Period
to 21 January 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 21 January 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
21 Jan 2021
Same period 2020 Same period 2019
Rank 347 323 349
Rank change year-on-year -24 +26 -13
Permanent jobs citing CISM 524 1,234 1,334
As % of all permanent jobs advertised in the UK 0.82% 0.98% 0.88%
As % of the Qualifications category 4.06% 4.46% 3.66%
Number of salaries quoted 447 1,043 1,043
Median annual salary £65,000 £63,500 £65,000
Median salary % change year-on-year +2.36% -2.31% -
10th Percentile £42,200 £42,500 £42,500
90th Percentile £88,750 £93,750 £96,250
UK excluding London median annual salary £60,000 £60,000 £60,000

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 12,902 27,674 36,426
As % of all permanent IT jobs advertised in the UK 20.24% 21.92% 24.16%
Number of salaries quoted 9,424 20,869 27,024
Median annual salary £55,000 £50,000 £50,000
Median salary % change year-on-year +10.00% - +5.26%
10th Percentile £31,250 £27,500 £26,250
90th Percentile £85,000 £82,500 £81,250
UK excluding London median annual salary £49,127 £45,000 £45,000
% change year-on-year +9.17% - +5.88%

CISM
Job Vacancy Trend

Job postings citing CISM as a proportion of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

3-month moving average salary quoted in jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

Salary distribution for jobs citing CISM over the 6 months to 21 January 2021.

Salary histogram for CISM in the UK

CISM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 21 January 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -39 487 £65,000 +1.56% 78
London +59 261 £65,000 -7.14% 30
UK excluding London -69 248 £60,000 - 54
North of England +33 80 £55,000 -1.79% 16
South East +34 78 £60,000 -7.69% 18
Work from Home -76 54 £65,000 +4.00% 11
North West +64 48 £48,750 -13.89% 11
Midlands -34 35 £67,500 +27.49% 7
West Midlands -36 25 £65,000 +22.77% 6
Scotland +28 24 £47,900 -12.91% 6
Yorkshire -8 20 £62,500 +11.61%
South West +4 17 £65,000 +11.11% 5
North East +31 15 £57,500 +43.75% 5
East of England +84 10 £65,000 +6.12% 2
East Midlands +41 10 £68,750 +25.00% 1
Wales +37 3 £44,500 +2.89%
Northern Ireland +18 3 £53,750 -17.31%

For the 6 months to 21 January 2021, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 475 (90.65%) CISSP
2 376 (71.76%) Information Security
3 294 (56.11%) Cybersecurity
4 264 (50.38%) ISO/IEC 27001
5 176 (33.59%) CISA
6 163 (31.11%) Management Information System
7 160 (30.53%) Risk Management
8 150 (28.63%) NIST
9 144 (27.48%) Firewall
10 132 (25.19%) Finance
10 132 (25.19%) Azure
11 120 (22.90%) SIEM
12 110 (20.99%) Degree
13 106 (20.23%) GDPR
14 95 (18.13%) Security Management
14 95 (18.13%) Identity Access Management
15 87 (16.60%) Security Architecture
16 84 (16.03%) Microsoft
17 80 (15.27%) Intrusion Detection
18 75 (14.31%) Cyberthreat
19 68 (12.98%) Windows
20 67 (12.79%) Active Directory
20 67 (12.79%) AWS
20 67 (12.79%) CRISC
21 65 (12.40%) Vulnerability Management
21 65 (12.40%) ITIL
21 65 (12.40%) CEH
21 65 (12.40%) Penetration Testing
21 65 (12.40%) Cyber Essentials
22 61 (11.64%) Cisco Certification

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 1 (0.19%) Apache
1 1 (0.19%) IIS
Applications
1 7 (1.34%) Microsoft Excel
2 6 (1.15%) Microsoft PowerPoint
3 5 (0.95%) Microsoft Office
4 4 (0.76%) MS Visio
Business Applications
1 1 (0.19%) Oracle Applications
1 1 (0.19%) Relativity
Cloud Services
1 132 (25.19%) Azure
2 67 (12.79%) AWS
3 55 (10.50%) IaaS
3 55 (10.50%) Office 365
4 35 (6.68%) SaaS
5 32 (6.11%) PaaS
6 17 (3.24%) Cloud Computing
7 16 (3.05%) BPaaS
8 14 (2.67%) Azure Active Directory
9 11 (2.10%) GCP
10 10 (1.91%) Mimecast
11 4 (0.76%) AWS CloudFormation
12 3 (0.57%) IBM Cloud
13 1 (0.19%) Amazon EC2
13 1 (0.19%) Amazon S3
13 1 (0.19%) Dynamics 365
13 1 (0.19%) OpenShift
Communications & Networking
1 144 (27.48%) Firewall
2 80 (15.27%) Intrusion Detection
3 37 (7.06%) Network Security
4 31 (5.92%) LAN
5 26 (4.96%) VPN
6 23 (4.39%) TCP/IP
7 20 (3.82%) WAN
8 18 (3.44%) Wireless
9 16 (3.05%) WAAS
10 14 (2.67%) DNS
11 11 (2.10%) HTTP
12 8 (1.53%) DHCP
12 8 (1.53%) SSL
13 7 (1.34%) Internet
13 7 (1.34%) SAN
13 7 (1.34%) Unified Communications
14 6 (1.15%) Cisco ASA
14 6 (1.15%) F5 BIG-IP GTM
14 6 (1.15%) HTTPS
14 6 (1.15%) Wi-Fi
Database & Business Intelligence
1 7 (1.34%) Big Data
2 5 (0.95%) GIS
3 2 (0.38%) Blockchain
4 1 (0.19%) Data Warehouse
4 1 (0.19%) MySQL
4 1 (0.19%) PostgreSQL
4 1 (0.19%) Redis
4 1 (0.19%) SQL Server
4 1 (0.19%) SQL Server 2012
4 1 (0.19%) SQL Server 2014
Development Applications
1 1 (0.19%) GitLab
General
1 132 (25.19%) Finance
2 32 (6.11%) Banking
3 30 (5.73%) Legal
4 29 (5.53%) Public Sector
5 24 (4.58%) Aerospace
6 18 (3.44%) Telecoms
7 15 (2.86%) Law
8 11 (2.10%) Manufacturing
9 8 (1.53%) Marketing
9 8 (1.53%) Military
10 5 (0.95%) Investment Banking
11 4 (0.76%) International Banking
12 2 (0.38%) Advertising
12 2 (0.38%) Pharmaceutical
12 2 (0.38%) Retail
12 2 (0.38%) Retail Banking
13 1 (0.19%) Automotive
13 1 (0.19%) Electronics
13 1 (0.19%) Financial Institution
13 1 (0.19%) German Language
Job Titles
1 99 (18.89%) Security Manager
2 98 (18.70%) Analyst
3 80 (15.27%) Security Analyst
4 61 (11.64%) Security Engineer
5 54 (10.31%) Consultant
6 47 (8.97%) Information Manager
7 46 (8.78%) Architect
7 46 (8.78%) Information Security Manager
8 44 (8.40%) Security Specialist
9 41 (7.82%) Security Architect
10 37 (7.06%) Security Consultant
11 35 (6.68%) Information Analyst
11 35 (6.68%) Information Security Analyst
12 33 (6.30%) IT Analyst
13 32 (6.11%) Cybersecurity Manager
13 32 (6.11%) IT Security Analyst
14 30 (5.73%) Security Officer
15 25 (4.77%) Information Security Specialist
15 25 (4.77%) Information Specialist
16 23 (4.39%) Cybersecurity Engineer
Libraries, Frameworks & Software Standards
1 19 (3.63%) .NET
2 18 (3.44%) .NET Framework
3 12 (2.29%) Middleware
4 9 (1.72%) OAuth
5 8 (1.53%) Web Services
6 5 (0.95%) YAML
7 4 (0.76%) LDAP
8 3 (0.57%) Natural Language Processing
8 3 (0.57%) SAML
9 1 (0.19%) Apache Flex
9 1 (0.19%) LAMP
9 1 (0.19%) LAPP Stack
9 1 (0.19%) Node.js
9 1 (0.19%) Ruby on Rails
9 1 (0.19%) SailPoint
Miscellaneous
1 163 (31.11%) Management Information System
2 75 (14.31%) Cyberthreat
3 42 (8.02%) Analytical Skills
4 18 (3.44%) Data Protection Act
5 17 (3.24%) Data Centre
5 17 (3.24%) Self-Motivation
6 16 (3.05%) Enterprise Software
7 15 (2.86%) Mobile App
8 11 (2.10%) Cyber Kill Chain
8 11 (2.10%) Security Operations Centre
9 8 (1.53%) CESG
10 7 (1.34%) Cyberattack
11 6 (1.15%) BYOD
11 6 (1.15%) Distributed Denial-of-Service
11 6 (1.15%) Public Cloud
11 6 (1.15%) Robotics
12 5 (0.95%) Cyber Defence
13 4 (0.76%) Cloud Native
13 4 (0.76%) Social Media
14 3 (0.57%) Virtual Team
Operating Systems
1 68 (12.98%) Windows
2 46 (8.78%) Windows Server
3 27 (5.15%) Linux
4 16 (3.05%) Unix
5 7 (1.34%) Mac OS
6 5 (0.95%) Solaris
6 5 (0.95%) Windows XP
7 4 (0.76%) Windows Server 2012
8 2 (0.38%) Windows Server 2008
8 2 (0.38%) Windows Server 2016
9 1 (0.19%) AIX
9 1 (0.19%) Android
9 1 (0.19%) Apple iOS
9 1 (0.19%) Check Point GAiA
9 1 (0.19%) Windows 7
9 1 (0.19%) Windows 8
9 1 (0.19%) Windows Server 2019
Processes & Methodologies
1 376 (71.76%) Information Security
2 294 (56.11%) Cybersecurity
3 160 (30.53%) Risk Management
4 120 (22.90%) SIEM
5 95 (18.13%) Identity Access Management
5 95 (18.13%) Security Management
6 87 (16.60%) Security Architecture
7 65 (12.40%) ITIL
7 65 (12.40%) Penetration Testing
7 65 (12.40%) Vulnerability Management
8 55 (10.50%) Vulnerability Assessment
9 53 (10.11%) Kalman Filter
9 53 (10.11%) Security Operations
10 47 (8.97%) Information Security Management
10 47 (8.97%) ISMS
11 44 (8.40%) Data Protection
11 44 (8.40%) Web Filtering
12 42 (8.02%) Threat Intelligence
13 40 (7.63%) Computer Science
13 40 (7.63%) Information Assurance
Programming Languages
1 21 (4.01%) C
2 20 (3.82%) Java
3 11 (2.10%) SQL
4 7 (1.34%) PowerShell
4 7 (1.34%) Python
5 4 (0.76%) Go
6 3 (0.57%) R
7 1 (0.19%) Bash Shell
7 1 (0.19%) JavaScript
7 1 (0.19%) PHP
7 1 (0.19%) Ruby
7 1 (0.19%) VBScript
Qualifications
1 475 (90.65%) CISSP
2 176 (33.59%) CISA
3 110 (20.99%) Degree
4 67 (12.79%) CRISC
5 65 (12.40%) CEH
6 61 (11.64%) CESG Certified Professional
6 61 (11.64%) Cisco Certification
7 52 (9.92%) Security Cleared
8 48 (9.16%) SC Cleared
9 42 (8.02%) (ISC)2 CCSP
10 37 (7.06%) CCSP
11 31 (5.92%) ISO 27001 Lead Implementer
12 24 (4.58%) ISO 27001 Lead Auditor
13 22 (4.20%) CompTIA Security+
13 22 (4.20%) CSSLP
14 20 (3.82%) CISMP
14 20 (3.82%) SANS
14 20 (3.82%) SSCP
15 17 (3.24%) GIAC
16 15 (2.86%) CCNA
Quality Assurance & Compliance
1 264 (50.38%) ISO/IEC 27001
2 150 (28.63%) NIST
3 106 (20.23%) GDPR
4 65 (12.40%) Cyber Essentials
5 53 (10.11%) COBIT
6 51 (9.73%) PCI DSS
7 47 (8.97%) NCSC
8 23 (4.39%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 22 (4.20%) RMADS
10 19 (3.63%) HMG Security Policy Framework
10 19 (3.63%) ITGC
11 17 (3.24%) ISO 31000
12 16 (3.05%) 21 CFR Part 11
12 16 (3.05%) HIPAA
13 15 (2.86%) ISO/IEC 27005
14 9 (1.72%) Cyber Essentials PLUS
14 9 (1.72%) JSP 440
15 8 (1.53%) Sarbanes-Oxley
16 5 (0.95%) NIST 800
17 4 (0.76%) ISO 9001
System Software
1 67 (12.79%) Active Directory
2 6 (1.15%) VMware Infrastructure
3 2 (0.38%) VMware ESXi
4 1 (0.19%) Docker
4 1 (0.19%) Hyper-V
4 1 (0.19%) XenApp
4 1 (0.19%) XenDesktop
Systems Management
1 27 (5.15%) Microsoft Intune
2 9 (1.72%) Nessus
3 5 (0.95%) CSIRT
3 5 (0.95%) QRadar
4 4 (0.76%) CASB
4 4 (0.76%) SCCM
4 4 (0.76%) Terraform
5 2 (0.38%) SCOM
6 1 (0.19%) Ansible
6 1 (0.19%) Cisco CME
6 1 (0.19%) Cisco CUCM
6 1 (0.19%) HAProxy
6 1 (0.19%) Kubernetes
6 1 (0.19%) Opscode Chef
6 1 (0.19%) Puppet
Vendors
1 84 (16.03%) Microsoft
2 35 (6.68%) VMware
3 21 (4.01%) CheckPoint
4 20 (3.82%) Cisco
5 10 (1.91%) Google
5 10 (1.91%) Palo Alto
6 9 (1.72%) ServiceNow
7 7 (1.34%) Forcepoint
7 7 (1.34%) Oracle
7 7 (1.34%) Splunk
8 6 (1.15%) F5
9 5 (0.95%) Apple
9 5 (0.95%) SolarWinds
9 5 (0.95%) Zscaler
10 4 (0.76%) Barracuda Networks
10 4 (0.76%) Darktrace
10 4 (0.76%) IBM
10 4 (0.76%) Interwoven
10 4 (0.76%) Qualys
11 3 (0.57%) Veeam