Period
to 25 July 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 25 July 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
25 Jul 2021
Same period 2020 Same period 2019
Rank 464 337 362
Rank change year-on-year -127 +25 -37
Permanent jobs citing CISM 708 614 1,260
As % of all permanent jobs advertised in the UK 0.63% 0.87% 0.87%
As % of the Qualifications category 2.94% 3.95% 3.61%
Number of salaries quoted 561 488 985
10th Percentile £42,500 £42,500 £42,500
25th Percentile £52,500 £50,000 £52,500
Median annual salary (50th Percentile) £65,000 £63,500 £65,000
Median % change year-on-year +2.36% -2.31% -
75th Percentile £80,000 £77,500 £83,750
90th Percentile £87,500 £88,750 £95,000
UK excluding London median annual salary £60,000 £57,500 £60,000
% change year-on-year +4.35% -4.17% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 24,090 15,548 34,872
As % of all permanent IT jobs advertised in the UK 21.42% 21.98% 24.18%
Number of salaries quoted 13,914 11,661 25,679
10th Percentile £31,250 £30,000 £26,500
25th Percentile £41,250 £38,000 £35,000
Median annual salary (50th Percentile) £55,000 £52,500 £50,000
Median % change year-on-year +4.76% +5.00% -
75th Percentile £72,500 £70,000 £66,250
90th Percentile £87,500 £85,000 £82,500
UK excluding London median annual salary £48,500 £47,500 £45,000
% change year-on-year +2.11% +5.56% -

CISM
Job Vacancy Trend

Job postings citing CISM as a proportion of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

3-month moving average salary quoted in jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

Salary distribution for jobs citing CISM over the 6 months to 25 July 2021.

Salary histogram for CISM in the UK

CISM
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 25 July 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -118 651 £65,000 - 117
London -100 332 £67,500 +3.85% 41
UK excluding London -105 330 £60,000 +4.35% 82
South East -41 136 £55,000 - 25
Work from Home -155 132 £71,250 +29.55% 29
Midlands -61 52 £67,500 +28.57% 12
North of England -90 50 £57,500 - 23
West Midlands -61 40 £67,500 +28.57% 7
South West -64 39 £54,000 -16.92% 9
East of England -29 29 £77,500 +19.23% 7
Scotland -77 22 £65,000 +15.02% 3
Yorkshire -69 18 £60,000 +4.35% 6
North East - 18 £57,500 - 1
North West -72 17 £55,000 -4.35% 16
East Midlands -36 11 £65,000 +18.18% 5
Wales -8 10 £37,000 -29.52% 3

For the 6 months to 25 July 2021, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 663 (93.64%) CISSP
2 465 (65.68%) Information Security
3 396 (55.93%) Cybersecurity
4 310 (43.79%) ISO/IEC 27001
5 278 (39.27%) CISA
6 215 (30.37%) Social Skills
7 212 (29.94%) Risk Management
8 194 (27.40%) NIST
9 169 (23.87%) Azure
10 161 (22.74%) GDPR
11 160 (22.60%) Finance
12 157 (22.18%) Management Information System
13 149 (21.05%) SIEM
14 139 (19.63%) Security Architecture
15 116 (16.38%) Security Operations
16 115 (16.24%) Security Management
17 114 (16.10%) Microsoft
18 110 (15.54%) Degree
19 107 (15.11%) Data Protection
20 101 (14.27%) Vulnerability Management
21 99 (13.98%) Firewall
21 99 (13.98%) Cyber Essentials
22 94 (13.28%) Cisco Certification
23 93 (13.14%) PCI DSS
24 87 (12.29%) AWS
25 84 (11.86%) CRISC
25 84 (11.86%) ITIL
25 84 (11.86%) CEH
26 78 (11.02%) Agile Software Development
27 77 (10.88%) Analytical Skills

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 26 (3.67%) IIS
2 10 (1.41%) MTS
3 7 (0.99%) SharePoint
4 2 (0.28%) Confluence
4 2 (0.28%) MS Exchange
Applications
1 18 (2.54%) MS Visio
2 13 (1.84%) Microsoft Office
3 11 (1.55%) Microsoft Excel
4 9 (1.27%) Microsoft PowerPoint
Business Applications
1 9 (1.27%) Sentinel
2 1 (0.14%) Distributed Ledger
2 1 (0.14%) Relativity
Cloud Services
1 169 (23.87%) Azure
2 87 (12.29%) AWS
3 71 (10.03%) Microsoft 365
4 39 (5.51%) Cloud Computing
5 26 (3.67%) SaaS
6 25 (3.53%) IaaS
6 25 (3.53%) PaaS
7 22 (3.11%) Azure Sentinel
8 16 (2.26%) Azure Active Directory
9 15 (2.12%) GCP
10 12 (1.69%) Serverless
11 7 (0.99%) Azure Service Bus
11 7 (0.99%) Mimecast
12 5 (0.71%) Akamai
13 4 (0.56%) BPaaS
13 4 (0.56%) Power Platform
13 4 (0.56%) PowerApps
14 2 (0.28%) Azure Key Vault
14 2 (0.28%) Sumo Logic
15 1 (0.14%) AWS IoT
Communications & Networking
1 99 (13.98%) Firewall
2 70 (9.89%) Network Security
3 35 (4.94%) Intrusion Detection
4 25 (3.53%) DNS
5 22 (3.11%) VPN
6 21 (2.97%) TCP/IP
7 19 (2.68%) DHCP
7 19 (2.68%) WAN
8 18 (2.54%) LAN
9 16 (2.26%) SAN
10 14 (1.98%) Internet
11 10 (1.41%) SMTP
12 9 (1.27%) Wi-Fi
12 9 (1.27%) Wireless
13 8 (1.13%) DMZ
14 7 (0.99%) Unified Communications
15 6 (0.85%) SCCP
15 6 (0.85%) SD-WAN
15 6 (0.85%) Wireless Security
16 5 (0.71%) BGP
Database & Business Intelligence
1 6 (0.85%) Azure SQL Database
1 6 (0.85%) Data Warehouse
1 6 (0.85%) SQL Server
2 3 (0.42%) Blockchain
2 3 (0.42%) Oracle Database
2 3 (0.42%) Oracle Database 11g
3 2 (0.28%) Amazon RDS
3 2 (0.28%) DB2
4 1 (0.14%) Big Data
4 1 (0.14%) GIS
4 1 (0.14%) Metadata
4 1 (0.14%) SQL Server 2012
4 1 (0.14%) SQL Server 2014
Development Applications
1 4 (0.56%) JIRA
2 1 (0.14%) Burp Suite
2 1 (0.14%) Metasploit
2 1 (0.14%) SonarQube
2 1 (0.14%) TeamCity
General
1 215 (30.37%) Social Skills
2 160 (22.60%) Finance
3 77 (10.88%) Analytical Skills
4 55 (7.77%) Legal
5 31 (4.38%) Telecoms
6 28 (3.95%) Banking
7 27 (3.81%) Retail
8 25 (3.53%) Influencing Skills
8 25 (3.53%) Law
9 22 (3.11%) Presentation Skills
9 22 (3.11%) Public Sector
10 16 (2.26%) Inclusion and Diversity
11 13 (1.84%) Marketing
11 13 (1.84%) Police
12 12 (1.69%) Advertising
12 12 (1.69%) Manufacturing
13 9 (1.27%) Organisational Skills
14 8 (1.13%) Electronics
14 8 (1.13%) French Language
15 6 (0.85%) Public Speaking
Job Titles
1 131 (18.50%) Security Manager
2 115 (16.24%) Consultant
3 97 (13.70%) Analyst
4 91 (12.85%) Architect
4 91 (12.85%) Security Consultant
5 82 (11.58%) Security Analyst
5 82 (11.58%) Security Architect
6 72 (10.17%) Information Manager
7 70 (9.89%) Security Engineer
8 69 (9.75%) Information Security Manager
9 41 (5.79%) Head of Security
10 40 (5.65%) Security Specialist
11 37 (5.23%) IT Manager
12 35 (4.94%) Security Officer
13 34 (4.80%) Information Analyst
13 34 (4.80%) Information Security Analyst
14 33 (4.66%) Cybersecurity Consultant
14 33 (4.66%) Information Security Consultant
15 31 (4.38%) IT Analyst
15 31 (4.38%) IT Security Analyst
Libraries, Frameworks & Software Standards
1 13 (1.84%) Web Services
2 11 (1.55%) .NET
3 7 (0.99%) .NET Framework
4 6 (0.85%) Middleware
4 6 (0.85%) OAuth
4 6 (0.85%) SAML
5 5 (0.71%) .NET Core
5 5 (0.71%) ISPF
5 5 (0.71%) RESTful
5 5 (0.71%) SOAP
5 5 (0.71%) XML
6 4 (0.56%) ASP.NET
6 4 (0.56%) J2EE
6 4 (0.56%) Regular Expression
7 1 (0.14%) REST
Miscellaneous
1 157 (22.18%) Management Information System
2 33 (4.66%) Cyberthreat
3 21 (2.97%) Data Centre
4 19 (2.68%) Cyberattack
5 18 (2.54%) Cyber Kill Chain
6 17 (2.40%) Data Protection Act
6 17 (2.40%) Public Cloud
7 13 (1.84%) Security Operations Centre
7 13 (1.84%) Self-Motivation
8 12 (1.69%) SCADA
8 12 (1.69%) Smart Meter
8 12 (1.69%) Virtual Team
9 11 (1.55%) Distributed Denial-of-Service
9 11 (1.55%) Hybrid Cloud
9 11 (1.55%) Private Cloud
10 10 (1.41%) Cloud Native
10 10 (1.41%) Greenfield Project
11 9 (1.27%) Cybercrime
11 9 (1.27%) Life Science
12 6 (0.85%) PKI
Operating Systems
1 37 (5.23%) Windows
2 32 (4.52%) Linux
3 15 (2.12%) Windows Server
4 11 (1.55%) Unix
5 8 (1.13%) Mac OS
6 7 (0.99%) Windows 10
7 5 (0.71%) Red Hat Enterprise Linux
7 5 (0.71%) SUSE
8 2 (0.28%) AIX
9 1 (0.14%) Kali Linux
9 1 (0.14%) Windows 7
9 1 (0.14%) Windows Server 2008
9 1 (0.14%) Windows Server 2012
Processes & Methodologies
1 465 (65.68%) Information Security
2 396 (55.93%) Cybersecurity
3 212 (29.94%) Risk Management
4 149 (21.05%) SIEM
5 139 (19.63%) Security Architecture
6 116 (16.38%) Security Operations
7 115 (16.24%) Security Management
8 107 (15.11%) Data Protection
9 101 (14.27%) Vulnerability Management
10 84 (11.86%) ITIL
11 78 (11.02%) Agile Software Development
12 73 (10.31%) Incident Management
12 73 (10.31%) Stakeholder Management
13 72 (10.17%) Penetration Testing
14 70 (9.89%) ISMS
15 69 (9.75%) Risk Assessment
16 66 (9.32%) Continuous Improvement
17 65 (9.18%) Information Security Management
18 62 (8.76%) Project Management
19 61 (8.62%) Identity Access Management
Programming Languages
1 22 (3.11%) C
2 16 (2.26%) PowerShell
3 13 (1.84%) Python
4 11 (1.55%) SQL
5 8 (1.13%) Go
6 6 (0.85%) Java
7 5 (0.71%) VBA
Qualifications
1 663 (93.64%) CISSP
2 278 (39.27%) CISA
3 110 (15.54%) Degree
4 94 (13.28%) Cisco Certification
5 84 (11.86%) CEH
5 84 (11.86%) CRISC
6 66 (9.32%) (ISC)2 CCSP
7 64 (9.04%) Security Cleared
8 52 (7.34%) SSCP
9 46 (6.50%) SANS
10 43 (6.07%) CompTIA Security+
11 42 (5.93%) CESG Certified Professional
12 39 (5.51%) GIAC
13 34 (4.80%) CSSLP
14 28 (3.95%) SC Cleared
15 25 (3.53%) OSCP
16 24 (3.39%) CCSP
17 22 (3.11%) CCNA
17 22 (3.11%) IISP
17 22 (3.11%) ISO 27001 Lead Auditor
Quality Assurance & Compliance
1 310 (43.79%) ISO/IEC 27001
2 194 (27.40%) NIST
3 161 (22.74%) GDPR
4 99 (13.98%) Cyber Essentials
5 93 (13.14%) PCI DSS
6 61 (8.62%) GRC
7 50 (7.06%) COBIT
8 48 (6.78%) NCSC
9 21 (2.97%) Cyber Essentials PLUS
9 21 (2.97%) NIST 800
10 18 (2.54%) RMADS
11 14 (1.98%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
12 13 (1.84%) JSP 440
13 10 (1.41%) ISO/IEC 27005
14 7 (0.99%) HMG Security Policy Framework
15 6 (0.85%) COSO
15 6 (0.85%) Government Security Classifications
15 6 (0.85%) ITGC
15 6 (0.85%) Sarbanes-Oxley
16 5 (0.71%) SLA
System Software
1 38 (5.37%) Active Directory
2 10 (1.41%) VMware Infrastructure
3 7 (0.99%) Hyper-V
4 5 (0.71%) Virtual Desktop
4 5 (0.71%) Virtual Machines
5 3 (0.42%) Firmware
6 2 (0.28%) pfSense
6 2 (0.28%) Terminal Server
7 1 (0.14%) BitLocker
7 1 (0.14%) Forefront TMG
Systems Management
1 29 (4.10%) QRadar
2 12 (1.69%) Kubernetes
3 8 (1.13%) Kibana
3 8 (1.13%) RSA Archer
3 8 (1.13%) Single Sign-On
4 7 (0.99%) Active Directory Federation Services
5 6 (0.85%) Nessus
5 6 (0.85%) Puppet
6 4 (0.56%) CASB
6 4 (0.56%) CSIRT
6 4 (0.56%) EMC NetWorker
7 3 (0.42%) Data Guard
7 3 (0.42%) SCCM
8 2 (0.28%) Failover Clustering
8 2 (0.28%) Microsoft Intune
8 2 (0.28%) SCOM
8 2 (0.28%) Terraform
9 1 (0.14%) AirWatch
9 1 (0.14%) Forefront Identity Manager
9 1 (0.14%) Nexpose
Vendors
1 114 (16.10%) Microsoft
2 28 (3.95%) Cisco
3 26 (3.67%) Splunk
4 24 (3.39%) Google
4 24 (3.39%) Palo Alto
5 18 (2.54%) AlienVault
6 14 (1.98%) CheckPoint
7 13 (1.84%) VMware
8 10 (1.41%) Apple
8 10 (1.41%) Symantec
9 9 (1.27%) Qualys
10 8 (1.13%) Adobe
10 8 (1.13%) SAP
11 7 (0.99%) ArcSight
11 7 (0.99%) Juniper
11 7 (0.99%) McAfee
11 7 (0.99%) Oracle
12 6 (0.85%) ServiceNow
13 5 (0.71%) Meraki
13 5 (0.71%) Rapid7