Period
to 4 August 2020

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 4 August 2020 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
4 Aug 2020
Same period 2019 Same period 2018
Rank 341 352 313
Rank change year-on-year +11 -39 +6
Permanent jobs citing CISM 569 1,250 1,816
As % of all permanent jobs advertised in the UK 0.85% 0.87% 1.05%
As % of the Qualifications category 3.87% 3.63% 4.41%
Number of salaries quoted 460 1,029 1,402
Median annual salary £63,000 £65,000 £65,000
Median salary % change year-on-year -3.08% - -
10th Percentile £42,500 £43,100 £43,750
90th Percentile £86,250 £95,000 £95,000
UK excluding London median annual salary £57,500 £60,000 £60,000
% change year-on-year -4.17% - +9.09%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 14,714 34,449 41,166
As % of all permanent IT jobs advertised in the UK 22.11% 24.08% 23.81%
Number of salaries quoted 10,633 25,012 30,568
Median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +11.11%
10th Percentile £30,000 £26,500 £26,250
90th Percentile £85,000 £82,500 £80,000
UK excluding London median annual salary £47,500 £45,000 £45,000
% change year-on-year +5.56% - +5.88%

CISM
Job Vacancy Trend

Job postings citing CISM as a proportion of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

3-month moving average salary quoted in jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

Salary distribution for jobs citing CISM over the 6 months to 4 August 2020.

Salary histogram for CISM in the UK

CISM
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 4 August 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +21 525 £65,000 - 46
UK excluding London +26 284 £57,500 -4.17% 30
London +43 270 £65,000 -16.13% 22
South East +69 92 £55,000 -15.38% 3
North of England +48 62 £57,500 -1.71% 10
Midlands +44 45 £52,500 - 7
North West +62 42 £60,000 +2.56% 3
West Midlands +53 40 £52,500 - 5
South West +67 35 £65,000 +18.18% 2
Work from Home +37 30 £61,250 -5.77% 2
Scotland +87 29 £50,288 -14.04% 2
Yorkshire +75 20 £57,500 -1.71% 6
East of England +38 18 £65,000 - 2
East Midlands +48 5 £55,000 -4.35% 2
Wales +24 2 £52,500 -25.00% 2
Northern Ireland - 1 £50,000 - 2

For the 6 months to 4 August 2020, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 541 (95.08%) CISSP
2 414 (72.76%) Information Security
3 338 (59.40%) Cybersecurity
4 277 (48.68%) ISO/IEC 27001
5 247 (43.41%) CISA
6 202 (35.50%) Risk Management
7 168 (29.53%) Finance
8 133 (23.37%) NIST
9 131 (23.02%) Firewall
10 125 (21.97%) Degree
11 120 (21.09%) GDPR
12 111 (19.51%) Azure
13 108 (18.98%) SIEM
14 107 (18.80%) Management Information System
15 106 (18.63%) CRISC
16 99 (17.40%) Security Management
17 92 (16.17%) Cisco Certification
18 91 (15.99%) Security Cleared
19 89 (15.64%) PCI DSS
20 82 (14.41%) Data Protection
21 80 (14.06%) Penetration Testing
22 75 (13.18%) Legal
23 71 (12.48%) Microsoft
23 71 (12.48%) SC Cleared
24 69 (12.13%) Risk Assessment
25 68 (11.95%) AWS
26 67 (11.78%) ITIL
27 66 (11.60%) Windows
27 66 (11.60%) Security Architecture
28 64 (11.25%) Information Assurance

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 12 (2.11%) IIS
2 5 (0.88%) SharePoint
3 1 (0.18%) Confluence
3 1 (0.18%) JBoss
3 1 (0.18%) MS Exchange
3 1 (0.18%) Tomcat
3 1 (0.18%) WebLogic
3 1 (0.18%) WebSphere
Applications
1 19 (3.34%) Microsoft Excel
2 10 (1.76%) Microsoft Office
3 8 (1.41%) Microsoft PowerPoint
Business Applications
1 3 (0.53%) Sentinel
2 2 (0.35%) Remedy ITSM
Cloud Services
1 111 (19.51%) Azure
2 68 (11.95%) AWS
3 55 (9.67%) Office 365
4 14 (2.46%) IaaS
4 14 (2.46%) Mimecast
4 14 (2.46%) PaaS
5 8 (1.41%) Cloud Computing
6 7 (1.23%) Azure Active Directory
7 6 (1.05%) SaaS
8 4 (0.70%) G Suite
9 3 (0.53%) GCP
10 1 (0.18%) AWS CloudFormation
10 1 (0.18%) AWS CodeDeploy
10 1 (0.18%) Power Automate
10 1 (0.18%) Power Platform
Communications & Networking
1 131 (23.02%) Firewall
2 38 (6.68%) Intrusion Detection
3 32 (5.62%) Network Security
4 20 (3.51%) DNS
4 20 (3.51%) TCP/IP
5 17 (2.99%) LAN
6 15 (2.64%) Internet
7 13 (2.28%) Wi-Fi
8 12 (2.11%) VPN
9 9 (1.58%) WAN
9 9 (1.58%) Wireless
10 7 (1.23%) SCCP
11 6 (1.05%) DHCP
11 6 (1.05%) HTTP
12 5 (0.88%) DMZ
12 5 (0.88%) Wireshark
13 4 (0.70%) DSL
14 3 (0.53%) HTTPS
14 3 (0.53%) SSL
14 3 (0.53%) Unified Communications
Database & Business Intelligence
1 1 (0.18%) Informix
1 1 (0.18%) Power BI
1 1 (0.18%) SQL Server
Development Applications
1 8 (1.41%) Burp Suite
2 3 (0.53%) JIRA
2 3 (0.53%) Metasploit
3 2 (0.35%) WinDbg
4 1 (0.18%) Jenkins
4 1 (0.18%) Sonatype Nexus
4 1 (0.18%) Team Foundation Server
General
1 168 (29.53%) Finance
2 75 (13.18%) Legal
3 47 (8.26%) Law
4 24 (4.22%) Banking
4 24 (4.22%) Public Sector
5 23 (4.04%) Telecoms
6 14 (2.46%) Retail
7 7 (1.23%) Back Office
7 7 (1.23%) Games
7 7 (1.23%) Marketing
8 5 (0.88%) Local Government
8 5 (0.88%) Manufacturing
9 4 (0.70%) Advertising
9 4 (0.70%) Military
10 3 (0.53%) Aerospace
10 3 (0.53%) Retail Banking
11 2 (0.35%) Billing
11 2 (0.35%) Investment Banking
11 2 (0.35%) Police
11 2 (0.35%) Publishing
Job Titles
1 121 (21.27%) Analyst
2 110 (19.33%) Security Manager
3 99 (17.40%) Security Analyst
4 82 (14.41%) Consultant
5 77 (13.53%) Security Consultant
6 71 (12.48%) Security Engineer
7 62 (10.90%) Information Analyst
8 61 (10.72%) Information Security Analyst
9 47 (8.26%) Architect
9 47 (8.26%) Security Architect
10 43 (7.56%) Information Security Manager
11 42 (7.38%) Information Manager
12 39 (6.85%) Cybersecurity Consultant
13 36 (6.33%) Security Specialist
14 35 (6.15%) IT Manager
14 35 (6.15%) IT Security Manager
15 34 (5.98%) Security Officer
16 28 (4.92%) Information Security Engineer
17 23 (4.04%) Cybersecurity Manager
17 23 (4.04%) Information Security Consultant
Libraries, Frameworks & Software Standards
1 36 (6.33%) SailPoint
2 10 (1.76%) .NET
3 9 (1.58%) .NET Framework
4 7 (1.23%) Regular Expression
5 5 (0.88%) Middleware
6 3 (0.53%) ModSecurity
6 3 (0.53%) Web Services
7 2 (0.35%) TensorFlow
7 2 (0.35%) YAML
8 1 (0.18%) Itk
8 1 (0.18%) OAuth
8 1 (0.18%) OAuth2
8 1 (0.18%) OpenID
8 1 (0.18%) XACML
Miscellaneous
1 107 (18.80%) Management Information System
2 39 (6.85%) Analytical Skills
3 29 (5.10%) Cyberthreat
4 23 (4.04%) Public Cloud
5 20 (3.51%) Data Protection Act
6 16 (2.81%) Data Centre
7 15 (2.64%) Self-Motivation
8 13 (2.28%) Security Operations Centre
9 12 (2.11%) Mobile App
10 11 (1.93%) Cyberattack
10 11 (1.93%) User Experience
11 10 (1.76%) BYOD
12 9 (1.58%) Cyber Defence
13 7 (1.23%) CESG
13 7 (1.23%) Cyber Kill Chain
14 6 (1.05%) Driving Licence
14 6 (1.05%) Hybrid Cloud
15 5 (0.88%) NHS
16 4 (0.70%) Life Science
16 4 (0.70%) PKI
Operating Systems
1 66 (11.60%) Windows
2 61 (10.72%) Linux
3 23 (4.04%) Unix
4 8 (1.41%) Windows Server
5 7 (1.23%) Windows Server 2012
6 5 (0.88%) Windows 10
7 4 (0.70%) Windows 7
7 4 (0.70%) Windows Server 2008
8 3 (0.53%) Kali Linux
9 2 (0.35%) Apple iOS
9 2 (0.35%) Solaris
9 2 (0.35%) Windows XP
10 1 (0.18%) AIX
10 1 (0.18%) Mac OS X
10 1 (0.18%) Windows Server 2016
Processes & Methodologies
1 414 (72.76%) Information Security
2 338 (59.40%) Cybersecurity
3 202 (35.50%) Risk Management
4 108 (18.98%) SIEM
5 99 (17.40%) Security Management
6 82 (14.41%) Data Protection
7 80 (14.06%) Penetration Testing
8 69 (12.13%) Risk Assessment
9 67 (11.78%) ITIL
10 66 (11.60%) Security Architecture
11 64 (11.25%) Information Assurance
11 64 (11.25%) Security Operations
12 61 (10.72%) Agile Software Development
13 57 (10.02%) Vulnerability Management
14 54 (9.49%) Information Security Management
15 44 (7.73%) Identity Access Management
16 43 (7.56%) Data Privacy
16 43 (7.56%) TOGAF
17 42 (7.38%) ISMS
17 42 (7.38%) Vulnerability Assessment
Programming Languages
1 49 (8.61%) SQL
2 47 (8.26%) Python
3 41 (7.21%) Perl
4 35 (6.15%) Bash Shell
4 35 (6.15%) PowerShell
5 20 (3.51%) Java
6 14 (2.46%) C
7 7 (1.23%) C#
7 7 (1.23%) Ruby
8 2 (0.35%) Julia
8 2 (0.35%) MATLAB
8 2 (0.35%) R
8 2 (0.35%) Scala
8 2 (0.35%) VBScript
9 1 (0.18%) C++
9 1 (0.18%) Go
Qualifications
1 541 (95.08%) CISSP
2 247 (43.41%) CISA
3 125 (21.97%) Degree
4 106 (18.63%) CRISC
5 92 (16.17%) Cisco Certification
6 91 (15.99%) Security Cleared
7 71 (12.48%) SC Cleared
8 64 (11.25%) (ISC)2 CCSP
9 62 (10.90%) CESG Certified Professional
10 54 (9.49%) CEH
11 30 (5.27%) ISO 27001 Lead Auditor
12 29 (5.10%) CCSP
13 26 (4.57%) DV Cleared
14 23 (4.04%) CCNA
15 21 (3.69%) SSCP
16 18 (3.16%) ISO 27001 Lead Implementer
17 17 (2.99%) Computer Science Degree
17 17 (2.99%) GIAC
18 15 (2.64%) CCNP
19 14 (2.46%) Master's Degree
Quality Assurance & Compliance
1 277 (48.68%) ISO/IEC 27001
2 133 (23.37%) NIST
3 120 (21.09%) GDPR
4 89 (15.64%) PCI DSS
5 58 (10.19%) Cyber Essentials
6 34 (5.98%) COBIT
7 31 (5.45%) NCSC
8 26 (4.57%) JSP 440
9 23 (4.04%) Sarbanes-Oxley
10 21 (3.69%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
11 19 (3.34%) ISO 31000
11 19 (3.34%) RMADS
12 16 (2.81%) ISO 22301
13 15 (2.64%) ISO/IEC 27005
14 10 (1.76%) NIST 800
14 10 (1.76%) SLA
15 9 (1.58%) Cyber Essentials PLUS
16 7 (1.23%) QA
17 5 (0.88%) HMG Security Policy Framework
17 5 (0.88%) ISO 9001
System Software
1 51 (8.96%) Active Directory
2 4 (0.70%) VMware Infrastructure
3 3 (0.53%) Hyper-V
4 1 (0.18%) BitLocker
4 1 (0.18%) Docker
4 1 (0.18%) NDS
Systems Management
1 41 (7.21%) Nessus
2 11 (1.93%) QRadar
3 10 (1.76%) CSIRT
4 7 (1.23%) Computer Emergency Response Teams
5 6 (1.05%) Microsoft Intune
6 4 (0.70%) CASB
7 3 (0.53%) HP Fortify
7 3 (0.53%) Nmap
8 2 (0.35%) IBM Guardium
8 2 (0.35%) OSSEC
8 2 (0.35%) Terraform
9 1 (0.18%) Ansible
9 1 (0.18%) Computer Incident Response Team
9 1 (0.18%) EnCase
9 1 (0.18%) FTK
9 1 (0.18%) NetIQ Identity Manager
9 1 (0.18%) Oracle Identity Management
9 1 (0.18%) SCCM
Vendors
1 71 (12.48%) Microsoft
2 56 (9.84%) Splunk
3 39 (6.85%) CyberArk
4 34 (5.98%) Aveksa
4 34 (5.98%) Cisco
4 34 (5.98%) Sun
5 32 (5.62%) ArcSight
6 28 (4.92%) Qualys
7 16 (2.81%) Citrix
7 16 (2.81%) Meraki
8 13 (2.28%) LogRhythm
9 11 (1.93%) VMware
10 10 (1.76%) McAfee
11 9 (1.58%) CheckPoint
11 9 (1.58%) Palo Alto
12 8 (1.41%) ServiceNow
13 5 (0.88%) Carbon Black
14 4 (0.70%) Forcepoint
14 4 (0.70%) Gemalto
15 3 (0.53%) Remedy