Period
to 28 January 2020

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 28 January 2020 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
28 Jan 2020
Same period 2019 Same period 2018
Rank 313 355 336
Rank change year-on-year +42 -19 -15
Permanent jobs citing CISM 1,226 1,322 1,641
As % of all permanent IT jobs advertised in the UK 0.98% 0.88% 0.95%
As % of the Qualifications category 4.47% 3.62% 4.00%
Number of salaries quoted 981 937 1,263
UK median annual salary £63,500 £65,000 £65,000
Median salary % change year-on-year -2.31% - -
10th Percentile £42,500 £41,250 £42,500
90th Percentile £93,750 £97,500 £96,250
UK excluding London median annual salary £60,000 £60,000 £57,500
% change year-on-year - +4.35% -4.17%

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 27,413 36,533 41,025
As % of all permanent IT jobs advertised in the UK 21.82% 24.19% 23.84%
Number of salaries quoted 20,316 26,660 31,909
UK median annual salary £50,000 £50,000 £47,500
Median salary % change year-on-year - +5.26% +5.56%
10th Percentile £27,500 £26,250 £26,250
90th Percentile £82,500 £80,250 £78,750
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% -

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 28 January 2020.

Salary histogram for CISM in the UK

CISM
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 28 January 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +35 1,129 £65,000 - 123
UK excluding London +50 716 £60,000 - 87
London +26 471 £72,500 -3.33% 45
South East +36 225 £65,000 +8.33% 17
Midlands +92 180 £55,000 -4.35% 19
West Midlands +78 146 £54,500 -5.22% 14
North of England +24 138 £55,000 - 24
South West +1 77 £57,750 +5.00% 9
Yorkshire +26 69 £56,000 +16.06% 14
North West +24 64 £55,000 -8.33% 10
Scotland +51 45 £55,000 +6.80% 5
East of England +15 40 £62,500 -16.67% 9
East Midlands +27 32 £55,000 -12.00% 5
Wales +10 14 £55,000 +51.05% 4
North East +2 5 £41,285 -37.21%
Northern Ireland - 2 £65,000 -

For the 6 months to 28 January 2020, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISM.

1 1,163 (94.86%) CISSP
2 915 (74.63%) Information Security
3 732 (59.71%) Cybersecurity
4 641 (52.28%) ISO/IEC 27001
5 388 (31.65%) CISA
6 330 (26.92%) Risk Management
7 309 (25.20%) Finance
7 309 (25.20%) Degree
8 297 (24.23%) NIST
9 267 (21.78%) Management Information System
10 247 (20.15%) SIEM
11 241 (19.66%) GDPR
12 239 (19.49%) PCI DSS
13 230 (18.76%) Firewall
14 201 (16.39%) Security Architecture
15 174 (14.19%) Security Operations
16 172 (14.03%) Penetration Testing
17 168 (13.70%) CRISC
18 161 (13.13%) Data Protection
18 161 (13.13%) Agile Software Development
19 158 (12.89%) Security Management
20 139 (11.34%) ITIL
21 138 (11.26%) CESG Certified Professional
22 135 (11.01%) Security Cleared
22 135 (11.01%) Vulnerability Management
23 131 (10.69%) Cisco Certification
23 131 (10.69%) Stakeholder Management
23 131 (10.69%) CEH
24 124 (10.11%) ISMS
25 120 (9.79%) Network Security

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 80 (6.53%) IIS
2 11 (0.90%) SharePoint
3 2 (0.16%) MS Exchange
4 1 (0.082%) Apache
4 1 (0.082%) Elasticsearch
Applications
1 26 (2.12%) Microsoft Excel
2 23 (1.88%) Microsoft PowerPoint
3 4 (0.33%) MS Visio
4 3 (0.24%) Microsoft Office
5 1 (0.082%) Microsoft Project
Business Applications
1 3 (0.24%) Sparx Enterprise Architect
2 2 (0.16%) Dynamics CRM
2 2 (0.16%) Dynamics NAV
3 1 (0.082%) Sentinel
Cloud Services
1 120 (9.79%) Azure
2 105 (8.56%) AWS
3 46 (3.75%) Office 365
4 42 (3.43%) Cloud Computing
5 34 (2.77%) PaaS
6 32 (2.61%) IaaS
7 29 (2.37%) SaaS
8 27 (2.20%) GCP
9 12 (0.98%) Serverless
10 11 (0.90%) Azure Active Directory
11 6 (0.49%) G Suite
12 5 (0.41%) Power Platform
12 5 (0.41%) PowerApps
13 3 (0.24%) Mimecast
14 2 (0.16%) Dynamics 365
Communications & Networking
1 230 (18.76%) Firewall
2 120 (9.79%) Network Security
3 57 (4.65%) Intrusion Detection
4 42 (3.43%) Internet
5 38 (3.10%) LAN
6 36 (2.94%) WAN
7 27 (2.20%) TCP/IP
8 25 (2.04%) VPN
9 18 (1.47%) SAN
10 17 (1.39%) DNS
11 12 (0.98%) HTTP
12 11 (0.90%) DHCP
13 10 (0.82%) SMTP
14 9 (0.73%) PPP
15 8 (0.65%) Wireshark
16 7 (0.57%) Broadband
17 6 (0.49%) SSL
18 5 (0.41%) Cisco ASA
18 5 (0.41%) NAS
18 5 (0.41%) SNMP
Database & Business Intelligence
1 15 (1.22%) Big Data
2 8 (0.65%) SQL Server
3 5 (0.41%) Power BI
4 4 (0.33%) Geospatial Data
5 2 (0.16%) Maltego
6 1 (0.082%) Data Warehouse
6 1 (0.082%) GIS
6 1 (0.082%) SAP HANA
Development Applications
1 6 (0.49%) Metasploit
2 5 (0.41%) WinDbg
3 3 (0.24%) Burp Suite
3 3 (0.24%) Jenkins
4 1 (0.082%) AppScan
4 1 (0.082%) JIRA
4 1 (0.082%) Snyk
4 1 (0.082%) SonarQube
General
1 309 (25.20%) Finance
2 113 (9.22%) Legal
3 92 (7.50%) Public Sector
4 73 (5.95%) Law
5 69 (5.63%) Retail
6 46 (3.75%) Banking
7 30 (2.45%) Marketing
8 24 (1.96%) Aerospace
9 22 (1.79%) Telecoms
10 17 (1.39%) Manufacturing
11 15 (1.22%) Financial Institution
12 12 (0.98%) Investment Banking
13 11 (0.90%) Military
14 10 (0.82%) Games
15 9 (0.73%) Electronics
16 8 (0.65%) Advertising
17 7 (0.57%) Billing
18 3 (0.24%) Back Office
19 2 (0.16%) International Banking
19 2 (0.16%) Local Government
Job Titles
1 264 (21.53%) Security Manager
2 197 (16.07%) Analyst
3 192 (15.66%) Information Security Manager
4 190 (15.50%) Information Manager
5 174 (14.19%) Consultant
6 170 (13.87%) Security Analyst
7 156 (12.72%) Security Consultant
8 116 (9.46%) Information Analyst
8 116 (9.46%) Information Security Analyst
9 107 (8.73%) Architect
10 106 (8.65%) Security Architect
11 78 (6.36%) Security Engineer
12 72 (5.87%) Security Officer
13 67 (5.46%) Security Specialist
14 58 (4.73%) Information Security Officer
15 57 (4.65%) Cybersecurity Consultant
16 52 (4.24%) Information Security Consultant
17 51 (4.16%) Information Officer
18 50 (4.08%) Head of Security
19 35 (2.85%) Head of Information
Libraries, Frameworks & Software Standards
1 18 (1.47%) SailPoint
2 9 (0.73%) Middleware
3 7 (0.57%) RESTful
4 6 (0.49%) ModSecurity
4 6 (0.49%) Web Services
5 4 (0.33%) SAML
6 3 (0.24%) .NET
6 3 (0.24%) LDAP
7 2 (0.16%) D3.js
7 2 (0.16%) OAuth
8 1 (0.082%) .NET Framework
8 1 (0.082%) OpenID
Miscellaneous
1 267 (21.78%) Management Information System
2 84 (6.85%) Analytical Skills
3 63 (5.14%) Cyberthreat
4 52 (4.24%) Self-Motivation
5 42 (3.43%) Data Protection Act
5 42 (3.43%) Security Operations Centre
6 33 (2.69%) Cyberattack
7 26 (2.12%) Cyber Defence
8 18 (1.47%) CESG
9 15 (1.22%) User Experience
10 14 (1.14%) Reinsurance
11 13 (1.06%) SWIFT
12 11 (0.90%) Data Centre
12 11 (0.90%) Distributed Denial-of-Service
12 11 (0.90%) Enterprise Software
13 10 (0.82%) Greenfield Project
14 9 (0.73%) Mobile Computing
15 8 (0.65%) BYOD
15 8 (0.65%) Learning Management System
15 8 (0.65%) Smart Energy
Operating Systems
1 84 (6.85%) Linux
2 66 (5.38%) Windows
3 26 (2.12%) Windows Server
4 19 (1.55%) Unix
5 7 (0.57%) Windows Server 2012
6 3 (0.24%) Android
6 3 (0.24%) Kali Linux
7 2 (0.16%) Apple iOS
7 2 (0.16%) Windows 10
8 1 (0.082%) Mac OS
8 1 (0.082%) Mac OS X
Processes & Methodologies
1 915 (74.63%) Information Security
2 732 (59.71%) Cybersecurity
3 330 (26.92%) Risk Management
4 247 (20.15%) SIEM
5 201 (16.39%) Security Architecture
6 174 (14.19%) Security Operations
7 172 (14.03%) Penetration Testing
8 161 (13.13%) Agile Software Development
8 161 (13.13%) Data Protection
9 158 (12.89%) Security Management
10 139 (11.34%) ITIL
11 135 (11.01%) Vulnerability Management
12 131 (10.69%) Stakeholder Management
13 124 (10.11%) ISMS
14 110 (8.97%) Risk Assessment
15 104 (8.48%) Information Assurance
16 100 (8.16%) TOGAF
17 97 (7.91%) Threat Intelligence
18 90 (7.34%) Continuous Improvement
18 90 (7.34%) Information Security Management
Programming Languages
1 32 (2.61%) Python
2 25 (2.04%) Java
3 24 (1.96%) C
4 20 (1.63%) C++
5 18 (1.47%) PowerShell
6 6 (0.49%) Bash Shell
7 5 (0.41%) SQL
7 5 (0.41%) VBScript
8 4 (0.33%) PHP
9 3 (0.24%) C#
9 3 (0.24%) JavaScript
10 2 (0.16%) Perl
10 2 (0.16%) Scala
11 1 (0.082%) Go
11 1 (0.082%) Objective-C
11 1 (0.082%) Shell Script
Qualifications
1 1,163 (94.86%) CISSP
2 388 (31.65%) CISA
3 309 (25.20%) Degree
4 168 (13.70%) CRISC
5 138 (11.26%) CESG Certified Professional
6 135 (11.01%) Security Cleared
7 131 (10.69%) CEH
7 131 (10.69%) Cisco Certification
8 97 (7.91%) GIAC
9 91 (7.42%) SC Cleared
10 89 (7.26%) (ISC)2 CCSP
11 88 (7.18%) SANS
12 84 (6.85%) IISP
13 55 (4.49%) ISO 27001 Lead Auditor
14 49 (4.00%) SSCP
15 47 (3.83%) CompTIA Security+
16 43 (3.51%) CISMP
17 41 (3.34%) CREST Certified
17 41 (3.34%) ISO 27001 Lead Implementer
18 37 (3.02%) CCSP
Quality Assurance & Compliance
1 641 (52.28%) ISO/IEC 27001
2 297 (24.23%) NIST
3 241 (19.66%) GDPR
4 239 (19.49%) PCI DSS
5 113 (9.22%) NCSC
6 103 (8.40%) Cyber Essentials
7 73 (5.95%) COBIT
8 52 (4.24%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 50 (4.08%) HMG Security Policy Framework
10 48 (3.92%) Sarbanes-Oxley
11 40 (3.26%) NIST 800
12 35 (2.85%) SLA
13 33 (2.69%) QA
14 32 (2.61%) Cyber Essentials PLUS
15 20 (1.63%) HIPAA
15 20 (1.63%) ISO 9001
15 20 (1.63%) RMADS
16 18 (1.47%) ISO 22301
17 17 (1.39%) JSP 440
18 16 (1.31%) ISO/IEC 27005
System Software
1 31 (2.53%) Active Directory
2 13 (1.06%) VMware Infrastructure
3 6 (0.49%) Hyper-V
4 3 (0.24%) Docker
5 2 (0.16%) Virtual Machines
6 1 (0.082%) ACF2
6 1 (0.082%) ProxySG
6 1 (0.082%) Snort
Systems Management
1 34 (2.77%) Nessus
2 17 (1.39%) SCCM
3 15 (1.22%) McAfee ePO
4 9 (0.73%) Nmap
5 6 (0.49%) CASB
5 6 (0.49%) QRadar
5 6 (0.49%) Single Sign-On
6 5 (0.41%) WSUS
7 2 (0.16%) Host Intrusion Detection System
8 1 (0.082%) Ansible
8 1 (0.082%) HP Fortify
8 1 (0.082%) OpenVAS
8 1 (0.082%) Puppet
8 1 (0.082%) Terraform
Vendors
1 67 (5.46%) Microsoft
2 37 (3.02%) Cisco
3 36 (2.94%) Splunk
4 27 (2.20%) McAfee
5 25 (2.04%) Google
5 25 (2.04%) Palo Alto
6 19 (1.55%) LogRhythm
7 18 (1.47%) Intel
7 18 (1.47%) SolarWinds
8 16 (1.31%) Qualys
9 15 (1.22%) Aveksa
9 15 (1.22%) CA
10 14 (1.14%) VMware
11 13 (1.06%) Symantec
12 12 (0.98%) CheckPoint
12 12 (0.98%) ServiceNow
13 11 (0.90%) SAP
14 10 (0.82%) Apple
14 10 (0.82%) Dell
14 10 (0.82%) HP