Period
to 25 October 2020

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 25 October 2020 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
25 Oct 2020
Same period 2019 Same period 2018
Rank 322 340 344
Rank change year-on-year +18 +4 -8
Permanent jobs citing CISM 441 1,268 1,532
As % of all permanent jobs advertised in the UK 0.90% 0.93% 0.93%
As % of the Qualifications category 4.22% 4.05% 3.92%
Number of salaries quoted 366 1,058 1,186
Median annual salary £65,000 £65,000 £65,000
10th Percentile £42,500 £42,500 £42,500
90th Percentile £90,000 £93,750 £95,000
UK excluding London median annual salary £60,000 £60,000 £60,000
% change year-on-year 0.00% - +9.09%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 10,450 31,304 39,054
As % of all permanent IT jobs advertised in the UK 21.40% 22.99% 23.75%
Number of salaries quoted 7,826 22,924 28,907
Median annual salary £55,000 £50,000 £50,000
Median salary % change year-on-year +10.00% - +5.26%
10th Percentile £31,250 £27,000 £26,250
90th Percentile £87,500 £82,500 £81,250
UK excluding London median annual salary £50,000 £45,000 £45,000
% change year-on-year +11.11% - +5.88%

CISM
Job Vacancy Trend

Job postings citing CISM as a proportion of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

3-month moving average salary quoted in jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

Salary distribution for jobs citing CISM over the 6 months to 25 October 2020.

Salary histogram for CISM in the UK

CISM
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 25 October 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +20 407 £65,000 - 78
London +67 230 £65,000 -14.41% 37
UK excluding London -7 195 £60,000 0.00% 43
South East +71 48 £55,453 -14.69% 19
North of England +64 44 £57,500 +2.68% 10
Midlands +20 42 £52,500 +2.94% 3
West Midlands +29 34 £52,500 - 2
North West +79 31 £62,500 +10.40% 5
Scotland +84 25 £47,575 -18.68% 2
Work from Home -3 25 £62,500 +4.17% 5
South West +78 23 £65,000 +11.11% 6
Yorkshire +68 13 £52,500 -10.26% 5
East of England +91 11 £65,000 - 3
East Midlands +61 8 £68,750 +44.74% 1
Northern Ireland +24 3 £53,750 -17.31%

For the 6 months to 25 October 2020, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 409 (92.74%) CISSP
2 339 (76.87%) Information Security
3 263 (59.64%) Cybersecurity
4 236 (53.51%) ISO/IEC 27001
5 164 (37.19%) CISA
6 162 (36.73%) NIST
7 157 (35.60%) Risk Management
8 140 (31.75%) Management Information System
9 136 (30.84%) Firewall
10 133 (30.16%) Degree
11 130 (29.48%) Finance
12 109 (24.72%) Azure
13 102 (23.13%) SIEM
14 99 (22.45%) GDPR
15 89 (20.18%) Identity Access Management
16 77 (17.46%) Intrusion Detection
17 76 (17.23%) Security Management
18 72 (16.33%) Cisco Certification
18 72 (16.33%) CRISC
19 68 (15.42%) AWS
19 68 (15.42%) Cyberthreat
20 63 (14.29%) Microsoft
20 63 (14.29%) Windows
21 60 (13.61%) Penetration Testing
22 59 (13.38%) (ISC)2 CCSP
23 58 (13.15%) Kalman Filter
24 57 (12.93%) Active Directory
25 56 (12.70%) PCI DSS
26 55 (12.47%) Data Protection
27 54 (12.24%) ITIL

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 2 (0.45%) SharePoint
2 1 (0.23%) Apache
Applications
1 10 (2.27%) Microsoft Excel
2 6 (1.36%) Microsoft Office
3 4 (0.91%) Microsoft PowerPoint
Business Applications
1 1 (0.23%) Oracle Applications
1 1 (0.23%) Remedy ITSM
Cloud Services
1 109 (24.72%) Azure
2 68 (15.42%) AWS
3 49 (11.11%) Office 365
4 41 (9.30%) IaaS
5 18 (4.08%) PaaS
5 18 (4.08%) SaaS
6 8 (1.81%) Azure Active Directory
7 7 (1.59%) Cloud Computing
7 7 (1.59%) GCP
7 7 (1.59%) Mimecast
8 6 (1.36%) BPaaS
9 3 (0.68%) AWS CloudFormation
10 1 (0.23%) Amazon EC2
10 1 (0.23%) Amazon S3
10 1 (0.23%) OpenShift
Communications & Networking
1 136 (30.84%) Firewall
2 77 (17.46%) Intrusion Detection
3 32 (7.26%) LAN
4 27 (6.12%) Network Security
5 24 (5.44%) VPN
6 21 (4.76%) WAN
7 19 (4.31%) Wireless
8 15 (3.40%) DNS
9 10 (2.27%) TCP/IP
10 9 (2.04%) SSL
10 9 (2.04%) Wi-Fi
11 8 (1.81%) HTTP
11 8 (1.81%) Internet
12 7 (1.59%) DHCP
12 7 (1.59%) Wireshark
13 6 (1.36%) WAAS
14 5 (1.13%) HTTPS
15 4 (0.91%) DMZ
16 3 (0.68%) SCCP
16 3 (0.68%) Unified Communications
Database & Business Intelligence
1 3 (0.68%) GIS
2 2 (0.45%) Blockchain
3 1 (0.23%) Big Data
3 1 (0.23%) Data Warehouse
3 1 (0.23%) MySQL
3 1 (0.23%) PostgreSQL
3 1 (0.23%) Redis
Development Applications
1 1 (0.23%) GitLab
1 1 (0.23%) JIRA
General
1 130 (29.48%) Finance
2 43 (9.75%) Legal
3 29 (6.58%) Banking
4 23 (5.22%) Law
5 22 (4.99%) Public Sector
5 22 (4.99%) Telecoms
6 11 (2.49%) Aerospace
7 9 (2.04%) Manufacturing
8 7 (1.59%) Investment Banking
8 7 (1.59%) Marketing
9 4 (0.91%) Military
10 3 (0.68%) Back Office
10 3 (0.68%) Financial Institution
10 3 (0.68%) Pharmaceutical
10 3 (0.68%) Retail
11 2 (0.45%) Games
12 1 (0.23%) Advertising
12 1 (0.23%) Electronics
12 1 (0.23%) Publishing
12 1 (0.23%) Retail Banking
Job Titles
1 88 (19.95%) Security Manager
2 83 (18.82%) Analyst
3 69 (15.65%) Security Analyst
4 47 (10.66%) Consultant
5 45 (10.20%) Information Analyst
6 44 (9.98%) Information Manager
6 44 (9.98%) Information Security Analyst
6 44 (9.98%) Security Engineer
7 42 (9.52%) Information Security Manager
8 41 (9.30%) Security Consultant
9 35 (7.94%) Security Officer
10 33 (7.48%) Cybersecurity Manager
11 28 (6.35%) Architect
12 27 (6.12%) Security Architect
13 26 (5.90%) Security Specialist
14 25 (5.67%) Information Security Officer
15 24 (5.44%) Information Officer
16 20 (4.54%) Information Security Consultant
17 18 (4.08%) IT Manager
17 18 (4.08%) Risk Analyst
Libraries, Frameworks & Software Standards
1 20 (4.54%) .NET
2 18 (4.08%) .NET Framework
3 7 (1.59%) YAML
4 6 (1.36%) Web Services
5 3 (0.68%) Middleware
5 3 (0.68%) Natural Language Processing
6 2 (0.45%) LDAP
6 2 (0.45%) OAuth
6 2 (0.45%) SAML
7 1 (0.23%) Apache Flex
7 1 (0.23%) Itk
7 1 (0.23%) LAMP
7 1 (0.23%) LAPP Stack
7 1 (0.23%) Node.js
7 1 (0.23%) Ruby on Rails
7 1 (0.23%) SailPoint
Miscellaneous
1 140 (31.75%) Management Information System
2 68 (15.42%) Cyberthreat
3 33 (7.48%) Analytical Skills
4 20 (4.54%) Data Protection Act
5 17 (3.85%) Mobile App
6 14 (3.17%) Cyber Kill Chain
7 13 (2.95%) Data Centre
8 11 (2.49%) Security Operations Centre
9 9 (2.04%) Public Cloud
9 9 (2.04%) Self-Motivation
10 8 (1.81%) Cyber Defence
10 8 (1.81%) Cyberattack
10 8 (1.81%) Robotics
11 7 (1.59%) BYOD
11 7 (1.59%) CESG
12 6 (1.36%) Enterprise Software
13 5 (1.13%) PKI
14 4 (0.91%) Cloud Native
14 4 (0.91%) Social Media
15 3 (0.68%) Virtual Team
Operating Systems
1 63 (14.29%) Windows
2 37 (8.39%) Windows Server
3 22 (4.99%) Linux
4 16 (3.63%) Unix
5 7 (1.59%) Solaris
5 7 (1.59%) Windows XP
6 4 (0.91%) Mac OS
7 2 (0.45%) AIX
7 2 (0.45%) Apple iOS
7 2 (0.45%) Windows Server 2012
8 1 (0.23%) Android
8 1 (0.23%) Check Point GAiA
8 1 (0.23%) Mac OS X
8 1 (0.23%) Windows 10
8 1 (0.23%) Windows 7
8 1 (0.23%) Windows 8
8 1 (0.23%) Windows Server 2008
8 1 (0.23%) Windows Server 2016
Processes & Methodologies
1 339 (76.87%) Information Security
2 263 (59.64%) Cybersecurity
3 157 (35.60%) Risk Management
4 102 (23.13%) SIEM
5 89 (20.18%) Identity Access Management
6 76 (17.23%) Security Management
7 60 (13.61%) Penetration Testing
8 58 (13.15%) Kalman Filter
9 55 (12.47%) Data Protection
10 54 (12.24%) ITIL
11 47 (10.66%) ISMS
11 47 (10.66%) Vulnerability Assessment
12 46 (10.43%) Web Filtering
13 45 (10.20%) Computer Science
14 43 (9.75%) Vulnerability Management
15 41 (9.30%) Information Security Management
15 41 (9.30%) Security Architecture
16 33 (7.48%) Problem-Solving
16 33 (7.48%) Risk Assessment
16 33 (7.48%) Security Operations
Programming Languages
1 21 (4.76%) Java
2 17 (3.85%) C
3 15 (3.40%) PowerShell
4 10 (2.27%) SQL
5 9 (2.04%) Python
6 4 (0.91%) Go
7 3 (0.68%) R
8 1 (0.23%) Bash Shell
8 1 (0.23%) JavaScript
8 1 (0.23%) PHP
8 1 (0.23%) Ruby
8 1 (0.23%) VBScript
Qualifications
1 409 (92.74%) CISSP
2 164 (37.19%) CISA
3 133 (30.16%) Degree
4 72 (16.33%) Cisco Certification
4 72 (16.33%) CRISC
5 59 (13.38%) (ISC)2 CCSP
6 45 (10.20%) Security Cleared
7 42 (9.52%) CCSP
8 40 (9.07%) SC Cleared
9 38 (8.62%) CEH
10 33 (7.48%) CESG Certified Professional
11 29 (6.58%) ISO 27001 Lead Implementer
12 27 (6.12%) ISO 27001 Lead Auditor
13 21 (4.76%) CSSLP
14 18 (4.08%) GIAC
14 18 (4.08%) OSCP
15 17 (3.85%) CompTIA Security+
16 15 (3.40%) CCNA
17 13 (2.95%) SSCP
18 12 (2.72%) GCIH
Quality Assurance & Compliance
1 236 (53.51%) ISO/IEC 27001
2 162 (36.73%) NIST
3 99 (22.45%) GDPR
4 56 (12.70%) PCI DSS
5 47 (10.66%) COBIT
5 47 (10.66%) Cyber Essentials
6 30 (6.80%) ISO 31000
7 25 (5.67%) NCSC
8 22 (4.99%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 15 (3.40%) ISO/IEC 27005
10 13 (2.95%) ISO 22301
11 12 (2.72%) RMADS
12 11 (2.49%) Sarbanes-Oxley
13 10 (2.27%) HMG Security Policy Framework
14 9 (2.04%) ITGC
15 8 (1.81%) Cyber Essentials PLUS
16 6 (1.36%) 21 CFR Part 11
16 6 (1.36%) HIPAA
16 6 (1.36%) JSP 440
17 5 (1.13%) SLA
System Software
1 57 (12.93%) Active Directory
2 8 (1.81%) VMware Infrastructure
3 2 (0.45%) VMware ESXi
4 1 (0.23%) BitLocker
4 1 (0.23%) Docker
4 1 (0.23%) NDS
Systems Management
1 28 (6.35%) Microsoft Intune
2 7 (1.59%) CSIRT
3 5 (1.13%) Computer Emergency Response Teams
4 4 (0.91%) QRadar
5 3 (0.68%) Nessus
5 3 (0.68%) Terraform
6 2 (0.45%) CASB
7 1 (0.23%) Ansible
7 1 (0.23%) Cisco CME
7 1 (0.23%) Cisco CUCM
7 1 (0.23%) EnCase
7 1 (0.23%) FTK
7 1 (0.23%) HAProxy
7 1 (0.23%) Kubernetes
7 1 (0.23%) NetIQ Identity Manager
7 1 (0.23%) Opscode Chef
7 1 (0.23%) Puppet
7 1 (0.23%) SCCM
Vendors
1 63 (14.29%) Microsoft
2 40 (9.07%) VMware
3 20 (4.54%) Cisco
4 9 (2.04%) CheckPoint
5 8 (1.81%) Google
6 7 (1.59%) Splunk
7 4 (0.91%) Citrix
7 4 (0.91%) Interwoven
7 4 (0.91%) Palo Alto
8 3 (0.68%) Forcepoint
8 3 (0.68%) LogRhythm
8 3 (0.68%) Meraki
8 3 (0.68%) Qualys
8 3 (0.68%) ServiceNow
9 2 (0.45%) ArcSight
9 2 (0.45%) Darktrace
9 2 (0.45%) Fortinet
9 2 (0.45%) McAfee
9 2 (0.45%) Oracle
9 2 (0.45%) SolarWinds