Period
to 19 March 2019

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 19 March 2019 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
19 Mar 2019
Same period 2018 Same period 2017
Rank 359 332 306
Rank change year-on-year -27 -26 +60
Permanent jobs citing CISM 1,296 1,675 1,838
As % of all permanent IT jobs advertised in the UK 0.87% 0.95% 1.07%
As % of the Qualifications category 3.57% 4.00% 4.21%
Number of salaries quoted 911 1,317 1,421
UK median annual salary £65,000 £65,000 £65,000
10th Percentile £41,250 £43,750 £41,250
90th Percentile £97,500 £97,500 £91,250
UK excluding London median annual salary £60,000 £58,000 £55,000
% change year-on-year +3.45% +5.45% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 36,305 41,841 43,698
As % of all permanent IT jobs advertised in the UK 24.45% 23.80% 25.41%
Number of salaries quoted 26,347 32,312 34,421
UK median annual salary £50,000 £47,500 £45,000
Median salary % change year-on-year +5.26% +5.56% -
10th Percentile £26,500 £26,250 £26,250
90th Percentile £81,250 £80,000 £76,250
UK excluding London median annual salary £45,000 £42,500 £42,000
% change year-on-year +5.88% +1.19% -1.18%

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 19 March 2019.

Salary histogram for CISM in the UK

CISM
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 19 March 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -23 1,242 £65,000 - 176
UK excluding London +59 761 £60,000 +3.45% 126
London -90 497 £75,000 +3.45% 60
South East +6 227 £60,000 - 36
North of England +34 209 £60,000 +9.09% 25
South West +94 112 £54,000 +8.00% 9
Midlands +23 108 £57,500 +7.48% 26
North West +38 105 £65,000 +18.18% 21
Yorkshire +33 93 £55,000 - 4
West Midlands +15 83 £57,500 +7.48% 21
East of England +53 76 £75,000 +25.00% 20
East Midlands +12 24 £62,500 +21.95% 5
Scotland +15 20 £51,500 -23.70% 8
North East +14 11 £66,427 +36.96%
Wales +14 9 £70,000 +40.00% 2

For the 6 months to 19 March 2019, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 1,231 (94.98%) CISSP
2 1,016 (78.40%) Information Security
3 684 (52.78%) ISO/IEC 27001
4 647 (49.92%) Cybersecurity
5 622 (47.99%) CISA
6 411 (31.71%) Risk Management
7 340 (26.23%) Management Information System
8 330 (25.46%) Finance
9 274 (21.14%) PCI DSS
10 266 (20.52%) GDPR
11 265 (20.45%) CRISC
12 251 (19.37%) SIEM
13 246 (18.98%) Degree
14 242 (18.67%) CEH
15 220 (16.98%) Firewall
16 209 (16.13%) ITIL
17 192 (14.81%) Security Architecture
18 189 (14.58%) Security Operations
19 188 (14.51%) Security Management
20 172 (13.27%) Penetration Testing
21 167 (12.89%) SANS
22 160 (12.35%) Data Protection
23 158 (12.19%) Vulnerability Management
24 153 (11.81%) Stakeholder Management
25 149 (11.50%) Agile Software Development
26 140 (10.80%) Information Security Management
27 133 (10.26%) Cisco Certification
28 131 (10.11%) Incident Management
29 128 (9.88%) Security Cleared
29 128 (9.88%) Microsoft Azure

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 28 (2.16%) ExpressionEngine
1 28 (2.16%) WordPress
2 18 (1.39%) IIS
3 12 (0.93%) Confluence
3 12 (0.93%) SharePoint
4 8 (0.62%) Apache
5 6 (0.46%) WebSphere
6 4 (0.31%) OpenStack
7 3 (0.23%) Skype for Business
8 2 (0.15%) JBoss
8 2 (0.15%) MS Exchange
8 2 (0.15%) Tomcat
8 2 (0.15%) WebLogic
Applications
1 12 (0.93%) Microsoft Office
2 5 (0.39%) Microsoft Excel
3 2 (0.15%) Microsoft PowerPoint
3 2 (0.15%) MS Visio
Business Applications
1 3 (0.23%) SAP GRC
2 2 (0.15%) assyst
2 2 (0.15%) Infor M3
2 2 (0.15%) SAP ERP
2 2 (0.15%) SAP HR
Cloud Services
1 128 (9.88%) Microsoft Azure
2 112 (8.64%) Amazon AWS
3 41 (3.16%) IaaS
4 36 (2.78%) SaaS
5 25 (1.93%) Google Cloud Platform
5 25 (1.93%) Office 365
6 14 (1.08%) PaaS
7 4 (0.31%) GitHub
8 3 (0.23%) Mimecast
8 3 (0.23%) OneDrive
8 3 (0.23%) Yammer
9 2 (0.15%) Amazon CloudWatch
9 2 (0.15%) Amazon EC2
9 2 (0.15%) Amazon S3
9 2 (0.15%) AWS CloudFormation
9 2 (0.15%) AWS CloudTrail
9 2 (0.15%) CloudFront
9 2 (0.15%) Virtual Private Cloud
10 1 (0.077%) Cloud Computing
10 1 (0.077%) Dropbox
Communications & Networking
1 220 (16.98%) Firewall
2 103 (7.95%) Network Security
3 65 (5.02%) Internet
4 60 (4.63%) Intrusion Detection
5 39 (3.01%) TCP/IP
6 31 (2.39%) DNS
6 31 (2.39%) VPN
7 30 (2.31%) HTTP
7 30 (2.31%) IPsec
8 25 (1.93%) BGP
8 25 (1.93%) Cisco Nexus
8 25 (1.93%) EIGRP
9 19 (1.47%) WAN
10 14 (1.08%) SCCP
11 13 (1.00%) LAN
12 11 (0.85%) Cisco IPT
13 10 (0.77%) DMZ
14 9 (0.69%) DHCP
14 9 (0.69%) Wireless
15 8 (0.62%) VoIP
Database & Business Intelligence
1 49 (3.78%) Big Data
2 28 (2.16%) MongoDB
3 12 (0.93%) SQL Server
4 10 (0.77%) DB2
4 10 (0.77%) Hadoop
5 9 (0.69%) Geospatial Data
6 4 (0.31%) GIS
7 3 (0.23%) Data Mining
7 3 (0.23%) Maltego
8 2 (0.15%) Amazon RDS
8 2 (0.15%) Data Warehouse
8 2 (0.15%) MySQL
8 2 (0.15%) Oracle Database
8 2 (0.15%) PostgreSQL
8 2 (0.15%) Power BI
Development Applications
1 17 (1.31%) JIRA
2 13 (1.00%) AppScan
3 10 (0.77%) Metasploit
4 4 (0.31%) Git (software)
5 2 (0.15%) Ant
5 2 (0.15%) SonarQube
6 1 (0.077%) Burp Suite
6 1 (0.077%) Paros
6 1 (0.077%) Visual Studio
General
1 330 (25.46%) Finance
2 111 (8.56%) Legal
3 106 (8.18%) Banking
4 63 (4.86%) Retail
5 44 (3.40%) Telecoms
6 36 (2.78%) Law
7 24 (1.85%) Publishing
8 17 (1.31%) Marketing
9 15 (1.16%) Manufacturing
10 12 (0.93%) Billing
11 9 (0.69%) Financial Institution
12 7 (0.54%) Investment Banking
13 5 (0.39%) Front Office
13 5 (0.39%) German Language
14 4 (0.31%) Electronics
14 4 (0.31%) Local Government
15 3 (0.23%) Games
16 2 (0.15%) Pharmaceutical
16 2 (0.15%) Retail Banking
17 1 (0.077%) Spanish Language
Job Titles
1 276 (21.30%) Security Manager
2 267 (20.60%) Analyst
3 227 (17.52%) Security Analyst
4 164 (12.65%) Consultant
5 154 (11.88%) Architect
5 154 (11.88%) Information Manager
5 154 (11.88%) Information Security Manager
6 153 (11.81%) Security Architect
7 140 (10.80%) Security Consultant
8 127 (9.80%) Information Analyst
8 127 (9.80%) Information Security Analyst
9 108 (8.33%) Head of Security
10 97 (7.48%) Security Engineer
11 76 (5.86%) Security Officer
12 71 (5.48%) Head of Information
12 71 (5.48%) Head of Information Security
13 68 (5.25%) Senior Analyst
14 61 (4.71%) Information Security Officer
15 59 (4.55%) Information Officer
15 59 (4.55%) Senior Security Analyst
Libraries, Frameworks & Software Standards
1 32 (2.47%) SailPoint
2 28 (2.16%) Node.js
3 17 (1.31%) .NET
4 16 (1.23%) Web Services
5 11 (0.85%) REST
5 11 (0.85%) SAML
6 10 (0.77%) ModSecurity
7 8 (0.62%) OAuth
8 6 (0.46%) Spring
9 5 (0.39%) .NET Framework
9 5 (0.39%) Elastic Stack
9 5 (0.39%) LDAP
10 4 (0.31%) JSON
10 4 (0.31%) Protocol Buffers
10 4 (0.31%) RESTful
10 4 (0.31%) XML
11 3 (0.23%) Middleware
11 3 (0.23%) OpenID
11 3 (0.23%) SOAP
12 2 (0.15%) SAP Basis
Miscellaneous
1 340 (26.23%) Management Information System
2 119 (9.18%) Analytical Skills
3 79 (6.10%) Security Operations Centre
4 52 (4.01%) PKI
5 48 (3.70%) Cyberattack
6 41 (3.16%) Data Protection Act
7 37 (2.85%) Cyberthreat
8 36 (2.78%) Self-Motivation
9 34 (2.62%) Driving Licence
10 31 (2.39%) Distributed Denial-of-Service
11 20 (1.54%) Cyber Kill Chain
11 20 (1.54%) Data Centre
12 17 (1.31%) CESG
13 16 (1.23%) Public Cloud
14 15 (1.16%) NHS
15 13 (1.00%) Fintech
16 12 (0.93%) Cybercrime
16 12 (0.93%) Hybrid Cloud
17 9 (0.69%) BYOD
17 9 (0.69%) Enterprise Cloud
Operating Systems
1 125 (9.65%) Linux
2 102 (7.87%) Windows
3 55 (4.24%) Unix
4 23 (1.77%) Apple iOS
5 16 (1.23%) Android
6 14 (1.08%) Red Hat Enterprise Linux
6 14 (1.08%) Windows Server
7 8 (0.62%) Debian
7 8 (0.62%) Kali Linux
8 7 (0.54%) CentOS
8 7 (0.54%) Windows Server 2008
9 6 (0.46%) AIX
9 6 (0.46%) HPUX
9 6 (0.46%) Windows Server 2003
9 6 (0.46%) Windows Server 2012
9 6 (0.46%) Windows XP
10 5 (0.39%) Mac OS
11 1 (0.077%) Mac OS X
11 1 (0.077%) Solaris
Processes & Methodologies
1 1,016 (78.40%) Information Security
2 647 (49.92%) Cybersecurity
3 411 (31.71%) Risk Management
4 251 (19.37%) SIEM
5 209 (16.13%) ITIL
6 192 (14.81%) Security Architecture
7 189 (14.58%) Security Operations
8 188 (14.51%) Security Management
9 172 (13.27%) Penetration Testing
10 160 (12.35%) Data Protection
11 158 (12.19%) Vulnerability Management
12 153 (11.81%) Stakeholder Management
13 149 (11.50%) Agile Software Development
14 140 (10.80%) Information Security Management
15 131 (10.11%) Incident Management
16 117 (9.03%) ISMS
17 106 (8.18%) OWASP
18 103 (7.95%) Identity Access Management
18 103 (7.95%) Project Management
19 93 (7.18%) Problem-Solving
Programming Languages
1 23 (1.77%) C
2 19 (1.47%) Java
3 18 (1.39%) Python
4 13 (1.00%) C++
4 13 (1.00%) PowerShell
5 11 (0.85%) C#
5 11 (0.85%) Shell Script
6 9 (0.69%) Ruby
7 8 (0.62%) Go
7 8 (0.62%) Perl
7 8 (0.62%) SQL
7 8 (0.62%) VB
8 7 (0.54%) PHP
9 4 (0.31%) Bash Shell
9 4 (0.31%) VBScript
10 3 (0.23%) JavaScript
11 1 (0.077%) Scala
Qualifications
1 1,231 (94.98%) CISSP
2 622 (47.99%) CISA
3 265 (20.45%) CRISC
4 246 (18.98%) Degree
5 242 (18.67%) CEH
6 167 (12.89%) SANS
7 133 (10.26%) Cisco Certification
8 128 (9.88%) Security Cleared
9 104 (8.02%) SSCP
10 103 (7.95%) GIAC
11 79 (6.10%) SC Cleared
12 77 (5.94%) (ISC)2 CCSP
13 67 (5.17%) Computer Science Degree
14 63 (4.86%) CESG Certified Professional
15 54 (4.17%) CISMP
16 53 (4.09%) CCSP
17 50 (3.86%) CompTIA Security+
17 50 (3.86%) ISO 27001 Lead Auditor
18 49 (3.78%) CCNA
19 48 (3.70%) CREST Certified
Quality Assurance & Compliance
1 684 (52.78%) ISO/IEC 27001
2 274 (21.14%) PCI DSS
3 266 (20.52%) GDPR
4 89 (6.87%) Cyber Essentials
5 68 (5.25%) COBIT
6 59 (4.55%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 34 (2.62%) Sarbanes-Oxley
8 32 (2.47%) QA
9 28 (2.16%) Cyber Essentials PLUS
10 22 (1.70%) NIST 800
11 21 (1.62%) HMG Security Policy Framework
12 17 (1.31%) ISO/IEC 27005
13 14 (1.08%) ISO 22301
14 12 (0.93%) HIPAA
14 12 (0.93%) ISO 9001
15 10 (0.77%) ISAE 3402
16 7 (0.54%) ISO 31000
16 7 (0.54%) MiFID
16 7 (0.54%) RMADS
17 5 (0.39%) COSO
System Software
1 43 (3.32%) Active Directory
2 19 (1.47%) VMware Infrastructure
3 8 (0.62%) Docker
4 6 (0.46%) Snort
5 4 (0.31%) Virtual Machines
6 3 (0.23%) Hyper-V
6 3 (0.23%) NDS
7 1 (0.077%) ISA Server
7 1 (0.077%) VMware NSX
7 1 (0.077%) vSphere
Systems Management
1 63 (4.86%) Nessus
2 28 (2.16%) SCCM
3 25 (1.93%) McAfee ePO
4 14 (1.08%) CSIRT
5 13 (1.00%) HP Fortify
5 13 (1.00%) Single Sign-On
6 12 (0.93%) CASB
7 10 (0.77%) OSSEC
7 10 (0.77%) QRadar
8 9 (0.69%) Nmap
8 9 (0.69%) RSA Archer
9 7 (0.54%) Ansible
9 7 (0.54%) Kubernetes
10 5 (0.39%) Forum Sentry
10 5 (0.39%) Norton AntiVirus
11 3 (0.23%) CA Single Sign-On
11 3 (0.23%) IBM BigFix
11 3 (0.23%) Tivoli
11 3 (0.23%) WSUS
12 2 (0.15%) Computer Emergency Response Teams
Vendors
1 74 (5.71%) Microsoft
2 53 (4.09%) Cisco
2 53 (4.09%) Oracle
3 45 (3.47%) Symantec
4 43 (3.32%) McAfee
4 43 (3.32%) Splunk
5 42 (3.24%) CheckPoint
6 35 (2.70%) Palo Alto
7 33 (2.55%) Blue Coat
7 33 (2.55%) IBM
8 32 (2.47%) LogRhythm
9 28 (2.16%) Qualys
9 28 (2.16%) VMware
10 25 (1.93%) Aveksa
10 25 (1.93%) Juniper
11 24 (1.85%) FireEye
12 19 (1.47%) Google
13 17 (1.31%) SAP
14 15 (1.16%) F5
15 14 (1.08%) ArcSight