Period
to 18 October 2017

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 18 October 2017 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
18 Oct 2017
Same period 2016 Same period 2015
Rank 315 321 463
Rank change year-on-year +6 +142 +157
Permanent jobs citing CISM 1808 1865 1368
As % of all permanent IT jobs advertised in the UK 1.04% 0.97% 0.63%
As % of the Qualifications category 4.27% 3.69% 2.29%
Number of salaries quoted 1419 1490 1074
UK median annual salary £65,000 £65,000 £60,000
Median salary % change year-on-year - +8.33% +9.09%
10th Percentile £42,500 £41,250 £41,250
90th Percentile £91,250 £90,000 £86,250
UK excluding London median annual salary £55,000 £60,000 £52,500
% change year-on-year -8.33% +14.29% -4.55%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 42351 50528 59666
As % of all permanent IT jobs advertised in the UK 24.25% 26.36% 27.39%
Number of salaries quoted 32535 40628 47615
UK median annual salary £46,500 £45,000 £45,000
Median salary % change year-on-year +3.33% - +2.27%
10th Percentile £26,000 £26,250 £25,750
90th Percentile £77,500 £76,250 £73,750
UK excluding London median annual salary £42,500 £42,500 £40,000
% change year-on-year - +6.25% -

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 18 October 2017.

Salary histogram for CISM in the UK

CISM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 18 October 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +25 1736 £65,000 - 87
London +29 979 £70,000 - 39
UK excluding London -8 788 £55,000 -8.33% 49
South East +49 262 £59,250 -5.20% 14
North of England +44 243 £55,000 -8.33% 19
North West +29 150 £55,000 -8.33% 13
East of England +24 99 £57,500 +12.20% 7
Midlands -69 86 £55,000 - 4
West Midlands -63 70 £50,000 -9.09% 4
Yorkshire +11 67 £52,500 -12.50% 3
South West -12 62 £55,000 -21.43% 3
North East +27 26 £66,250 +51.43% 3
Scotland -41 26 £66,000 +20.00% 1
East Midlands +36 16 £55,000 -
Wales +19 4 £57,500 -11.54% 1
Northern Ireland -27 4 £55,000 +37.50%
Channel Islands - 2 £75,000 -

For the 6 months to 18 October 2017, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CISM.

1 1743 (96.40%) CISSP
2 1376 (76.11%) Information Security
3 838 (46.35%) ISO/IEC 27001
4 789 (43.64%) CISA
5 652 (36.06%) Finance
6 636 (35.18%) Cybersecurity
7 475 (26.27%) SIEM
8 451 (24.94%) Data Protection
9 436 (24.12%) Firewall
10 428 (23.67%) Risk Management
11 386 (21.35%) Degree
12 369 (20.41%) Security Operations
13 364 (20.13%) PCI DSS
14 340 (18.81%) ITIL
15 317 (17.53%) Penetration Testing
16 310 (17.15%) Security Architecture
17 300 (16.59%) Management Information System
18 278 (15.38%) CRISC
19 248 (13.72%) Windows
19 248 (13.72%) GDPR
20 232 (12.83%) Agile Software Development
20 232 (12.83%) Vulnerability Management
21 228 (12.61%) Banking
22 227 (12.56%) Linux
23 225 (12.44%) CEH
24 208 (11.50%) Security Management
25 200 (11.06%) Risk Assessment
26 199 (11.01%) Active Directory
27 190 (10.51%) Network Security
27 190 (10.51%) Computer Science

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 36 (1.99%) IIS
2 21 (1.16%) SharePoint
3 15 (0.83%) WebSphere
4 9 (0.50%) Apache
5 4 (0.22%) SAS
6 3 (0.17%) MS Exchange
7 2 (0.11%) OpenStack
8 1 (0.055%) Apache Spark
8 1 (0.055%) WordPress
Applications
1 33 (1.83%) Microsoft Office
2 24 (1.33%) Microsoft Excel
3 20 (1.11%) Microsoft PowerPoint
4 14 (0.77%) Microsoft Project
5 4 (0.22%) MS Visio
6 3 (0.17%) Maya
7 2 (0.11%) Chatbot
8 1 (0.055%) Spreadsheet
Business Applications
1 10 (0.55%) Dynamics CRM
2 9 (0.50%) assyst
3 5 (0.28%) Oracle Applications
4 4 (0.22%) Payment Gateway
4 4 (0.22%) Sentinel
5 3 (0.17%) Infor M3
6 1 (0.055%) SAP ERP
6 1 (0.055%) SAP GRC
Cloud Services
1 90 (4.98%) Amazon AWS
2 59 (3.26%) Microsoft Azure
3 45 (2.49%) SaaS
4 37 (2.05%) Office 365
5 30 (1.66%) IaaS
6 12 (0.66%) Azure Active Directory
6 12 (0.66%) G Suite
6 12 (0.66%) Sumo Logic
7 10 (0.55%) Google Cloud Platform
7 10 (0.55%) Mimecast
7 10 (0.55%) OneDrive
8 9 (0.50%) Cloudflare
9 8 (0.44%) Cloud Computing
10 7 (0.39%) PaaS
11 2 (0.11%) AWS CloudFormation
12 1 (0.055%) GitHub
12 1 (0.055%) Virtual Private Cloud
Communications & Networking
1 436 (24.12%) Firewall
2 190 (10.51%) Network Security
3 154 (8.52%) TCP/IP
4 94 (5.20%) Intrusion Detection
5 84 (4.65%) Internet
6 61 (3.37%) WAN
7 50 (2.77%) LAN
8 36 (1.99%) VoIP
9 33 (1.83%) Cisco ASA
10 29 (1.60%) VPN
11 21 (1.16%) Wireless
12 17 (0.94%) DNS
13 13 (0.72%) Cisco PIX
13 13 (0.72%) IPsec
14 11 (0.61%) SSL
15 10 (0.55%) SCCP
16 9 (0.50%) DMVPN
16 9 (0.50%) FWSM
17 8 (0.44%) Multicast
17 8 (0.44%) Software-Defined Networking
Database & Business Intelligence
1 26 (1.44%) SQL Server
2 8 (0.44%) Big Data
3 7 (0.39%) GIS
3 7 (0.39%) MySQL
3 7 (0.39%) NoSQL
4 3 (0.17%) Blockchain
4 3 (0.17%) Oracle Database
5 2 (0.11%) Apache Cassandra
5 2 (0.11%) MongoDB
6 1 (0.055%) Hadoop
6 1 (0.055%) SQL Server 2008
6 1 (0.055%) SQL Server 2012
6 1 (0.055%) SQL Server 2014
Development Applications
1 21 (1.16%) Metasploit
2 14 (0.77%) AppScan
3 10 (0.55%) Jenkins
4 8 (0.44%) Burp Suite
5 6 (0.33%) Paros
6 1 (0.055%) Rational DOORS
6 1 (0.055%) Subversion
6 1 (0.055%) WebScarab
General
1 652 (36.06%) Finance
2 228 (12.61%) Banking
3 158 (8.74%) Legal
4 105 (5.81%) Retail
5 93 (5.14%) Telecoms
6 54 (2.99%) Manufacturing
7 52 (2.88%) Investment Banking
8 48 (2.65%) Retail Banking
9 47 (2.60%) Law
10 45 (2.49%) Marketing
11 37 (2.05%) Electronics
12 23 (1.27%) Private Banking
13 14 (0.77%) Financial Institution
14 10 (0.55%) Digital Economy
15 9 (0.50%) Advertising
15 9 (0.50%) French Language
16 7 (0.39%) Publishing
17 6 (0.33%) German Language
17 6 (0.33%) Military
17 6 (0.33%) Pharmaceutical
Job Titles
1 395 (21.85%) Security Manager
2 385 (21.29%) Analyst
3 335 (18.53%) Security Analyst
4 275 (15.21%) Consultant
5 246 (13.61%) Security Consultant
6 192 (10.62%) Information Security Manager
7 191 (10.56%) Information Manager
8 157 (8.68%) Information Analyst
8 157 (8.68%) Information Security Analyst
8 157 (8.68%) Security Engineer
9 110 (6.08%) IT Manager
10 108 (5.97%) Architect
10 108 (5.97%) Security Architect
11 92 (5.09%) IT Security Manager
12 91 (5.03%) Security Specialist
13 89 (4.92%) IT Analyst
14 86 (4.76%) Security Officer
15 80 (4.42%) Information Security Consultant
16 77 (4.26%) IT Engineer
17 76 (4.20%) Cybersecurity Manager
Libraries, Frameworks & Software Standards
1 44 (2.43%) SailPoint
2 30 (1.66%) Web Services
3 18 (1.00%) .NET
4 17 (0.94%) RESTful
5 15 (0.83%) MSMQ
5 15 (0.83%) WebSphere MQ
6 12 (0.66%) OAuth
7 10 (0.55%) HTML
7 10 (0.55%) XML
8 9 (0.50%) J2EE
9 8 (0.44%) SAML
10 7 (0.39%) OpenID
11 6 (0.33%) CSS
11 6 (0.33%) Middleware
12 5 (0.28%) ASP.NET
12 5 (0.28%) ASP.NET MVC
12 5 (0.28%) JSP
12 5 (0.28%) XSL
13 4 (0.22%) HTML5
13 4 (0.22%) JSON
Miscellaneous
1 300 (16.59%) Management Information System
2 190 (10.51%) Computer Science
3 177 (9.79%) Data Protection Act
4 167 (9.24%) Analytical Skills
5 57 (3.15%) PKI
6 56 (3.10%) Distributed Denial-of-Service
7 53 (2.93%) CESG
8 50 (2.77%) Cyberthreat
9 40 (2.21%) Data Centre
10 33 (1.83%) Security Operations Centre
11 32 (1.77%) Cyber Attack
12 22 (1.22%) Cyber Defence
13 19 (1.05%) Smart Meter
14 18 (1.00%) Public Cloud
15 17 (0.94%) NHS
16 15 (0.83%) Fintech
16 15 (0.83%) FMCG
16 15 (0.83%) Greenfield Project
17 12 (0.66%) Smart Energy
18 11 (0.61%) Internet of Things
Operating Systems
1 248 (13.72%) Windows
2 227 (12.56%) Linux
3 141 (7.80%) Windows Server
4 113 (6.25%) Unix
5 63 (3.48%) Apple iOS
6 32 (1.77%) Mac OS X
7 29 (1.60%) Android
8 14 (0.77%) Kali Linux
9 10 (0.55%) Windows Server 2008
10 8 (0.44%) Windows Server 2003
11 7 (0.39%) VMS
12 6 (0.33%) Windows Server 2012
13 5 (0.28%) Windows 7
14 2 (0.11%) AIX
15 1 (0.055%) FreeBSD
15 1 (0.055%) HPUX
15 1 (0.055%) OpenBSD
15 1 (0.055%) Red Hat Enterprise Linux
15 1 (0.055%) Windows 10
Processes & Methodologies
1 1376 (76.11%) Information Security
2 636 (35.18%) Cybersecurity
3 475 (26.27%) SIEM
4 451 (24.94%) Data Protection
5 428 (23.67%) Risk Management
6 369 (20.41%) Security Operations
7 340 (18.81%) ITIL
8 317 (17.53%) Penetration Testing
9 310 (17.15%) Security Architecture
10 232 (12.83%) Agile Software Development
10 232 (12.83%) Vulnerability Management
11 208 (11.50%) Security Management
12 200 (11.06%) Risk Assessment
13 188 (10.40%) Stakeholder Management
14 163 (9.02%) Project Management
15 157 (8.68%) Identity Access Management
16 154 (8.52%) Information Security Management
17 152 (8.41%) Vulnerability Scanning
18 142 (7.85%) ISMS
19 132 (7.30%) Data Loss Prevention
Programming Languages
1 58 (3.21%) Python
2 47 (2.60%) Java
3 40 (2.21%) SQL
4 38 (2.10%) Perl
5 30 (1.66%) C
5 30 (1.66%) C#
6 21 (1.16%) JavaScript
7 17 (0.94%) C++
8 16 (0.88%) Bash Shell
8 16 (0.88%) PowerShell
9 15 (0.83%) Ruby
10 13 (0.72%) Bourne shell
10 13 (0.72%) Korn
11 9 (0.50%) VB.NET
12 7 (0.39%) PHP
13 5 (0.28%) Objective-C
13 5 (0.28%) VB
Qualifications
1 1743 (96.40%) CISSP
2 789 (43.64%) CISA
3 386 (21.35%) Degree
4 278 (15.38%) CRISC
5 225 (12.44%) CEH
6 159 (8.79%) GIAC
7 129 (7.13%) Cisco Certification
7 129 (7.13%) SANS
8 110 (6.08%) CESG Certified Professional
9 97 (5.37%) Security Cleared
10 89 (4.92%) SSCP
11 84 (4.65%) Computer Science Degree
12 74 (4.09%) SC Cleared
13 67 (3.71%) CCNP
14 60 (3.32%) CCNA
15 58 (3.21%) GSEC
16 46 (2.54%) (ISC)2 CCSP
16 46 (2.54%) ISO 27001 Lead Auditor
17 45 (2.49%) CBAP
17 45 (2.49%) GISF
Quality Assurance & Compliance
1 838 (46.35%) ISO/IEC 27001
2 364 (20.13%) PCI DSS
3 248 (13.72%) GDPR
4 180 (9.96%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 134 (7.41%) COBIT
6 106 (5.86%) Cyber Essentials
7 61 (3.37%) Sarbanes-Oxley
8 53 (2.93%) ISO 22301
9 46 (2.54%) ISO/IEC 27005
10 27 (1.49%) HMG Security Policy Framework
11 25 (1.38%) ISO 9001
12 21 (1.16%) Data Quality
13 17 (0.94%) QA
14 16 (0.88%) SLA
15 14 (0.77%) ISO 14001
16 13 (0.72%) HIPAA
16 13 (0.72%) ISO 31000
17 12 (0.66%) NIST 800
18 11 (0.61%) COSO
18 11 (0.61%) PA-DSS
System Software
1 199 (11.01%) Active Directory
2 17 (0.94%) vSphere
3 16 (0.88%) Snort
4 13 (0.72%) VMware Infrastructure
5 9 (0.50%) VMware ESXi
6 6 (0.33%) Firmware
7 3 (0.17%) Docker
7 3 (0.17%) XenApp
8 1 (0.055%) Postfix
8 1 (0.055%) VMware NSX
Systems Management
1 95 (5.25%) Nessus
2 54 (2.99%) SCCM
3 47 (2.60%) McAfee ePO
4 37 (2.05%) QRadar
5 26 (1.44%) OpenVAS
6 25 (1.38%) CSIRT
7 23 (1.27%) Core Impact
7 23 (1.27%) Nexpose
7 23 (1.27%) PowerBroker
7 23 (1.27%) RSA Security Analytics
7 23 (1.27%) WSUS
8 14 (0.77%) Nmap
9 11 (0.61%) FTK
10 10 (0.55%) Puppet
10 10 (0.55%) SCOM
11 9 (0.50%) Ansible
11 9 (0.50%) FortiGate
12 6 (0.33%) Computer Emergency Response Teams
12 6 (0.33%) RSA Archer
13 5 (0.28%) HP Fortify
Vendors
1 142 (7.85%) Microsoft
2 128 (7.08%) Splunk
3 103 (5.70%) Cisco
4 65 (3.60%) McAfee
5 64 (3.54%) LogRhythm
6 63 (3.48%) CheckPoint
6 63 (3.48%) Symantec
7 61 (3.37%) Palo Alto
8 59 (3.26%) CyberArk
9 51 (2.82%) Qualys
10 43 (2.38%) Apple
11 41 (2.27%) AlienVault
11 41 (2.27%) Aveksa
12 37 (2.05%) SAP
13 31 (1.71%) ArcSight
14 29 (1.60%) Oracle
14 29 (1.60%) SolarWinds
15 23 (1.27%) Bomgar
16 22 (1.22%) IBM
17 20 (1.11%) Google