Period
to 16 April 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 16 April 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
16 Apr 2021
Same period 2020 Same period 2019
Rank 394 319 358
Rank change year-on-year -75 +39 -28
Permanent jobs citing CISM 589 1,062 1,326
As % of all permanent jobs advertised in the UK 0.70% 0.95% 0.89%
As % of the Qualifications category 3.37% 4.43% 3.62%
Number of salaries quoted 467 842 961
10th Percentile £42,500 £43,750 £42,500
25th Percentile £52,500 £52,500 £51,250
Median annual salary (50th Percentile) £65,000 £63,500 £65,000
Median % change year-on-year +2.36% -2.31% -
75th Percentile £77,500 £78,750 £82,500
90th Percentile £85,000 £92,500 £99,500
UK excluding London median annual salary £60,000 £60,000 £60,000

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 17,489 23,993 36,632
As % of all permanent IT jobs advertised in the UK 20.83% 21.45% 24.64%
Number of salaries quoted 11,833 18,059 26,753
10th Percentile £31,250 £28,000 £26,400
25th Percentile £41,250 £36,250 £35,000
Median annual salary (50th Percentile) £55,000 £51,500 £50,000
Median % change year-on-year +6.80% +3.00% +5.26%
75th Percentile £72,500 £67,500 £66,250
90th Percentile £86,250 £83,750 £81,250
UK excluding London median annual salary £50,000 £47,250 £45,000
% change year-on-year +5.82% +5.00% +3.45%

CISM
Job Vacancy Trend

Job postings citing CISM as a proportion of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

3-month moving average salary quoted in jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

Salary distribution for jobs citing CISM over the 6 months to 16 April 2021.

Salary histogram for CISM in the UK

CISM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 16 April 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -49 548 £65,000 +2.36% 75
London -11 282 £70,000 +3.70% 30
UK excluding London -84 273 £60,000 - 50
Work from Home -88 101 £65,000 +1.96% 16
South East -16 96 £62,500 -0.79% 14
North of England -4 76 £55,000 -2.84% 10
Midlands -29 40 £68,500 +14.17% 9
North West +11 36 £45,000 -18.18% 8
West Midlands -50 34 £66,250 +18.30% 8
North East +37 25 £55,000 - 1
South West -36 22 £52,500 -8.70% 7
East of England +53 20 £77,500 +19.23% 5
Scotland -16 18 £65,000 +11.11% 5
Yorkshire -34 18 £60,000 +4.35% 1
East Midlands +5 5 £80,000 +23.08% 1
Wales +30 4 £44,500 -20.89%
Northern Ireland 0 1 £60,000 +20.00%

For the 6 months to 16 April 2021, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 542 (92.02%) CISSP
2 381 (64.69%) Information Security
3 304 (51.61%) Cybersecurity
4 242 (41.09%) ISO/IEC 27001
5 235 (39.90%) CISA
6 166 (28.18%) Risk Management
7 164 (27.84%) Management Information System
8 162 (27.50%) Azure
9 141 (23.94%) NIST
10 122 (20.71%) Security Architecture
11 121 (20.54%) Finance
12 115 (19.52%) SIEM
13 112 (19.02%) GDPR
14 106 (18.00%) Microsoft
15 101 (17.15%) Firewall
16 94 (15.96%) Security Management
17 84 (14.26%) CRISC
18 83 (14.09%) CEH
19 82 (13.92%) Degree
19 82 (13.92%) Security Operations
20 75 (12.73%) Analytical Skills
21 74 (12.56%) ITIL
22 73 (12.39%) Cisco Certification
22 73 (12.39%) Vulnerability Management
22 73 (12.39%) Identity Access Management
23 70 (11.88%) AWS
24 66 (11.21%) Microsoft 365
25 65 (11.04%) Cyber Essentials
26 63 (10.70%) PCI DSS
27 59 (10.02%) (ISC)2 CCSP

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 18 (3.06%) IIS
2 5 (0.85%) SharePoint
3 2 (0.34%) Confluence
4 1 (0.17%) MS Exchange
Applications
1 15 (2.55%) Microsoft Excel
2 14 (2.38%) MS Visio
3 10 (1.70%) Microsoft PowerPoint
4 2 (0.34%) Microsoft Office
Business Applications
1 6 (1.02%) Sentinel
2 2 (0.34%) Relativity
3 1 (0.17%) Distributed Ledger
Cloud Services
1 162 (27.50%) Azure
2 70 (11.88%) AWS
3 66 (11.21%) Microsoft 365
4 46 (7.81%) SaaS
5 40 (6.79%) IaaS
6 36 (6.11%) PaaS
7 35 (5.94%) Cloud Computing
8 22 (3.74%) Azure Active Directory
9 17 (2.89%) BPaaS
10 13 (2.21%) GCP
11 9 (1.53%) Mimecast
12 6 (1.02%) Serverless
13 3 (0.51%) IBM Cloud
13 3 (0.51%) Power Platform
13 3 (0.51%) PowerApps
14 2 (0.34%) Amazon EC2
14 2 (0.34%) Amazon S3
14 2 (0.34%) Dynamics 365
15 1 (0.17%) AWS CloudFormation
15 1 (0.17%) AWS IoT
Communications & Networking
1 101 (17.15%) Firewall
2 45 (7.64%) Network Security
3 42 (7.13%) Intrusion Detection
4 27 (4.58%) TCP/IP
4 27 (4.58%) VPN
5 20 (3.40%) DNS
6 17 (2.89%) WAAS
7 13 (2.21%) SAN
8 12 (2.04%) DHCP
9 10 (1.70%) Unified Communications
10 8 (1.36%) Internet
10 8 (1.36%) LAN
10 8 (1.36%) SMTP
11 6 (1.02%) F5 BIG-IP GTM
12 5 (0.85%) Cisco ASA
12 5 (0.85%) F5 BIG-IP LTM
12 5 (0.85%) HTTP
12 5 (0.85%) MPLS
12 5 (0.85%) WAN
13 4 (0.68%) NAS
Database & Business Intelligence
1 9 (1.53%) Big Data
2 7 (1.19%) SQL Server
3 5 (0.85%) Azure SQL Database
3 5 (0.85%) Data Warehouse
4 3 (0.51%) Blockchain
4 3 (0.51%) Oracle Database
4 3 (0.51%) Oracle Database 11g
5 2 (0.34%) DB2
5 2 (0.34%) GIS
5 2 (0.34%) SQL Server 2012
5 2 (0.34%) SQL Server 2014
6 1 (0.17%) Amazon RDS
Development Applications
1 2 (0.34%) JIRA
2 1 (0.17%) Burp Suite
2 1 (0.17%) Metasploit
2 1 (0.17%) SonarQube
2 1 (0.17%) TeamCity
General
1 121 (20.54%) Finance
2 39 (6.62%) Legal
3 33 (5.60%) Banking
4 19 (3.23%) Public Sector
5 18 (3.06%) Law
6 14 (2.38%) Aerospace
7 11 (1.87%) Manufacturing
7 11 (1.87%) Retail
8 10 (1.70%) Telecoms
9 9 (1.53%) Military
10 6 (1.02%) International Banking
11 5 (0.85%) Marketing
12 3 (0.51%) Financial Institution
13 2 (0.34%) Advertising
13 2 (0.34%) Electronics
13 2 (0.34%) Japanese Language
13 2 (0.34%) Retail Banking
14 1 (0.17%) Automotive
14 1 (0.17%) Pharmaceutical
14 1 (0.17%) Police
Job Titles
1 106 (18.00%) Analyst
2 102 (17.32%) Security Manager
3 87 (14.77%) Security Analyst
4 73 (12.39%) Security Engineer
5 72 (12.22%) Architect
6 69 (11.71%) Consultant
7 60 (10.19%) Security Architect
8 49 (8.32%) Security Consultant
9 46 (7.81%) Security Specialist
10 44 (7.47%) Information Manager
11 43 (7.30%) IT Analyst
12 42 (7.13%) IT Security Analyst
13 41 (6.96%) Information Security Manager
14 38 (6.45%) Security Officer
15 36 (6.11%) IT Manager
16 30 (5.09%) Cybersecurity Engineer
17 29 (4.92%) Information Analyst
17 29 (4.92%) Information Security Analyst
17 29 (4.92%) Information Security Specialist
17 29 (4.92%) Information Specialist
Libraries, Frameworks & Software Standards
1 17 (2.89%) Web Services
2 16 (2.72%) OAuth
3 15 (2.55%) Middleware
4 10 (1.70%) .NET
5 7 (1.19%) .NET Framework
6 5 (0.85%) .NET Core
6 5 (0.85%) RESTful
6 5 (0.85%) SAML
6 5 (0.85%) SOAP
6 5 (0.85%) XML
7 4 (0.68%) Regular Expression
8 3 (0.51%) ASP.NET
8 3 (0.51%) J2EE
8 3 (0.51%) LDAP
9 1 (0.17%) REST
9 1 (0.17%) SailPoint
Miscellaneous
1 164 (27.84%) Management Information System
2 75 (12.73%) Analytical Skills
3 38 (6.45%) Cyberthreat
4 19 (3.23%) Data Centre
5 17 (2.89%) Enterprise Software
6 15 (2.55%) Self-Motivation
7 12 (2.04%) Public Cloud
8 10 (1.70%) Hybrid Cloud
9 7 (1.19%) Cyber Kill Chain
9 7 (1.19%) Security Operations Centre
10 6 (1.02%) BYOD
10 6 (1.02%) Cloud Native
10 6 (1.02%) Cyberattack
10 6 (1.02%) Data Protection Act
11 5 (0.85%) Greenfield Project
11 5 (0.85%) SCADA
12 4 (0.68%) Analytical Mindset
12 4 (0.68%) Distributed Denial-of-Service
12 4 (0.68%) Life Science
13 3 (0.51%) FMCG
Operating Systems
1 42 (7.13%) Windows
2 24 (4.07%) Windows Server
3 23 (3.90%) Linux
4 11 (1.87%) Unix
5 5 (0.85%) Red Hat Enterprise Linux
5 5 (0.85%) SUSE
5 5 (0.85%) Windows 10
6 4 (0.68%) Windows Server 2012
7 3 (0.51%) Mac OS
7 3 (0.51%) Windows Server 2008
8 2 (0.34%) AIX
8 2 (0.34%) Windows Server 2016
9 1 (0.17%) Android
9 1 (0.17%) Apple iOS
9 1 (0.17%) Check Point GAiA
9 1 (0.17%) Kali Linux
9 1 (0.17%) Windows 7
9 1 (0.17%) Windows 8
9 1 (0.17%) Windows Server 2019
Processes & Methodologies
1 381 (64.69%) Information Security
2 304 (51.61%) Cybersecurity
3 166 (28.18%) Risk Management
4 122 (20.71%) Security Architecture
5 115 (19.52%) SIEM
6 94 (15.96%) Security Management
7 82 (13.92%) Security Operations
8 74 (12.56%) ITIL
9 73 (12.39%) Identity Access Management
9 73 (12.39%) Vulnerability Management
10 53 (9.00%) Data Protection
10 53 (9.00%) Disaster Recovery
10 53 (9.00%) Incident Management
10 53 (9.00%) Problem-Solving
11 46 (7.81%) Penetration Testing
12 45 (7.64%) Agile Software Development
12 45 (7.64%) Stakeholder Management
13 43 (7.30%) Information Security Management
13 43 (7.30%) Risk Assessment
14 40 (6.79%) Vulnerability Assessment
Programming Languages
1 18 (3.06%) C
2 15 (2.55%) SQL
3 8 (1.36%) PowerShell
4 5 (0.85%) Java
4 5 (0.85%) VBA
Qualifications
1 542 (92.02%) CISSP
2 235 (39.90%) CISA
3 84 (14.26%) CRISC
4 83 (14.09%) CEH
5 82 (13.92%) Degree
6 73 (12.39%) Cisco Certification
7 59 (10.02%) (ISC)2 CCSP
8 56 (9.51%) Security Cleared
9 51 (8.66%) CESG Certified Professional
10 46 (7.81%) SSCP
11 41 (6.96%) SANS
12 38 (6.45%) SC Cleared
13 36 (6.11%) CompTIA Security+
14 33 (5.60%) CSSLP
14 33 (5.60%) ISO 27001 Lead Auditor
15 26 (4.41%) GIAC
16 22 (3.74%) CCSP
17 19 (3.23%) CISMP
18 16 (2.72%) OSCP
18 16 (2.72%) PCI QSA
Quality Assurance & Compliance
1 242 (41.09%) ISO/IEC 27001
2 141 (23.94%) NIST
3 112 (19.02%) GDPR
4 65 (11.04%) Cyber Essentials
5 63 (10.70%) PCI DSS
6 51 (8.66%) NCSC
7 50 (8.49%) COBIT
8 49 (8.32%) GRC
9 22 (3.74%) RMADS
10 17 (2.89%) 21 CFR Part 11
10 17 (2.89%) HIPAA
10 17 (2.89%) HMG Security Policy Framework
10 17 (2.89%) ITGC
11 16 (2.72%) ISO/IEC 27005
12 15 (2.55%) JSP 440
12 15 (2.55%) NIST 800
13 14 (2.38%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
14 12 (2.04%) Cyber Essentials PLUS
15 8 (1.36%) Sarbanes-Oxley
16 7 (1.19%) PA-DSS
System Software
1 57 (9.68%) Active Directory
2 5 (0.85%) Virtual Desktop
2 5 (0.85%) Virtual Machines
3 4 (0.68%) VMware Infrastructure
4 3 (0.51%) Hyper-V
5 1 (0.17%) pfSense
5 1 (0.17%) Terminal Server
5 1 (0.17%) VMware ESXi
5 1 (0.17%) XenApp
5 1 (0.17%) XenDesktop
Systems Management
1 15 (2.55%) QRadar
2 12 (2.04%) Nessus
3 5 (0.85%) Kubernetes
3 5 (0.85%) Puppet
3 5 (0.85%) RSA Archer
3 5 (0.85%) SCCM
3 5 (0.85%) Single Sign-On
4 4 (0.68%) CSIRT
4 4 (0.68%) EMC NetWorker
4 4 (0.68%) Microsoft Intune
5 3 (0.51%) Data Guard
5 3 (0.51%) SCOM
5 3 (0.51%) Terraform
6 2 (0.34%) CASB
7 1 (0.17%) Failover Clustering
7 1 (0.17%) Nmap
Vendors
1 106 (18.00%) Microsoft
2 24 (4.07%) CheckPoint
2 24 (4.07%) Palo Alto
3 17 (2.89%) Cisco
3 17 (2.89%) Splunk
4 15 (2.55%) Google
4 15 (2.55%) Oracle
5 12 (2.04%) AlienVault
5 12 (2.04%) Symantec
6 10 (1.70%) ServiceNow
6 10 (1.70%) VMware
7 8 (1.36%) Forcepoint
8 7 (1.19%) Barracuda Networks
9 6 (1.02%) Apple
9 6 (1.02%) ArcSight
9 6 (1.02%) McAfee
10 5 (0.85%) F5
10 5 (0.85%) LogRhythm
10 5 (0.85%) Veeam
10 5 (0.85%) Zscaler