%	14
Yorkshire	+72	5	£57,500	-27.98%	10
Northern Ireland	+37	3	£35,000	-39.13%	2
North East	+44	2	£80,000	+0.20%	7
Channel Islands	+2	2	£78,750	-21.25%
Wales	+46	1	£55,000	-35.29%	3

CISM
Top 30 Co-occurring Skills and Capabilities

For the 6 months to 1 May 2025, job vacancies citing CISM also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1	482 (93.05%)	CISSP
2	403 (77.80%)	Cybersecurity
3	360 (69.50%)	Information Security
4	350 (67.57%)	ISO/IEC 27001
5	336 (64.86%)	NIST
6	289 (55.79%)	Risk Management
7	268 (51.74%)	Degree
8	168 (32.43%)	Project Management
9	166 (32.05%)	Social Skills
10	156 (30.12%)	JSP 440
11	155 (29.92%)	Security Testing
12	154 (29.73%)	Cyber Resilience
13	153 (29.54%)	CESG Certified Professional
14	151 (29.15%)	RMADS
15	149 (28.76%)	BPSS Clearance

16	106 (20.46%)	Management Information System
17	100 (19.31%)	Incident Response
18	97 (18.73%)	CISA
19	92 (17.76%)	Firewall
20	84 (16.22%)	SIEM
20	84 (16.22%)	Finance
21	82 (15.83%)	CRISC
21	82 (15.83%)	Analytical Skills
22	79 (15.25%)	Cloud Security
23	76 (14.67%)	Vulnerability Management
24	74 (14.29%)	Problem-Solving
24	74 (14.29%)	GDPR
25	71 (13.71%)	Continuous Improvement
26	67 (12.93%)	Azure
26	67 (12.93%)	Stakeholder Management

CISM
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	6 (1.16%)	SharePoint
2	3 (0.58%)	Confluence
3	2 (0.39%)	IBM Domino
3	2 (0.39%)	IIS
3	2 (0.39%)	Microsoft Exchange
3	2 (0.39%)	TPMS
4	1 (0.19%)	Oracle Workflow

Applications
1	5 (0.97%)	Microsoft Excel
1	5 (0.97%)	Microsoft Office
2	3 (0.58%)	Microsoft PowerPoint
3	2 (0.39%)	MS Visio

Business Applications
1	3 (0.58%)	SAP S/4HANA
2	1 (0.19%)	Elite 3E

Cloud Services
1	67 (12.93%)	Azure
2	42 (8.11%)	AWS
3	23 (4.44%)	Microsoft 365
4	16 (3.09%)	Azure Sentinel
5	15 (2.90%)	Entra ID
6	10 (1.93%)	SaaS
7	8 (1.54%)	GCP
8	6 (1.16%)	Power Platform
9	5 (0.97%)	Azure Monitor
10	4 (0.77%)	Cloud Computing
11	3 (0.58%)	IaaS
12	2 (0.39%)	Amazon ECS
12	2 (0.39%)	WhatsApp
13	1 (0.19%)	Cloudflare
13	1 (0.19%)	Mimecast
13	1 (0.19%)	Snowflake

Communications & Networking
1	92 (17.76%)	Firewall
2	44 (8.49%)	Intrusion Detection
3	40 (7.72%)	Network Security
4	30 (5.79%)	VPN
5	5 (0.97%)	DNS
5	5 (0.97%)	Kerberos
5	5 (0.97%)	TCP/IP
6	4 (0.77%)	Cisco Firepower
6	4 (0.77%)	HTTP
7	2 (0.39%)	Cisco IPT
7	2 (0.39%)	DMZ
7	2 (0.39%)	SMTP
7	2 (0.39%)	VoIP
8	1 (0.19%)	IPv4
8	1 (0.19%)	IPv6
8	1 (0.19%)	LAN
8	1 (0.19%)	S/MIME
8	1 (0.19%)	SSL
8	1 (0.19%)	WAN
8	1 (0.19%)	X.509

Database & Business Intelligence
1	6 (1.16%)	Power BI
2	3 (0.58%)	Big Data
2	3 (0.58%)	Oracle Reports
3	2 (0.39%)	SQL Server
4	1 (0.19%)	Hadoop
4	1 (0.19%)	HBase
4	1 (0.19%)	NoSQL

Development Applications
1	3 (0.58%)	JIRA
2	1 (0.19%)	Burp Suite
2	1 (0.19%)	Metasploit
2	1 (0.19%)	Subversion

General
1	166 (32.05%)	Social Skills
2	84 (16.22%)	Finance
3	82 (15.83%)	Analytical Skills
4	44 (8.49%)	Legal
5	21 (4.05%)	Presentation Skills
6	17 (3.28%)	Retail
7	14 (2.70%)	Public Sector
8	12 (2.32%)	Banking
9	10 (1.93%)	Inclusion and Diversity
10	9 (1.74%)	Publishing
11	7 (1.35%)	Organisational Skills
12	6 (1.16%)	Local Government
12	6 (1.16%)	Telecoms
13	5 (0.97%)	Law
13	5 (0.97%)	Military
14	4 (0.77%)	Marketing
15	3 (0.58%)	Documentation Skills
15	3 (0.58%)	Influencing Skills
16	2 (0.39%)	Aerospace
16	2 (0.39%)	Manufacturing

Job Titles
1	182 (35.14%)	Security Engineer
2	148 (28.57%)	Principal Engineer
3	147 (28.38%)	Principal Security Engineer
4	138 (26.64%)	Analyst
5	125 (24.13%)	Security Analyst
6	87 (16.80%)	Principal Security Analyst
6	87 (16.80%)	Product Analyst
7	79 (15.25%)	Security Manager
8	60 (11.58%)	Product Engineer
9	51 (9.85%)	Consultant
10	42 (8.11%)	Architect
11	41 (7.92%)	Security Consultant
12	39 (7.53%)	Security Architect
13	33 (6.37%)	Information Manager
14	32 (6.18%)	Senior
15	30 (5.79%)	Cybersecurity Manager
15	30 (5.79%)	Information Security Manager
16	28 (5.41%)	Cybersecurity Consultant
17	27 (5.21%)	Lead
18	21 (4.05%)	Managing Consultant

Libraries, Frameworks & Software Standards
1	6 (1.16%)	SailPoint
2	5 (0.97%)	LDAP
2	5 (0.97%)	OAuth
2	5 (0.97%)	OpenID
2	5 (0.97%)	SAML
3	3 (0.58%)	Oracle Fusion
4	2 (0.39%)	Leaflet
5	1 (0.19%)	EJB
5	1 (0.19%)	HTML
5	1 (0.19%)	ModSecurity

Miscellaneous
1	106 (20.46%)	Management Information System
2	60 (11.58%)	Security Posture
3	31 (5.98%)	Self-Motivation
4	28 (5.41%)	Cyber Threat
5	21 (4.05%)	Life Science
5	21 (4.05%)	Social Media
5	21 (4.05%)	Team-Oriented Environment
6	20 (3.86%)	Data Protection Act
7	10 (1.93%)	Onboarding
7	10 (1.93%)	Security Operations Centre
8	9 (1.74%)	Freedom of Information
8	9 (1.74%)	Freedom of Information Act
9	7 (1.35%)	Cyber Defence
9	7 (1.35%)	Cyberattack
9	7 (1.35%)	Renewable Energy
10	6 (1.16%)	PKI
11	5 (0.97%)	Analytical Mindset
11	5 (0.97%)	Cloud Native
12	4 (0.77%)	Housing Association
13	3 (0.58%)	Cloud Security Posture

Operating Systems
1	46 (8.88%)	Windows
2	21 (4.05%)	Windows Vista
3	7 (1.35%)	Linux
3	7 (1.35%)	Windows Server
4	1 (0.19%)	Kali Linux

Processes & Methodologies
1	403 (77.80%)	Cybersecurity
2	360 (69.50%)	Information Security
3	289 (55.79%)	Risk Management
4	168 (32.43%)	Project Management
5	155 (29.92%)	Security Testing
6	154 (29.73%)	Cyber Resilience
7	100 (19.31%)	Incident Response
8	84 (16.22%)	SIEM
9	79 (15.25%)	Cloud Security
10	76 (14.67%)	Vulnerability Management
11	74 (14.29%)	Problem-Solving
12	71 (13.71%)	Continuous Improvement
13	67 (12.93%)	Stakeholder Management
14	59 (11.39%)	Data Protection
15	52 (10.04%)	Roadmaps
16	51 (9.85%)	Security Architecture
17	50 (9.65%)	Security Management
18	49 (9.46%)	Computer Science
19	48 (9.27%)	Regulatory Compliance
20	47 (9.07%)	Agile

Programming Languages
1	12 (2.32%)	PowerShell
1	12 (2.32%)	R
2	6 (1.16%)	Kusto Query Language
3	5 (0.97%)	Python
4	3 (0.58%)	Bash
5	2 (0.39%)	Shell Script
5	2 (0.39%)	SQL
5	2 (0.39%)	VBA
6	1 (0.19%)	C#
6	1 (0.19%)	C++
6	1 (0.19%)	Java
6	1 (0.19%)	Perl

Qualifications
1	482 (93.05%)	CISSP
2	268 (51.74%)	Degree
3	153 (29.54%)	CESG Certified Professional
4	149 (28.76%)	BPSS Clearance
5	97 (18.73%)	CISA
6	82 (15.83%)	CRISC
7	54 (10.42%)	CEH
8	42 (8.11%)	Cisco Certification
9	38 (7.34%)	Security Cleared
10	36 (6.95%)	(ISC)2 CCSP
11	35 (6.76%)	Computer Science Degree
12	29 (5.60%)	Master's Degree
13	26 (5.02%)	CompTIA Security+
14	25 (4.83%)	GIAC
14	25 (4.83%)	SC Cleared
15	22 (4.25%)	DBS Check
16	20 (3.86%)	SANS
17	17 (3.28%)	ISO 27001 Lead Implementer
18	12 (2.32%)	ISACA
18	12 (2.32%)	ISO 27001 Lead Auditor

Quality Assurance & Compliance
1	350 (67.57%)	ISO/IEC 27001
2	336 (64.86%)	NIST
3	156 (30.12%)	JSP 440
4	151 (29.15%)	RMADS
5	74 (14.29%)	GDPR
6	64 (12.36%)	Cyber Essentials
7	59 (11.39%)	GRC
8	44 (8.49%)	PCI DSS
9	35 (6.76%)	NCSC
10	32 (6.18%)	COBIT
11	31 (5.98%)	Cyber Essentials PLUS
12	24 (4.63%)	SOC 2
13	14 (2.70%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
14	13 (2.51%)	Accessibility
15	12 (2.32%)	HIPAA
16	11 (2.12%)	Def Stans
17	8 (1.54%)	Sarbanes-Oxley
18	6 (1.16%)	NIST 800
19	3 (0.58%)	California Consumer Privacy Act
20	1 (0.19%)	ITGC

System Software
1	16 (3.09%)	Active Directory
2	3 (0.58%)	Docker
3	2 (0.39%)	VMware Infrastructure
4	1 (0.19%)	HDFS
4	1 (0.19%)	Hyper-V
4	1 (0.19%)	Virtual Machines

Systems Management
1	13 (2.51%)	Microsoft Intune
2	10 (1.93%)	Nessus
3	9 (1.74%)	FortiGate
4	8 (1.54%)	QRadar
5	7 (1.35%)	Single Sign-On
6	5 (0.97%)	Terraform
7	2 (0.39%)	Computer Emergency Response Teams
7	2 (0.39%)	Kubernetes
8	1 (0.19%)	CASB
8	1 (0.19%)	CSIRT
8	1 (0.19%)	MaaS360
8	1 (0.19%)	OpenVAS
8	1 (0.19%)	RSA Archer

Vendors
1	58 (11.20%)	Microsoft
2	20 (3.86%)	Tenable
3	17 (3.28%)	VMware
4	16 (3.09%)	Cisco
5	11 (2.12%)	Fortinet
5	11 (2.12%)	Palo Alto
6	9 (1.74%)	Splunk
7	7 (1.35%)	Google
7	7 (1.35%)	Qualys
8	6 (1.16%)	CrowdStrike
9	5 (0.97%)	SolarWinds
10	4 (0.77%)	Oracle
10	4 (0.77%)	SAP
10	4 (0.77%)	Sophos
11	3 (0.58%)	Arista
11	3 (0.58%)	CheckPoint
11	3 (0.58%)	F5
11	3 (0.58%)	Juniper
12	2 (0.39%)	Dell
13	1 (0.19%)	EMC

ISACA Certified Information Security Manager (CISM)UK

All Academic and Professional CertificationsUK

CISMJob Vacancy Trend

CISMSalary Trend

CISMSalary Histogram

CISMTop 18 Job Locations

CISMTop 30 Co-occurring Skills and Capabilities

CISMCo-occurring Skills and Capabilities by Category