Period
to 21 August 2018

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 21 August 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
21 Aug 2018
Same period 2017 Same period 2016
Rank 314 323 335
Rank change year-on-year +9 +12 +150
Permanent jobs citing CISM 1,755 1,811 1,908
As % of all permanent IT jobs advertised in the UK 1.04% 1.03% 0.97%
As % of the Qualifications category 4.39% 4.19% 3.59%
Number of salaries quoted 1,271 1,428 1,516
UK median annual salary £65,000 £65,000 £62,500
Median salary % change year-on-year - +4.00% +4.17%
10th Percentile £42,500 £42,500 £41,250
90th Percentile £95,000 £91,250 £87,500
UK excluding London median annual salary £60,000 £55,000 £55,000
% change year-on-year +9.09% - +4.76%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 39,972 43,225 53,094
As % of all permanent IT jobs advertised in the UK 23.65% 24.52% 26.94%
Number of salaries quoted 29,732 33,183 42,889
UK median annual salary £50,000 £45,000 £45,000
Median salary % change year-on-year +11.11% - -
10th Percentile £26,250 £26,250 £26,250
90th Percentile £80,000 £77,500 £75,250
UK excluding London median annual salary £45,000 £42,500 £42,500
% change year-on-year +5.88% - +6.25%

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 21 August 2018.

Salary histogram for CISM in the UK

CISM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 21 August 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -4 1,670 £65,000 - 143
UK excluding London +41 922 £60,000 +9.09% 96
London -30 797 £75,000 +7.14% 52
South East +61 315 £60,000 - 30
North of England -3 192 £57,500 +4.55% 21
East of England +77 172 £70,000 +33.33% 8
Midlands +38 147 £57,500 +4.55% 15
West Midlands +49 118 £57,000 +14.00% 12
North West -25 90 £55,000 - 6
Yorkshire +46 82 £57,500 +15.00% 12
South West -9 45 £55,000 - 17
Scotland 0 34 £49,500 -5.71% 4
East Midlands +9 24 £65,000 +18.18% 3
North East -26 20 £65,750 +38.42% 3
Wales +14 13 £40,210 -10.65% 1
Isle of Man - 5 £55,000 -
Northern Ireland -3 1 £52,500 -8.70%

For the 6 months to 21 August 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 1,704 (97.09%) CISSP
2 1,255 (71.51%) Information Security
3 882 (50.26%) CISA
4 806 (45.93%) ISO/IEC 27001
5 707 (40.28%) Cybersecurity
6 534 (30.43%) Risk Management
7 490 (27.92%) Finance
8 403 (22.96%) PCI DSS
9 382 (21.77%) GDPR
10 359 (20.46%) SIEM
11 317 (18.06%) Security Architecture
12 313 (17.83%) Management Information System
13 312 (17.78%) Degree
14 304 (17.32%) ITIL
15 291 (16.58%) Data Protection
16 279 (15.90%) Firewall
17 259 (14.76%) Penetration Testing
18 250 (14.25%) CEH
19 247 (14.07%) CRISC
20 233 (13.28%) SANS
21 232 (13.22%) Stakeholder Management
22 224 (12.76%) Windows
23 204 (11.62%) Security Operations
24 199 (11.34%) GIAC
25 192 (10.94%) Vulnerability Management
26 181 (10.31%) Analytical Skills
27 180 (10.26%) COBIT
28 178 (10.14%) Security Management
29 174 (9.91%) Agile Software Development
30 165 (9.40%) Problem-Solving

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 41 (2.34%) IIS
2 15 (0.85%) SharePoint
3 6 (0.34%) Confluence
4 5 (0.28%) MS Exchange
5 3 (0.17%) Apache
6 2 (0.11%) CMS
7 1 (0.057%) JBoss
7 1 (0.057%) SAS
7 1 (0.057%) SharePoint 2013
7 1 (0.057%) Tomcat
7 1 (0.057%) WebLogic
Applications
1 16 (0.91%) Microsoft Office
2 8 (0.46%) MS Visio
3 1 (0.057%) Microsoft Project
3 1 (0.057%) Spreadsheet
Business Applications
1 9 (0.51%) assyst
2 7 (0.40%) Distributed Ledger
2 7 (0.40%) Sentinel
3 6 (0.34%) SAP GRC
4 3 (0.17%) Infor M3
5 1 (0.057%) Oracle Applications
Cloud Services
1 92 (5.24%) Amazon AWS
2 81 (4.62%) Microsoft Azure
3 38 (2.17%) Office 365
4 24 (1.37%) Mimecast
5 18 (1.03%) Google Cloud Platform
6 17 (0.97%) SaaS
7 11 (0.63%) Cloud Computing
8 9 (0.51%) IaaS
9 5 (0.28%) PaaS
10 4 (0.23%) OneDrive
11 3 (0.17%) Azure Active Directory
11 3 (0.17%) Virtual Private Cloud
12 1 (0.057%) Yammer
Communications & Networking
1 279 (15.90%) Firewall
2 120 (6.84%) Network Security
3 88 (5.01%) Intrusion Detection
4 56 (3.19%) TCP/IP
5 49 (2.79%) WAN
6 47 (2.68%) Internet
7 36 (2.05%) LAN
8 27 (1.54%) VPN
9 18 (1.03%) DNS
9 18 (1.03%) SCCP
10 16 (0.91%) SSL
11 15 (0.85%) VoIP
12 14 (0.80%) DKIM
12 14 (0.80%) DMARC
13 13 (0.74%) Broadband
13 13 (0.74%) IPsec
14 12 (0.68%) Cisco IPT
15 11 (0.63%) Cisco Firepower
16 9 (0.51%) HTTP
16 9 (0.51%) Wireless
Database & Business Intelligence
1 16 (0.91%) Big Data
2 8 (0.46%) GIS
3 7 (0.40%) Blockchain
4 3 (0.17%) Geospatial Data
5 2 (0.11%) MySQL
6 1 (0.057%) Data Lake
6 1 (0.057%) Hadoop
6 1 (0.057%) QlikView
Development Applications
1 16 (0.91%) Metasploit
2 10 (0.57%) AppScan
3 8 (0.46%) Burp Suite
4 6 (0.34%) JIRA
5 2 (0.11%) SonarQube
6 1 (0.057%) Jenkins
General
1 490 (27.92%) Finance
2 152 (8.66%) Legal
3 96 (5.47%) Retail
4 94 (5.36%) Banking
5 44 (2.51%) Investment Banking
5 44 (2.51%) Telecoms
6 22 (1.25%) Law
7 19 (1.08%) Manufacturing
8 17 (0.97%) Games
9 16 (0.91%) Financial Institution
10 14 (0.80%) Marketing
11 13 (0.74%) Publishing
12 12 (0.68%) Local Government
13 10 (0.57%) Billing
13 10 (0.57%) Pharmaceutical
14 9 (0.51%) Retail Banking
15 5 (0.28%) Advertising
15 5 (0.28%) Back Office
15 5 (0.28%) Corporate Banking
16 4 (0.23%) Aerospace
Job Titles
1 465 (26.50%) Security Manager
2 281 (16.01%) Analyst
3 250 (14.25%) Information Security Manager
4 249 (14.19%) Information Manager
5 213 (12.14%) Consultant
6 212 (12.08%) Security Analyst
7 194 (11.05%) Security Consultant
8 161 (9.17%) Architect
9 158 (9.00%) Security Architect
10 144 (8.21%) Security Engineer
10 144 (8.21%) Security Officer
11 131 (7.46%) Information Analyst
12 129 (7.35%) Information Security Analyst
13 124 (7.07%) IT Manager
14 111 (6.32%) Information Security Officer
15 103 (5.87%) Information Officer
16 84 (4.79%) IT Security Manager
17 82 (4.67%) Cybersecurity Consultant
17 82 (4.67%) Head of Security
18 79 (4.50%) Risk Manager
Libraries, Frameworks & Software Standards
1 27 (1.54%) Web Services
2 24 (1.37%) SailPoint
3 13 (0.74%) Elastic Stack
4 10 (0.57%) .NET
4 10 (0.57%) Middleware
5 9 (0.51%) LDAP
6 4 (0.23%) LAMP
7 3 (0.17%) ADSI
7 3 (0.17%) ModSecurity
8 2 (0.11%) Spring
9 1 (0.057%) HTML
9 1 (0.057%) HTML5
9 1 (0.057%) OAuth
9 1 (0.057%) Regular Expression
9 1 (0.057%) SAML
9 1 (0.057%) SPNEGO
9 1 (0.057%) XACML
Miscellaneous
1 313 (17.83%) Management Information System
2 181 (10.31%) Analytical Skills
3 91 (5.19%) Computer Science
4 88 (5.01%) Data Protection Act
5 74 (4.22%) PKI
6 67 (3.82%) Security Operations Centre
7 66 (3.76%) Data Centre
8 55 (3.13%) Self-Motivation
9 52 (2.96%) Cyberthreat
10 49 (2.79%) CESG
11 36 (2.05%) Distributed Denial-of-Service
12 32 (1.82%) Cyberattack
13 22 (1.25%) Fintech
14 19 (1.08%) Enterprise Software
15 17 (0.97%) Freedom of Information
16 15 (0.85%) BYOD
16 15 (0.85%) Public Cloud
17 13 (0.74%) Internet of Things
17 13 (0.74%) Life Science
17 13 (0.74%) Video Conferencing
Operating Systems
1 224 (12.76%) Windows
2 151 (8.60%) Linux
3 109 (6.21%) Unix
4 49 (2.79%) Windows Server
5 15 (0.85%) Kali Linux
5 15 (0.85%) Windows Server 2008
5 15 (0.85%) Windows Server 2012
6 12 (0.68%) AIX
7 10 (0.57%) CentOS
8 6 (0.34%) HPUX
8 6 (0.34%) Red Hat Enterprise Linux
8 6 (0.34%) Windows Server 2003
8 6 (0.34%) Windows XP
9 3 (0.17%) Android
9 3 (0.17%) Apple iOS
9 3 (0.17%) Windows 10
10 2 (0.11%) Ubuntu
Processes & Methodologies
1 1,255 (71.51%) Information Security
2 707 (40.28%) Cybersecurity
3 534 (30.43%) Risk Management
4 359 (20.46%) SIEM
5 317 (18.06%) Security Architecture
6 304 (17.32%) ITIL
7 291 (16.58%) Data Protection
8 259 (14.76%) Penetration Testing
9 232 (13.22%) Stakeholder Management
10 204 (11.62%) Security Operations
11 192 (10.94%) Vulnerability Management
12 178 (10.14%) Security Management
13 174 (9.91%) Agile Software Development
14 165 (9.40%) Problem-Solving
15 152 (8.66%) OWASP
16 140 (7.98%) Identity Access Management
17 132 (7.52%) Risk Assessment
18 121 (6.89%) Information Security Management
19 120 (6.84%) Continuous Improvement
20 114 (6.50%) Vulnerability Scanning
Programming Languages
1 25 (1.42%) Python
2 20 (1.14%) Perl
3 19 (1.08%) C
4 15 (0.85%) Java
5 12 (0.68%) Bash Shell
6 11 (0.63%) PHP
7 9 (0.51%) Go
7 9 (0.51%) Ruby
8 7 (0.40%) PowerShell
9 5 (0.28%) Shell Script
10 4 (0.23%) C++
11 3 (0.17%) C#
Qualifications
1 1,704 (97.09%) CISSP
2 882 (50.26%) CISA
3 312 (17.78%) Degree
4 250 (14.25%) CEH
5 247 (14.07%) CRISC
6 233 (13.28%) SANS
7 199 (11.34%) GIAC
8 146 (8.32%) SSCP
9 120 (6.84%) Security Cleared
10 115 (6.55%) Cisco Certification
11 110 (6.27%) CESG Certified Professional
12 101 (5.75%) CompTIA Security+
13 98 (5.58%) CSSLP
14 75 (4.27%) SC Cleared
15 57 (3.25%) CREST Certified
15 57 (3.25%) ISO 27001 Lead Auditor
16 47 (2.68%) (ISC)2 CCSP
17 45 (2.56%) CISMP
18 44 (2.51%) CCNA
18 44 (2.51%) Computer Science Degree
Quality Assurance & Compliance
1 806 (45.93%) ISO/IEC 27001
2 403 (22.96%) PCI DSS
3 382 (21.77%) GDPR
4 180 (10.26%) COBIT
5 114 (6.50%) Cyber Essentials
6 87 (4.96%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 66 (3.76%) Sarbanes-Oxley
8 55 (3.13%) HMG Security Policy Framework
9 40 (2.28%) Cyber Essentials PLUS
10 39 (2.22%) HIPAA
11 30 (1.71%) ISO 9001
12 28 (1.60%) QA
13 23 (1.31%) ISO 22301
14 22 (1.25%) NIST 800
15 19 (1.08%) ISO/IEC 20000
16 17 (0.97%) GCP
16 17 (0.97%) MiFID
17 13 (0.74%) ISAE 3402
18 12 (0.68%) IASME
18 12 (0.68%) RMADS
System Software
1 38 (2.17%) Active Directory
2 14 (0.80%) Snort
3 9 (0.51%) Hyper-V
4 5 (0.28%) VMware Infrastructure
5 4 (0.23%) vSphere
6 3 (0.17%) Docker
7 1 (0.057%) Firmware
7 1 (0.057%) ProxySG
7 1 (0.057%) Virtual Desktop
Systems Management
1 54 (3.08%) Nessus
2 23 (1.31%) QRadar
3 19 (1.08%) Core Impact
3 19 (1.08%) Nexpose
3 19 (1.08%) OpenVAS
4 17 (0.97%) Single Sign-On
5 15 (0.85%) OSSEC
6 11 (0.63%) Nmap
7 9 (0.51%) CASB
7 9 (0.51%) CSIRT
8 8 (0.46%) HP Fortify
8 8 (0.46%) Norton AntiVirus
9 5 (0.28%) Host Intrusion Detection System
10 4 (0.23%) Trend Micro Deep Security
11 3 (0.17%) Microsoft Intune
11 3 (0.17%) Network Intrusion Detection System
11 3 (0.17%) RSA Archer
11 3 (0.17%) WebInspect
12 2 (0.11%) SCCM
12 2 (0.11%) WSUS
Vendors
1 106 (6.04%) Microsoft
2 81 (4.62%) Cisco
3 74 (4.22%) Sophos
4 72 (4.10%) Symantec
5 68 (3.87%) Qualys
6 45 (2.56%) Splunk
7 43 (2.45%) LogRhythm
8 35 (1.99%) Capita
8 35 (1.99%) CheckPoint
9 29 (1.65%) ArcSight
10 25 (1.42%) CyberArk
11 23 (1.31%) Forcepoint
12 21 (1.20%) Rapid7
12 21 (1.20%) SolarWinds
13 20 (1.14%) Fortinet
13 20 (1.14%) Palo Alto
13 20 (1.14%) Veracode
14 19 (1.08%) AlienVault
14 19 (1.08%) Aveksa
14 19 (1.08%) Bomgar