Period
to 21 January 2018

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 21 January 2018 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
21 Jan 2018
Same period 2017 Same period 2016
Rank 321 312 400
Rank change year-on-year -9 +88 +189
Permanent jobs citing CISM 1,655 1,793 1,629
As % of all permanent IT jobs advertised in the UK 0.96% 1.02% 0.78%
As % of the Qualifications category 4.09% 3.97% 2.82%
Number of salaries quoted 1,268 1,416 1,309
UK median annual salary £65,000 £65,000 £60,000
Median salary % change year-on-year - +8.33% +9.09%
10th Percentile £42,500 £41,250 £42,500
90th Percentile £96,625 £90,000 £87,750
UK excluding London median annual salary £57,500 £60,000 £55,000
% change year-on-year -4.17% +9.09% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 40,452 45,204 57,736
As % of all permanent IT jobs advertised in the UK 23.53% 25.69% 27.72%
Number of salaries quoted 31,402 35,912 46,212
UK median annual salary £47,500 £45,000 £45,000
Median salary % change year-on-year +5.56% - -
10th Percentile £26,250 £26,250 £26,250
90th Percentile £77,500 £76,250 £75,000
UK excluding London median annual salary £42,500 £42,500 £42,000
% change year-on-year - +1.19% +5.00%

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 21 January 2018.

Salary histogram for CISM in the UK

CISM
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 21 January 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -7 1,589 £65,000 - 157
London -21 864 £72,500 +3.57% 74
UK excluding London -15 735 £57,500 -4.17% 84
South East +79 289 £60,000 - 31
North of England -3 216 £55,000 - 24
North West -5 123 £55,000 -8.33% 16
Midlands -48 90 £50,000 +5.26% 15
East of England +23 81 £59,750 +16.59% 10
Yorkshire +10 75 £52,750 +22.67% 6
West Midlands -60 64 £50,000 +5.26% 6
South West -35 34 £52,750 -12.08% 3
East Midlands +19 26 £50,000 +11.11% 9
North East -10 18 £48,500 +7.78% 2
Scotland -65 18 £67,500 +22.73% 1
Wales +15 4 £40,000 -51.52%
Northern Ireland -19 2 £47,500 +18.75%

For the 6 months to 21 January 2018, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CISM.

1 1,607 (97.10%) CISSP
2 1,287 (77.76%) Information Security
3 811 (49.00%) ISO/IEC 27001
4 768 (46.40%) CISA
5 668 (40.36%) Cybersecurity
6 593 (35.83%) Finance
7 444 (26.83%) SIEM
8 389 (23.50%) Firewall
9 385 (23.26%) Risk Management
10 374 (22.60%) Data Protection
11 348 (21.03%) Degree
12 325 (19.64%) Security Operations
13 323 (19.52%) PCI DSS
14 322 (19.46%) GDPR
15 315 (19.03%) Penetration Testing
16 313 (18.91%) Management Information System
17 283 (17.10%) ITIL
18 265 (16.01%) CRISC
18 265 (16.01%) Security Architecture
19 258 (15.59%) Windows
20 253 (15.29%) Vulnerability Management
21 243 (14.68%) GIAC
22 233 (14.08%) Network Security
23 205 (12.39%) Security Management
24 203 (12.27%) Agile Software Development
25 201 (12.15%) Linux
26 196 (11.84%) Banking
27 195 (11.78%) CEH
28 175 (10.57%) Identity Access Management
29 170 (10.27%) Microsoft

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 53 (3.20%) IIS
2 44 (2.66%) SharePoint
3 23 (1.39%) WebSphere
4 14 (0.85%) Apache
5 9 (0.54%) MS Exchange
6 6 (0.36%) SAS
7 1 (0.060%) Apache Spark
7 1 (0.060%) OpenStack
7 1 (0.060%) WordPress
Applications
1 39 (2.36%) Microsoft Office
2 14 (0.85%) Microsoft Excel
2 14 (0.85%) Microsoft PowerPoint
3 8 (0.48%) Microsoft Project
4 2 (0.12%) Chatbot
4 2 (0.12%) MS Visio
Business Applications
1 32 (1.93%) Dynamics CRM
2 3 (0.18%) assyst
3 2 (0.12%) Payment Gateway
Cloud Services
1 78 (4.71%) Microsoft Azure
2 77 (4.65%) Amazon AWS
3 70 (4.23%) Office 365
4 50 (3.02%) SaaS
5 35 (2.11%) OneDrive
6 28 (1.69%) IaaS
7 20 (1.21%) Mimecast
8 19 (1.15%) PaaS
9 9 (0.54%) Cloudflare
10 8 (0.48%) Azure Active Directory
10 8 (0.48%) G Suite
10 8 (0.48%) Sumo Logic
11 4 (0.24%) Cloud Computing
11 4 (0.24%) Google Cloud Platform
12 1 (0.060%) AWS CloudFormation
Communications & Networking
1 389 (23.50%) Firewall
2 233 (14.08%) Network Security
3 139 (8.40%) TCP/IP
4 92 (5.56%) Intrusion Detection
5 80 (4.83%) Internet
6 51 (3.08%) WAN
7 45 (2.72%) LAN
8 44 (2.66%) VPN
9 26 (1.57%) SSL
10 24 (1.45%) VoIP
11 20 (1.21%) Wireless
12 19 (1.15%) IPsec
13 13 (0.79%) DKIM
13 13 (0.79%) DMARC
14 12 (0.73%) HTTP
15 10 (0.60%) DNS
15 10 (0.60%) SCCP
16 9 (0.54%) Cisco ASA
17 8 (0.48%) SMTP
17 8 (0.48%) SNMP
Database & Business Intelligence
1 29 (1.75%) SQL Server
2 17 (1.03%) MySQL
3 14 (0.85%) Big Data
4 8 (0.48%) Oracle Database
5 5 (0.30%) Blockchain
5 5 (0.30%) NoSQL
6 3 (0.18%) GIS
7 1 (0.060%) Apache Cassandra
7 1 (0.060%) Hadoop
7 1 (0.060%) MongoDB
7 1 (0.060%) PostgreSQL
7 1 (0.060%) RDBMS
7 1 (0.060%) Relational Database
7 1 (0.060%) SQL Server 2008
7 1 (0.060%) SQL Server 2012
7 1 (0.060%) SQL Server 2014
Development Applications
1 16 (0.97%) Metasploit
2 11 (0.66%) AppScan
3 5 (0.30%) Burp Suite
4 2 (0.12%) Jenkins
4 2 (0.12%) Paros
4 2 (0.12%) SonarQube
5 1 (0.060%) Git (software)
5 1 (0.060%) Subversion
General
1 593 (35.83%) Finance
2 196 (11.84%) Banking
3 163 (9.85%) Legal
4 73 (4.41%) Law
5 64 (3.87%) Retail
6 57 (3.44%) Telecoms
7 40 (2.42%) Investment Banking
8 38 (2.30%) Marketing
9 37 (2.24%) Manufacturing
10 35 (2.11%) Retail Banking
11 23 (1.39%) Private Banking
12 20 (1.21%) Electronics
13 12 (0.73%) Front Office
14 9 (0.54%) Advertising
14 9 (0.54%) French Language
15 8 (0.48%) German Language
16 7 (0.42%) Games
16 7 (0.42%) Military
17 6 (0.36%) International Banking
17 6 (0.36%) Pharmaceutical
Job Titles
1 382 (23.08%) Security Manager
2 338 (20.42%) Analyst
3 305 (18.43%) Security Analyst
4 268 (16.19%) Consultant
5 232 (14.02%) Security Consultant
6 218 (13.17%) Information Security Manager
7 209 (12.63%) Information Manager
8 160 (9.67%) Information Analyst
8 160 (9.67%) Information Security Analyst
9 115 (6.95%) Security Engineer
10 113 (6.83%) Architect
10 113 (6.83%) IT Manager
10 113 (6.83%) Security Architect
11 103 (6.22%) Security Officer
12 89 (5.38%) Information Security Officer
13 88 (5.32%) IT Security Manager
14 80 (4.83%) Risk Manager
15 79 (4.77%) Information Officer
16 76 (4.59%) Cybersecurity Manager
17 70 (4.23%) Information Security Consultant
Libraries, Frameworks & Software Standards
1 23 (1.39%) MSMQ
1 23 (1.39%) SailPoint
1 23 (1.39%) Web Services
1 23 (1.39%) WebSphere MQ
2 17 (1.03%) .NET
3 12 (0.73%) OAuth
4 11 (0.66%) Middleware
5 10 (0.60%) RESTful
5 10 (0.60%) SAML
6 9 (0.54%) OpenID
7 8 (0.48%) J2EE
8 7 (0.42%) REST
8 7 (0.42%) SOAP
9 6 (0.36%) HTML
9 6 (0.36%) XML
10 5 (0.30%) CSS
11 4 (0.24%) ASP.NET
11 4 (0.24%) ASP.NET MVC
11 4 (0.24%) JSP
11 4 (0.24%) XSL
Miscellaneous
1 313 (18.91%) Management Information System
2 150 (9.06%) Computer Science
3 143 (8.64%) Analytical Skills
4 128 (7.73%) Data Protection Act
5 86 (5.20%) Cyberthreat
6 62 (3.75%) PKI
7 56 (3.38%) Security Operations Centre
8 49 (2.96%) Data Centre
9 41 (2.48%) CESG
9 41 (2.48%) Cyberattack
10 38 (2.30%) Distributed Denial-of-Service
11 22 (1.33%) Fintech
12 20 (1.21%) Greenfield Project
13 16 (0.97%) NHS
14 14 (0.85%) Public Cloud
15 13 (0.79%) Cyber Defence
16 11 (0.66%) Smart Meter
17 10 (0.60%) BYOD
17 10 (0.60%) Enterprise Software
17 10 (0.60%) Mainframe
Operating Systems
1 258 (15.59%) Windows
2 201 (12.15%) Linux
3 140 (8.46%) Unix
4 115 (6.95%) Windows Server
5 50 (3.02%) Apple iOS
6 26 (1.57%) Mac OS X
7 21 (1.27%) Android
8 16 (0.97%) VMS
9 14 (0.85%) Kali Linux
10 8 (0.48%) FreeBSD
11 6 (0.36%) Solaris
12 4 (0.24%) AIX
13 1 (0.060%) Windows 10
13 1 (0.060%) Windows 7
13 1 (0.060%) Windows Server 2008
13 1 (0.060%) Windows Server 2012
Processes & Methodologies
1 1,287 (77.76%) Information Security
2 668 (40.36%) Cybersecurity
3 444 (26.83%) SIEM
4 385 (23.26%) Risk Management
5 374 (22.60%) Data Protection
6 325 (19.64%) Security Operations
7 315 (19.03%) Penetration Testing
8 283 (17.10%) ITIL
9 265 (16.01%) Security Architecture
10 253 (15.29%) Vulnerability Management
11 205 (12.39%) Security Management
12 203 (12.27%) Agile Software Development
13 175 (10.57%) Identity Access Management
14 163 (9.85%) Data Loss Prevention
14 163 (9.85%) Stakeholder Management
15 162 (9.79%) Information Security Management
16 154 (9.31%) Risk Assessment
17 146 (8.82%) Project Management
18 144 (8.70%) Vulnerability Scanning
19 139 (8.40%) Incident Management
Programming Languages
1 53 (3.20%) Python
2 47 (2.84%) Perl
2 47 (2.84%) PowerShell
3 45 (2.72%) SQL
4 44 (2.66%) Bash Shell
5 43 (2.60%) C#
6 36 (2.18%) Ruby
7 34 (2.05%) Bourne shell
7 34 (2.05%) Korn
8 28 (1.69%) Java
9 20 (1.21%) C
10 12 (0.73%) C++
11 9 (0.54%) PHP
12 7 (0.42%) JavaScript
13 6 (0.36%) VB.NET
14 4 (0.24%) Objective-C
14 4 (0.24%) VB
15 3 (0.18%) Shell Script
16 1 (0.060%) Go
Qualifications
1 1,607 (97.10%) CISSP
2 768 (46.40%) CISA
3 348 (21.03%) Degree
4 265 (16.01%) CRISC
5 243 (14.68%) GIAC
6 195 (11.78%) CEH
7 169 (10.21%) SANS
8 128 (7.73%) SSCP
9 121 (7.31%) Cisco Certification
10 91 (5.50%) Security Cleared
11 81 (4.89%) Computer Science Degree
12 75 (4.53%) CESG Certified Professional
13 68 (4.11%) SC Cleared
14 64 (3.87%) CompTIA Security+
15 61 (3.69%) CCNA
16 48 (2.90%) CSSLP
17 47 (2.84%) CISMP
18 45 (2.72%) CCNP
19 42 (2.54%) ISO 27001 Lead Auditor
20 35 (2.11%) (ISC)2 CCSP
Quality Assurance & Compliance
1 811 (49.00%) ISO/IEC 27001
2 323 (19.52%) PCI DSS
3 322 (19.46%) GDPR
4 140 (8.46%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 138 (8.34%) COBIT
6 103 (6.22%) Cyber Essentials
7 39 (2.36%) ISO 22301
8 37 (2.24%) Sarbanes-Oxley
9 29 (1.75%) ISO/IEC 27005
10 28 (1.69%) PMO
11 27 (1.63%) ISO 31000
12 24 (1.45%) HMG Security Policy Framework
13 21 (1.27%) NIST 800
14 15 (0.91%) ISO 9001
15 14 (0.85%) QA
16 13 (0.79%) COSO
17 11 (0.66%) HIPAA
17 11 (0.66%) RMADS
18 10 (0.60%) Cyber Essentials PLUS
19 9 (0.54%) Data Quality
System Software
1 167 (10.09%) Active Directory
2 16 (0.97%) Hyper-V
3 15 (0.91%) VMware Infrastructure
4 14 (0.85%) vSphere
5 6 (0.36%) Firmware
6 4 (0.24%) XenApp
7 2 (0.12%) Snort
8 1 (0.060%) VMware ESXi
8 1 (0.060%) VMware NSX
Systems Management
1 51 (3.08%) Nessus
2 27 (1.63%) CSIRT
2 27 (1.63%) QRadar
3 26 (1.57%) SCCM
4 25 (1.51%) McAfee ePO
5 18 (1.09%) Host Intrusion Detection System
5 18 (1.09%) OpenVAS
6 15 (0.91%) RSA Security Analytics
7 13 (0.79%) Core Impact
8 11 (0.66%) FTK
9 8 (0.48%) Juniper STRM
9 8 (0.48%) Norton AntiVirus
9 8 (0.48%) RSA enVision
10 7 (0.42%) Nexpose
10 7 (0.42%) PowerBroker
10 7 (0.42%) WSUS
11 6 (0.36%) Nmap
11 6 (0.36%) RSA Archer
12 5 (0.30%) Nagios
13 4 (0.24%) HP Fortify
Vendors
1 170 (10.27%) Microsoft
2 84 (5.08%) Cisco
3 76 (4.59%) Splunk
4 59 (3.56%) Symantec
5 47 (2.84%) McAfee
6 45 (2.72%) CyberArk
7 40 (2.42%) CheckPoint
8 37 (2.24%) Apple
9 35 (2.11%) LogRhythm
9 35 (2.11%) Qualys
10 33 (1.99%) Forcepoint
10 33 (1.99%) Palo Alto
11 26 (1.57%) Sophos
12 23 (1.39%) IBM
12 23 (1.39%) VMware
13 22 (1.33%) Varonis
14 21 (1.27%) Oracle
15 20 (1.21%) ArcSight
15 20 (1.21%) SAP
16 18 (1.09%) Sun