CISM jobs, average salaries and co-occurring skill trends

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 21 October 2019 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM) UK
Location	6 months to 21 Oct 2019	Same period 2018	Same period 2017
Rank	344	348	328
Rank change year-on-year	+4	-20	+1
Permanent jobs citing CISM	1,272	1,538	1,799
As % of all permanent IT jobs advertised in the UK	0.93%	0.94%	1.03%
As % of the Qualifications category	4.03%	3.96%	4.23%
Number of salaries quoted	1,011	1,122	1,405
UK median annual salary	£65,000	£65,000	£64,000
Median salary % change year-on-year	-	+1.56%	-1.54%
10th Percentile	£42,500	£42,500	£42,500
90th Percentile	£95,000	£95,000	£91,250
UK excluding London median annual salary	£60,000	£60,000	£55,000
% change year-on-year	-	+9.09%	-8.33%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications UK
Permanent vacancies requiring academic qualifications or professional certifications	31,584	38,793	42,519
As % of all permanent IT jobs advertised in the UK	23.06%	23.72%	24.40%
Number of salaries quoted	23,072	28,759	32,642
UK median annual salary	£50,000	£50,000	£47,000
Median salary % change year-on-year	-	+6.38%	+4.44%
10th Percentile	£27,000	£26,250	£26,000
90th Percentile	£82,500	£80,000	£77,500
UK excluding London median annual salary	£45,000	£45,000	£42,500
% change year-on-year	-	+5.88%	-

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 21 October 2019.

CISM
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 21 October 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	+15	1,189	£65,000	-	136
UK excluding London	+3	715	£60,000	-	83
London	+13	520	£75,942	+1.26%	60
South East	-31	205	£65,000	+8.33%	17
North of England	+4	160	£56,611	+5.32%	23
Midlands	+71	159	£51,750	-10.00%	19
West Midlands	+40	113	£52,500	-7.89%	13
North West	+46	85	£56,611	+13.22%	11
South West	+35	74	£58,500	+6.36%	12
Yorkshire	0	67	£58,500	+11.43%	10
East of England	-27	67	£65,000	-7.14%	5
East Midlands	+67	46	£47,500	-28.84%	6
Scotland	+22	41	£58,500	+17.00%	4
Wales	+5	8	£39,000	+1.80%	3
North East	+7	6	£49,750	-19.01%	2
Northern Ireland	-	1	£65,000	-

CISM
Top 30 Co-occurring IT Skills

For the 6 months to 21 October 2019, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1	1,223 (96.15%)	CISSP
2	884 (69.50%)	Information Security
3	678 (53.30%)	ISO/IEC 27001
4	665 (52.28%)	Cybersecurity
5	474 (37.26%)	CISA
6	370 (29.09%)	Degree
7	327 (25.71%)	Risk Management
8	309 (24.29%)	NIST
9	294 (23.11%)	Finance
10	276 (21.70%)	Security Architecture
11	273 (21.46%)	SIEM
12	266 (20.91%)	PCI DSS
13	258 (20.28%)	Management Information System
14	239 (18.79%)	GDPR
15	190 (14.94%)	ITIL

16	188 (14.78%)	Agile Software Development
17	181 (14.23%)	Security Operations
18	171 (13.44%)	CRISC
19	168 (13.21%)	Vulnerability Management
20	166 (13.05%)	Firewall
21	165 (12.97%)	Security Management
22	154 (12.11%)	Data Protection
23	150 (11.79%)	Penetration Testing
24	145 (11.40%)	Stakeholder Management
25	138 (10.85%)	TOGAF
26	131 (10.30%)	CEH
27	130 (10.22%)	Azure
28	124 (9.75%)	Retail
29	122 (9.59%)	SABSA
30	118 (9.28%)	CESG Certified Professional

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	52 (4.09%)	IIS
2	11 (0.86%)	SharePoint
3	2 (0.16%)	BizTalk Server
4	1 (0.079%)	CMS
4	1 (0.079%)	Elasticsearch
4	1 (0.079%)	MS Exchange
4	1 (0.079%)	Skype for Business

Applications
1	39 (3.07%)	Microsoft Excel
2	31 (2.44%)	Microsoft PowerPoint
3	5 (0.39%)	Microsoft Office

Business Applications
1	8 (0.63%)	Sparx Enterprise Architect

Cloud Services
1	130 (10.22%)	Azure
2	112 (8.81%)	AWS
3	49 (3.85%)	GCP
4	43 (3.38%)	Cloud Computing
5	42 (3.30%)	Office 365
6	22 (1.73%)	PaaS
6	22 (1.73%)	SaaS
7	20 (1.57%)	IaaS
8	11 (0.86%)	Azure Active Directory
9	8 (0.63%)	Power Platform
10	4 (0.31%)	Microsoft Flow
11	3 (0.24%)	Mimecast
12	2 (0.16%)	Serverless
13	1 (0.079%)	Dynamics 365
13	1 (0.079%)	IBM Cloud

Communications & Networking
1	166 (13.05%)	Firewall
2	107 (8.41%)	Network Security
3	36 (2.83%)	LAN
4	31 (2.44%)	HTTP
4	31 (2.44%)	WAN
5	26 (2.04%)	Internet
6	21 (1.65%)	VPN
7	15 (1.18%)	TCP/IP
8	13 (1.02%)	Intrusion Detection
9	8 (0.63%)	DNS
10	7 (0.55%)	SAN
11	5 (0.39%)	PPP
12	4 (0.31%)	Kerberos
12	4 (0.31%)	SSL
12	4 (0.31%)	Wireless
13	3 (0.24%)	SMTP
14	2 (0.16%)	Broadband
14	2 (0.16%)	Cisco IPT
14	2 (0.16%)	WLAN
15	1 (0.079%)	VLAN

Database & Business Intelligence
1	23 (1.81%)	Big Data
2	5 (0.39%)	Power BI
3	4 (0.31%)	Geospatial Data
4	3 (0.24%)	GIS
5	1 (0.079%)	EDRMS
5	1 (0.079%)	SAP HANA
5	1 (0.079%)	SQL Server

Development Applications
1	3 (0.24%)	Jenkins
2	2 (0.16%)	AppScan
2	2 (0.16%)	JIRA
2	2 (0.16%)	SonarQube
2	2 (0.16%)	Visual Studio

General
1	294 (23.11%)	Finance
2	124 (9.75%)	Retail
3	99 (7.78%)	Public Sector
4	89 (7.00%)	Banking
5	72 (5.66%)	Legal
6	47 (3.69%)	Law
7	23 (1.81%)	Marketing
8	19 (1.49%)	Aerospace
9	18 (1.42%)	Telecoms
10	15 (1.18%)	Manufacturing
11	14 (1.10%)	Games
12	12 (0.94%)	Investment Banking
13	10 (0.79%)	Financial Institution
14	9 (0.71%)	Multimedia
15	8 (0.63%)	Billing
15	8 (0.63%)	Military
16	6 (0.47%)	Electronics
17	3 (0.24%)	Advertising
17	3 (0.24%)	Pharmaceutical
18	2 (0.16%)	Local Government

Job Titles
1	259 (20.36%)	Security Manager
2	184 (14.47%)	Analyst
2	184 (14.47%)	Consultant
3	177 (13.92%)	Security Analyst
4	163 (12.81%)	Security Consultant
5	147 (11.56%)	Architect
6	143 (11.24%)	Information Analyst
6	143 (11.24%)	Information Security Analyst
6	143 (11.24%)	Security Architect
7	140 (11.01%)	Information Manager
8	139 (10.93%)	Information Security Manager
9	90 (7.08%)	Security Officer
10	74 (5.82%)	Security Specialist
11	64 (5.03%)	Information Security Officer
12	61 (4.80%)	Security Engineer
13	60 (4.72%)	Head of Security
14	58 (4.56%)	Information Officer
15	54 (4.25%)	Cybersecurity Consultant
16	52 (4.09%)	Information Security Consultant
17	47 (3.69%)	Cybersecurity Manager

Libraries, Frameworks & Software Standards
1	44 (3.46%)	SailPoint
2	7 (0.55%)	Web Services
3	6 (0.47%)	SAML
4	3 (0.24%)	.NET
5	2 (0.16%)	D3.js
5	2 (0.16%)	LDAP
5	2 (0.16%)	OAuth
6	1 (0.079%)	.NET Framework
6	1 (0.079%)	CSS
6	1 (0.079%)	HTML
6	1 (0.079%)	Middleware
6	1 (0.079%)	OpenID
6	1 (0.079%)	Regular Expression

Miscellaneous
1	258 (20.28%)	Management Information System
2	82 (6.45%)	Analytical Skills
3	59 (4.64%)	Cyberthreat
4	45 (3.54%)	Security Operations Centre
5	40 (3.14%)	Data Protection Act
6	33 (2.59%)	Self-Motivation
7	30 (2.36%)	Data Centre
8	29 (2.28%)	CESG
9	24 (1.89%)	BYOD
9	24 (1.89%)	Cyberattack
10	19 (1.49%)	PMI
11	18 (1.42%)	Cyber Defence
12	17 (1.34%)	Distributed Denial-of-Service
12	17 (1.34%)	PKI
12	17 (1.34%)	Social Media
13	9 (0.71%)	Mobile Computing
14	8 (0.63%)	Cloud Native
14	8 (0.63%)	Hybrid Cloud
14	8 (0.63%)	Learning Management System
14	8 (0.63%)	Online Games

Operating Systems
1	78 (6.13%)	Linux
2	74 (5.82%)	Windows
3	26 (2.04%)	Windows Server
4	9 (0.71%)	Unix
5	2 (0.16%)	Android
5	2 (0.16%)	Apple iOS
5	2 (0.16%)	Solaris
6	1 (0.079%)	Mac OS
6	1 (0.079%)	Mac OS X
6	1 (0.079%)	Windows Server 2008

Processes & Methodologies
1	884 (69.50%)	Information Security
2	665 (52.28%)	Cybersecurity
3	327 (25.71%)	Risk Management
4	276 (21.70%)	Security Architecture
5	273 (21.46%)	SIEM
6	190 (14.94%)	ITIL
7	188 (14.78%)	Agile Software Development
8	181 (14.23%)	Security Operations
9	168 (13.21%)	Vulnerability Management
10	165 (12.97%)	Security Management
11	154 (12.11%)	Data Protection
12	150 (11.79%)	Penetration Testing
13	145 (11.40%)	Stakeholder Management
14	138 (10.85%)	TOGAF
15	122 (9.59%)	SABSA
16	116 (9.12%)	Identity Access Management
17	111 (8.73%)	Information Assurance
18	103 (8.10%)	ISMS
19	100 (7.86%)	Risk Assessment
20	95 (7.47%)	OWASP

Programming Languages
1	51 (4.01%)	Python
2	33 (2.59%)	Java
3	32 (2.52%)	C++
4	15 (1.18%)	PowerShell
5	14 (1.10%)	C
6	10 (0.79%)	Perl
6	10 (0.79%)	SQL
7	7 (0.55%)	PHP
8	5 (0.39%)	Bash Shell
8	5 (0.39%)	Bourne shell
8	5 (0.39%)	C#
8	5 (0.39%)	JavaScript
8	5 (0.39%)	Korn
8	5 (0.39%)	Ruby
9	4 (0.31%)	Shell Script
10	3 (0.24%)	Go
11	2 (0.16%)	Scala
12	1 (0.079%)	Objective-C

Qualifications
1	1,223 (96.15%)	CISSP
2	474 (37.26%)	CISA
3	370 (29.09%)	Degree
4	171 (13.44%)	CRISC
5	131 (10.30%)	CEH
6	118 (9.28%)	CESG Certified Professional
7	115 (9.04%)	Security Cleared
8	111 (8.73%)	Cisco Certification
9	95 (7.47%)	GIAC
10	83 (6.53%)	(ISC)2 CCSP
11	81 (6.37%)	SC Cleared
12	70 (5.50%)	SANS
13	52 (4.09%)	IISP
13	52 (4.09%)	SSCP
14	50 (3.93%)	ISO 27001 Lead Auditor
15	41 (3.22%)	CREST Certified
16	36 (2.83%)	CISMP
17	34 (2.67%)	ISO 27001 Lead Implementer
18	32 (2.52%)	CompTIA Security+
19	30 (2.36%)	CCSP

Quality Assurance & Compliance
1	678 (53.30%)	ISO/IEC 27001
2	309 (24.29%)	NIST
3	266 (20.91%)	PCI DSS
4	239 (18.79%)	GDPR
5	104 (8.18%)	COBIT
6	84 (6.60%)	Cyber Essentials
7	82 (6.45%)	NCSC
8	71 (5.58%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
9	45 (3.54%)	Sarbanes-Oxley
10	34 (2.67%)	HMG Security Policy Framework
11	32 (2.52%)	NIST 800
12	25 (1.97%)	RMADS
13	20 (1.57%)	Cyber Essentials PLUS
14	18 (1.42%)	ISAE 3402
14	18 (1.42%)	ISO/IEC 27005
15	17 (1.34%)	ISO 9001
16	15 (1.18%)	SLA
17	13 (1.02%)	COSO
18	12 (0.94%)	ISO 22301
19	10 (0.79%)	ISO 31000

System Software
1	34 (2.67%)	Active Directory
2	10 (0.79%)	VMware Infrastructure
3	8 (0.63%)	Docker
4	6 (0.47%)	Hyper-V
5	4 (0.31%)	Virtual Machines
6	2 (0.16%)	ISA Server
7	1 (0.079%)	ProxySG

Systems Management
1	49 (3.85%)	Nessus
2	28 (2.20%)	McAfee ePO
3	24 (1.89%)	SCCM
4	8 (0.63%)	Single Sign-On
5	7 (0.55%)	Kubernetes
6	4 (0.31%)	CASB
7	3 (0.24%)	Computer Emergency Response Teams
7	3 (0.24%)	QRadar
7	3 (0.24%)	Terraform
8	2 (0.16%)	IBM Guardium
8	2 (0.16%)	Microsoft Intune
8	2 (0.16%)	Trend Micro Deep Security
9	1 (0.079%)	Host Intrusion Detection System

Vendors
1	94 (7.39%)	Microsoft
2	50 (3.93%)	Splunk
3	42 (3.30%)	Cisco
4	40 (3.14%)	McAfee
5	35 (2.75%)	Google
6	33 (2.59%)	Palo Alto
7	25 (1.97%)	LogRhythm
7	25 (1.97%)	SolarWinds
8	23 (1.81%)	Aveksa
9	22 (1.73%)	Qualys
10	21 (1.65%)	Forcepoint
11	20 (1.57%)	Symantec
12	18 (1.42%)	CA
13	17 (1.34%)	CA Agile Central
14	16 (1.26%)	ServiceNow
15	15 (1.18%)	Progress
16	12 (0.94%)	CyberArk
16	12 (0.94%)	VMware
17	11 (0.86%)	CheckPoint
18	10 (0.79%)	Oracle

145 CISM job vacancies Nationwide

CISMJob Vacancy Trend

CISMSalary Trend

CISMSalary Histogram

CISMTop 16 Job Locations

CISMTop 30 Co-occurring IT Skills