CISM jobs, average salaries and co-occurring skill trends

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 18 December 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM) UK
Location	6 months to 18 Dec 2018	Same period 2017	Same period 2016
Rank	337	327	317
Rank change year-on-year	-10	-10	+116
Permanent jobs citing CISM	1,481	1,792	1,889
As % of all permanent IT jobs advertised in the UK	0.93%	1.00%	1.03%
As % of the Qualifications category	3.91%	4.18%	3.94%
Number of salaries quoted	1,043	1,352	1,475
UK median annual salary	£65,000	£64,000	£65,000
Median salary % change year-on-year	+1.56%	-1.54%	+8.33%
10th Percentile	£41,250	£42,500	£41,250
90th Percentile	£95,000	£95,000	£90,000
UK excluding London median annual salary	£60,000	£55,000	£60,000
% change year-on-year	+9.09%	-8.33%	+9.09%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications UK
Permanent vacancies requiring academic qualifications or professional certifications	37,899	42,909	47,961
As % of all permanent IT jobs advertised in the UK	23.83%	23.95%	26.08%
Number of salaries quoted	27,744	33,026	38,279
UK median annual salary	£50,000	£47,500	£45,000
Median salary % change year-on-year	+5.26%	+5.56%	-
10th Percentile	£26,250	£26,250	£26,250
90th Percentile	£81,250	£77,500	£77,500
UK excluding London median annual salary	£45,000	£42,500	£42,500
% change year-on-year	+5.88%	-	+1.19%

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 18 December 2018.

CISM
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 18 December 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	-9	1,423	£65,000	+1.56%	191
UK excluding London	+37	833	£60,000	+9.09%	110
London	-67	602	£75,000	+7.14%	88
South East	+3	275	£60,000	+3.45%	27
North of England	-26	178	£55,000	+4.76%	31
East of England	+92	146	£72,500	+26.09%	17
Midlands	+41	109	£57,500	+9.52%	20
South West	+59	94	£57,500	+9.00%	8
West Midlands	+47	92	£52,500	-	12
North West	-28	86	£60,000	+9.09%	17
Yorkshire	+27	73	£47,500	-9.52%	10
Scotland	+11	27	£55,000	-21.43%	4
North East	-8	19	£61,427	-5.50%	4
East Midlands	+27	14	£62,500	+21.95%	8
Wales	+6	4	£36,412	-11.73%	2

CISM
Top 30 Co-occurring IT Skills

For the 6 months to 18 December 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1	1,397 (94.33%)	CISSP
2	1,105 (74.61%)	Information Security
3	726 (49.02%)	ISO/IEC 27001
4	699 (47.20%)	CISA
5	695 (46.93%)	Cybersecurity
6	458 (30.93%)	Risk Management
7	364 (24.58%)	Finance
8	349 (23.57%)	PCI DSS
9	322 (21.74%)	SIEM
10	321 (21.67%)	GDPR
11	300 (20.26%)	Management Information System
12	257 (17.35%)	CRISC
13	254 (17.15%)	CEH
14	241 (16.27%)	Data Protection
15	235 (15.87%)	ITIL

16	233 (15.73%)	Firewall
16	233 (15.73%)	Degree
17	229 (15.46%)	Security Architecture
18	228 (15.40%)	Penetration Testing
19	197 (13.30%)	Windows
20	192 (12.96%)	SANS
21	182 (12.29%)	Stakeholder Management
22	180 (12.15%)	Linux
23	177 (11.95%)	Vulnerability Management
24	174 (11.75%)	Agile Software Development
25	171 (11.55%)	Security Management
26	164 (11.07%)	GIAC
27	162 (10.94%)	SSCP
27	162 (10.94%)	Security Operations
28	137 (9.25%)	Identity Access Management

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	21 (1.42%)	SharePoint
2	19 (1.28%)	ExpressionEngine
2	19 (1.28%)	WordPress
3	16 (1.08%)	IIS
4	8 (0.54%)	Apache
4	8 (0.54%)	Confluence
5	5 (0.34%)	MS Exchange
6	3 (0.20%)	OpenStack
7	2 (0.14%)	JBoss
7	2 (0.14%)	Tomcat
7	2 (0.14%)	WebLogic
8	1 (0.068%)	SAS
8	1 (0.068%)	SharePoint 2013
8	1 (0.068%)	Skype for Business

Applications
1	16 (1.08%)	Microsoft Office
2	10 (0.68%)	MS Visio
3	3 (0.20%)	Microsoft Excel
4	2 (0.14%)	Microsoft PowerPoint
5	1 (0.068%)	Microsoft Project
5	1 (0.068%)	Spreadsheet

Business Applications
1	10 (0.68%)	SAP GRC
2	5 (0.34%)	assyst
3	4 (0.27%)	Infor M3
4	3 (0.20%)	Sentinel
5	2 (0.14%)	SAP HR
6	1 (0.068%)	Oracle Applications
6	1 (0.068%)	SAP ERP

Cloud Services
1	116 (7.83%)	Microsoft Azure
2	110 (7.43%)	Amazon AWS
3	53 (3.58%)	Office 365
4	42 (2.84%)	SaaS
5	29 (1.96%)	IaaS
6	13 (0.88%)	Google Cloud Platform
7	11 (0.74%)	PaaS
8	10 (0.68%)	Mimecast
9	8 (0.54%)	Cloud Computing
10	3 (0.20%)	GitHub
11	2 (0.14%)	OneDrive
11	2 (0.14%)	Yammer
12	1 (0.068%)	Amazon CloudWatch
12	1 (0.068%)	Amazon EC2
12	1 (0.068%)	Amazon S3
12	1 (0.068%)	AWS CloudFormation
12	1 (0.068%)	AWS CloudTrail
12	1 (0.068%)	CloudFront
12	1 (0.068%)	Dropbox
12	1 (0.068%)	Virtual Private Cloud

Communications & Networking
1	233 (15.73%)	Firewall
2	122 (8.24%)	Network Security
3	61 (4.12%)	Intrusion Detection
4	57 (3.85%)	Internet
5	40 (2.70%)	TCP/IP
6	30 (2.03%)	VPN
7	26 (1.76%)	WAN
8	23 (1.55%)	LAN
9	22 (1.49%)	IPsec
10	21 (1.42%)	DNS
11	20 (1.35%)	HTTP
12	19 (1.28%)	SCCP
13	15 (1.01%)	Wireless
14	14 (0.95%)	Broadband
14	14 (0.95%)	DMZ
15	12 (0.81%)	BGP
15	12 (0.81%)	Cisco Nexus
15	12 (0.81%)	EIGRP
16	10 (0.68%)	DKIM
16	10 (0.68%)	DMARC

Database & Business Intelligence
1	43 (2.90%)	Big Data
2	19 (1.28%)	MongoDB
3	13 (0.88%)	Geospatial Data
4	10 (0.68%)	Hadoop
4	10 (0.68%)	SQL Server
5	9 (0.61%)	DB2
6	5 (0.34%)	GIS
7	3 (0.20%)	Data Mining
7	3 (0.20%)	MySQL
8	1 (0.068%)	Amazon RDS
8	1 (0.068%)	BusinessObjects
8	1 (0.068%)	Data Lake
8	1 (0.068%)	Data Warehouse
8	1 (0.068%)	Oracle Database
8	1 (0.068%)	PostgreSQL
8	1 (0.068%)	QlikView

Development Applications
1	15 (1.01%)	Metasploit
2	8 (0.54%)	AppScan
2	8 (0.54%)	JIRA
3	3 (0.20%)	Git (software)
4	1 (0.068%)	Ant
4	1 (0.068%)	Burp Suite
4	1 (0.068%)	Paros
4	1 (0.068%)	SonarQube

General
1	364 (24.58%)	Finance
2	107 (7.22%)	Legal
3	106 (7.16%)	Banking
4	72 (4.86%)	Retail
5	45 (3.04%)	Telecoms
6	31 (2.09%)	Investment Banking
7	27 (1.82%)	Law
8	24 (1.62%)	Marketing
9	22 (1.49%)	Publishing
10	21 (1.42%)	Manufacturing
11	12 (0.81%)	Local Government
12	8 (0.54%)	Financial Institution
13	6 (0.41%)	Games
14	5 (0.34%)	Electronics
14	5 (0.34%)	Pharmaceutical
15	4 (0.27%)	Advertising
16	3 (0.20%)	Aerospace
16	3 (0.20%)	Retail Banking
17	2 (0.14%)	Front Office
18	1 (0.068%)	Back Office

Job Titles
1	346 (23.36%)	Security Manager
2	272 (18.37%)	Analyst
3	226 (15.26%)	Security Analyst
4	196 (13.23%)	Consultant
5	195 (13.17%)	Information Manager
6	187 (12.63%)	Information Security Manager
7	167 (11.28%)	Security Consultant
8	134 (9.05%)	Architect
9	133 (8.98%)	Information Analyst
10	132 (8.91%)	Security Architect
11	131 (8.85%)	Information Security Analyst
12	128 (8.64%)	Security Engineer
13	112 (7.56%)	Security Officer
14	91 (6.14%)	Head of Security
15	84 (5.67%)	Cybersecurity Consultant
15	84 (5.67%)	Information Security Officer
16	82 (5.54%)	Information Officer
17	68 (4.59%)	IT Manager
17	68 (4.59%)	Senior Analyst
18	62 (4.19%)	Senior Security Analyst

Libraries, Frameworks & Software Standards
1	24 (1.62%)	SailPoint
2	23 (1.55%)	Elastic Stack
3	22 (1.49%)	.NET
4	19 (1.28%)	Node.js
5	18 (1.22%)	Web Services
6	10 (0.68%)	REST
7	9 (0.61%)	LDAP
8	8 (0.54%)	SAML
9	7 (0.47%)	Middleware
10	6 (0.41%)	Spring
11	5 (0.34%)	LAMP
11	5 (0.34%)	ModSecurity
11	5 (0.34%)	OAuth
12	4 (0.27%)	ASP.NET
13	3 (0.20%)	JSON
13	3 (0.20%)	Protocol Buffers
13	3 (0.20%)	RESTful
13	3 (0.20%)	XML
14	2 (0.14%)	802.1X
14	2 (0.14%)	SAP Basis

Miscellaneous
1	300 (20.26%)	Management Information System
2	129 (8.71%)	Analytical Skills
3	91 (6.14%)	Security Operations Centre
4	81 (5.47%)	Data Protection Act
5	69 (4.66%)	PKI
6	58 (3.92%)	Self-Motivation
7	55 (3.71%)	Data Centre
8	37 (2.50%)	Cyberattack
9	32 (2.16%)	CESG
10	31 (2.09%)	Distributed Denial-of-Service
11	26 (1.76%)	Cyberthreat
12	20 (1.35%)	Fintech
13	18 (1.22%)	Cyber Kill Chain
14	16 (1.08%)	Cybercrime
14	16 (1.08%)	Public Cloud
15	14 (0.95%)	Enterprise Software
16	13 (0.88%)	Algorithms
17	12 (0.81%)	Internet of Things
18	11 (0.74%)	Hybrid Cloud
19	10 (0.68%)	NHS

Operating Systems
1	197 (13.30%)	Windows
2	180 (12.15%)	Linux
3	96 (6.48%)	Unix
4	33 (2.23%)	Windows Server
5	15 (1.01%)	Kali Linux
6	12 (0.81%)	Red Hat Enterprise Linux
7	10 (0.68%)	Android
7	10 (0.68%)	Apple iOS
8	9 (0.61%)	CentOS
9	8 (0.54%)	Debian
10	5 (0.34%)	AIX
10	5 (0.34%)	HPUX
11	4 (0.27%)	Windows Server 2003
11	4 (0.27%)	Windows Server 2008
11	4 (0.27%)	Windows Server 2012
11	4 (0.27%)	Windows XP
12	1 (0.068%)	Mac OS
12	1 (0.068%)	VMS

Processes & Methodologies
1	1,105 (74.61%)	Information Security
2	695 (46.93%)	Cybersecurity
3	458 (30.93%)	Risk Management
4	322 (21.74%)	SIEM
5	241 (16.27%)	Data Protection
6	235 (15.87%)	ITIL
7	229 (15.46%)	Security Architecture
8	228 (15.40%)	Penetration Testing
9	182 (12.29%)	Stakeholder Management
10	177 (11.95%)	Vulnerability Management
11	174 (11.75%)	Agile Software Development
12	171 (11.55%)	Security Management
13	162 (10.94%)	Security Operations
14	137 (9.25%)	Identity Access Management
15	136 (9.18%)	Information Security Management
16	129 (8.71%)	Continuous Improvement
17	116 (7.83%)	ISMS
18	109 (7.36%)	Problem-Solving
19	105 (7.09%)	OWASP
20	104 (7.02%)	Incident Management

Programming Languages
1	25 (1.69%)	C
1	25 (1.69%)	Java
2	21 (1.42%)	Python
3	20 (1.35%)	PHP
4	18 (1.22%)	Perl
5	16 (1.08%)	Ruby
6	15 (1.01%)	Go
7	10 (0.68%)	C#
7	10 (0.68%)	C++
8	8 (0.54%)	PowerShell
8	8 (0.54%)	VB
9	5 (0.34%)	Shell Script
10	4 (0.27%)	Bash Shell
10	4 (0.27%)	SQL
11	3 (0.20%)	VBScript
12	1 (0.068%)	JavaScript
12	1 (0.068%)	Scala

Qualifications
1	1,397 (94.33%)	CISSP
2	699 (47.20%)	CISA
3	257 (17.35%)	CRISC
4	254 (17.15%)	CEH
5	233 (15.73%)	Degree
6	192 (12.96%)	SANS
7	164 (11.07%)	GIAC
8	162 (10.94%)	SSCP
9	128 (8.64%)	Cisco Certification
10	100 (6.75%)	Security Cleared
11	96 (6.48%)	CompTIA Security+
12	72 (4.86%)	(ISC)2 CCSP
13	69 (4.66%)	CESG Certified Professional
14	59 (3.98%)	SC Cleared
15	58 (3.92%)	CISMP
15	58 (3.92%)	CSSLP
16	53 (3.58%)	CREST Certified
17	48 (3.24%)	Computer Science Degree
17	48 (3.24%)	ISO 27001 Lead Auditor
18	47 (3.17%)	CCSP

Quality Assurance & Compliance
1	726 (49.02%)	ISO/IEC 27001
2	349 (23.57%)	PCI DSS
3	321 (21.67%)	GDPR
4	106 (7.16%)	Cyber Essentials
5	95 (6.41%)	COBIT
6	61 (4.12%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
7	32 (2.16%)	Sarbanes-Oxley
8	31 (2.09%)	Cyber Essentials PLUS
8	31 (2.09%)	HMG Security Policy Framework
9	27 (1.82%)	ISO 22301
10	26 (1.76%)	QA
11	23 (1.55%)	MiFID
12	18 (1.22%)	ISO/IEC 27005
13	17 (1.15%)	NIST 800
14	14 (0.95%)	HIPAA
15	11 (0.74%)	ISAE 3402
16	8 (0.54%)	ISO/IEC 20000
16	8 (0.54%)	RMADS
17	6 (0.41%)	COSO
17	6 (0.41%)	ISO 9001

System Software
1	31 (2.09%)	Active Directory
2	24 (1.62%)	Snort
3	11 (0.74%)	VMware Infrastructure
4	10 (0.68%)	Hyper-V
5	6 (0.41%)	Docker
5	6 (0.41%)	vSphere
6	3 (0.20%)	Virtual Machines
7	2 (0.14%)	NDS
8	1 (0.068%)	ProxySG
8	1 (0.068%)	VMware NSX

Systems Management
1	46 (3.11%)	Nessus
2	25 (1.69%)	OSSEC
3	17 (1.15%)	SCCM
3	17 (1.15%)	Single Sign-On
4	14 (0.95%)	CASB
4	14 (0.95%)	Nmap
4	14 (0.95%)	QRadar
5	13 (0.88%)	CSIRT
6	12 (0.81%)	McAfee ePO
7	9 (0.61%)	HP Fortify
8	7 (0.47%)	Ansible
8	7 (0.47%)	Nexpose
9	6 (0.41%)	Core Impact
9	6 (0.41%)	OpenVAS
9	6 (0.41%)	RSA Archer
10	5 (0.34%)	IBM BigFix
10	5 (0.34%)	Norton AntiVirus
10	5 (0.34%)	WSUS
11	3 (0.20%)	Kubernetes
12	2 (0.14%)	WebInspect

Vendors
1	98 (6.62%)	Microsoft
2	77 (5.20%)	Symantec
3	50 (3.38%)	Sophos
4	49 (3.31%)	LogRhythm
5	45 (3.04%)	Splunk
6	44 (2.97%)	Oracle
7	41 (2.77%)	Cisco
8	32 (2.16%)	Qualys
9	26 (1.76%)	CheckPoint
10	23 (1.55%)	VMware
11	22 (1.49%)	Blue Coat
11	22 (1.49%)	McAfee
12	21 (1.42%)	Palo Alto
13	19 (1.28%)	SAP
14	18 (1.22%)	Aveksa
15	15 (1.01%)	ArcSight
15	15 (1.01%)	IBM
16	14 (0.95%)	Google
16	14 (0.95%)	Juniper
17	13 (0.88%)	Forcepoint

202 CISM job vacancies Nationwide

CISMJob Vacancy Trend

CISMSalary Trend

CISMSalary Histogram

CISMTop 15 Job Locations

CISMTop 30 Co-occurring IT Skills