Period
to 21 November 2017

The following table provides summary statistics for permanent job vacancies with a requirement for CISM qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 21 November 2017 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Security Manager (CISM)
UK
6 months to
21 Nov 2017
Same period 2016 Same period 2015
Rank 325 313 445
Rank change year-on-year -12 +132 +167
Permanent jobs citing CISM 1782 1933 1476
As % of all permanent IT jobs advertised in the UK 0.98% 1.02% 0.68%
As % of the Qualifications category 4.10% 3.91% 2.47%
Number of salaries quoted 1351 1514 1155
UK median annual salary £64,000 £65,000 £60,000
Median salary % change year-on-year -1.54% +8.33% +9.09%
10th Percentile £42,500 £41,250 £41,594
90th Percentile £92,500 £90,000 £86,250
UK excluding London median annual salary £55,000 £60,000 £55,000
% change year-on-year -8.33% +9.09% -

CISM is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 43463 49497 59652
As % of all permanent IT jobs advertised in the UK 24.02% 26.20% 27.45%
Number of salaries quoted 33413 39737 47653
UK median annual salary £47,500 £45,000 £45,000
Median salary % change year-on-year +5.56% - +1.12%
10th Percentile £26,000 £26,250 £25,875
90th Percentile £77,500 £76,250 £75,000
UK excluding London median annual salary £42,500 £42,500 £41,000
% change year-on-year - +3.66% +2.50%

CISM
Job Vacancy Trend

Job postings citing CISM as a percentage of all IT jobs advertised.

Job vacancy trend for CISM in the UK

CISM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISM.

Salary trend for CISM in the UK

CISM
Salary Histogram

The salary distribution of IT jobs citing CISM over the 6 months to 21 November 2017.

Salary histogram for CISM in the UK

CISM
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISM within the UK over the 6 months to 21 November 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -6 1709 £64,000 -1.54% 93
London +8 918 £70,000 - 39
UK excluding London -30 811 £55,000 -8.33% 56
South East +45 292 £58,000 -7.20% 17
North of England +20 249 £52,500 -12.50% 25
North West +17 148 £55,000 -8.33% 4
East of England +30 105 £57,500 +15.00% 4
Midlands -75 81 £55,000 - 6
West Midlands -66 69 £55,000 - 6
Yorkshire +1 68 £52,500 -16.00% 16
South West -18 55 £55,000 -21.43% 2
North East +23 33 £65,000 +48.57% 5
Scotland -57 19 £57,500 +4.55%
East Midlands +16 12 £53,750 -2.27%
Wales +13 4 £57,500 -30.30% 2
Northern Ireland -27 4 £55,000 +37.50%
Channel Islands - 2 £75,000 -

For the 6 months to 21 November 2017, IT jobs citing CISM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CISM.

1 1727 (96.91%) CISSP
2 1377 (77.27%) Information Security
3 833 (46.75%) ISO/IEC 27001
4 767 (43.04%) CISA
5 666 (37.37%) Cybersecurity
6 640 (35.91%) Finance
7 457 (25.65%) SIEM
8 437 (24.52%) Firewall
9 436 (24.47%) Data Protection
10 395 (22.17%) Risk Management
11 394 (22.11%) Degree
12 364 (20.43%) PCI DSS
13 352 (19.75%) Security Operations
14 335 (18.80%) Penetration Testing
15 298 (16.72%) Security Architecture
16 290 (16.27%) ITIL
17 285 (15.99%) GDPR
18 283 (15.88%) Management Information System
19 277 (15.54%) CRISC
20 272 (15.26%) Windows
21 246 (13.80%) Agile Software Development
22 242 (13.58%) Vulnerability Management
23 228 (12.79%) CEH
23 228 (12.79%) Linux
24 221 (12.40%) Banking
25 218 (12.23%) Network Security
26 207 (11.62%) Security Management
27 201 (11.28%) GIAC
28 197 (11.05%) Active Directory
29 196 (11.00%) Risk Assessment

CISM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 36 (2.02%) IIS
2 31 (1.74%) SharePoint
3 19 (1.07%) WebSphere
4 9 (0.51%) Apache
5 5 (0.28%) SAS
6 3 (0.17%) MS Exchange
7 2 (0.11%) OpenStack
8 1 (0.056%) Apache Spark
8 1 (0.056%) WordPress
Applications
1 40 (2.24%) Microsoft Office
2 18 (1.01%) Microsoft Excel
3 17 (0.95%) Microsoft PowerPoint
4 12 (0.67%) Microsoft Project
5 2 (0.11%) Chatbot
5 2 (0.11%) MS Visio
6 1 (0.056%) Maya
Business Applications
1 17 (0.95%) Dynamics CRM
2 8 (0.45%) assyst
3 4 (0.22%) Payment Gateway
4 2 (0.11%) Sentinel
5 1 (0.056%) SAP ERP
5 1 (0.056%) SAP GRC
Cloud Services
1 86 (4.83%) Amazon AWS
2 64 (3.59%) Microsoft Azure
3 52 (2.92%) Office 365
4 41 (2.30%) SaaS
5 25 (1.40%) IaaS
6 20 (1.12%) OneDrive
7 15 (0.84%) Mimecast
8 12 (0.67%) Azure Active Directory
8 12 (0.67%) G Suite
8 12 (0.67%) Sumo Logic
9 9 (0.51%) Cloudflare
10 8 (0.45%) Google Cloud Platform
11 7 (0.39%) Cloud Computing
11 7 (0.39%) PaaS
12 1 (0.056%) AWS CloudFormation
12 1 (0.056%) GitHub
Communications & Networking
1 437 (24.52%) Firewall
2 218 (12.23%) Network Security
3 157 (8.81%) TCP/IP
4 94 (5.27%) Intrusion Detection
5 90 (5.05%) Internet
6 59 (3.31%) WAN
7 50 (2.81%) LAN
8 36 (2.02%) VoIP
9 27 (1.52%) VPN
10 23 (1.29%) Cisco ASA
11 19 (1.07%) Wireless
12 16 (0.90%) IPsec
13 13 (0.73%) Cisco PIX
14 11 (0.62%) SSL
15 10 (0.56%) DNS
15 10 (0.56%) SCCP
16 9 (0.51%) DMVPN
16 9 (0.51%) FWSM
17 8 (0.45%) DHCP
17 8 (0.45%) Multicast
Database & Business Intelligence
1 27 (1.52%) SQL Server
2 11 (0.62%) MySQL
3 9 (0.51%) Big Data
4 7 (0.39%) NoSQL
5 6 (0.34%) GIS
6 4 (0.22%) Blockchain
7 3 (0.17%) Oracle Database
8 2 (0.11%) Apache Cassandra
8 2 (0.11%) MongoDB
9 1 (0.056%) Hadoop
9 1 (0.056%) PostgreSQL
9 1 (0.056%) RDBMS
9 1 (0.056%) Relational Database
9 1 (0.056%) SQL Server 2008
9 1 (0.056%) SQL Server 2012
9 1 (0.056%) SQL Server 2014
Development Applications
1 20 (1.12%) Metasploit
2 15 (0.84%) AppScan
3 8 (0.45%) Jenkins
4 6 (0.34%) Burp Suite
5 5 (0.28%) Paros
6 2 (0.11%) Subversion
7 1 (0.056%) Git (software)
7 1 (0.056%) Rational DOORS
General
1 640 (35.91%) Finance
2 221 (12.40%) Banking
3 164 (9.20%) Legal
4 94 (5.27%) Telecoms
5 70 (3.93%) Retail
6 57 (3.20%) Manufacturing
7 54 (3.03%) Law
8 51 (2.86%) Investment Banking
9 49 (2.75%) Marketing
9 49 (2.75%) Retail Banking
10 40 (2.24%) Electronics
11 27 (1.52%) Private Banking
12 10 (0.56%) Advertising
12 10 (0.56%) Front Office
13 9 (0.51%) Digital Economy
13 9 (0.51%) Games
14 8 (0.45%) French Language
14 8 (0.45%) Pharmaceutical
15 7 (0.39%) Financial Institution
15 7 (0.39%) German Language
Job Titles
1 391 (21.94%) Security Manager
2 385 (21.60%) Analyst
3 343 (19.25%) Security Analyst
4 288 (16.16%) Consultant
5 256 (14.37%) Security Consultant
6 201 (11.28%) Information Security Manager
7 197 (11.05%) Information Manager
8 180 (10.10%) Information Analyst
8 180 (10.10%) Information Security Analyst
9 162 (9.09%) Security Engineer
10 98 (5.50%) IT Manager
11 97 (5.44%) Architect
11 97 (5.44%) Security Architect
12 92 (5.16%) Security Officer
13 87 (4.88%) Security Specialist
14 84 (4.71%) IT Security Manager
15 80 (4.49%) IT Analyst
16 78 (4.38%) Information Security Consultant
16 78 (4.38%) Information Security Officer
17 77 (4.32%) Cybersecurity Manager
Libraries, Frameworks & Software Standards
1 36 (2.02%) SailPoint
2 31 (1.74%) Web Services
3 19 (1.07%) MSMQ
3 19 (1.07%) WebSphere MQ
4 17 (0.95%) .NET
5 16 (0.90%) RESTful
6 14 (0.79%) OAuth
7 11 (0.62%) SAML
8 10 (0.56%) OpenID
9 9 (0.51%) HTML
9 9 (0.51%) J2EE
9 9 (0.51%) XML
10 7 (0.39%) Middleware
10 7 (0.39%) REST
10 7 (0.39%) SOAP
11 6 (0.34%) CSS
12 5 (0.28%) ASP.NET
12 5 (0.28%) ASP.NET MVC
12 5 (0.28%) JSP
12 5 (0.28%) XSL
Miscellaneous
1 283 (15.88%) Management Information System
2 189 (10.61%) Computer Science
3 165 (9.26%) Data Protection Act
4 163 (9.15%) Analytical Skills
5 61 (3.42%) Cyberthreat
5 61 (3.42%) PKI
6 56 (3.14%) Distributed Denial-of-Service
7 50 (2.81%) CESG
8 44 (2.47%) Data Centre
9 34 (1.91%) Cyber Attack
10 33 (1.85%) Security Operations Centre
11 17 (0.95%) Greenfield Project
11 17 (0.95%) Public Cloud
11 17 (0.95%) Smart Meter
12 15 (0.84%) Cyber Defence
12 15 (0.84%) Fintech
12 15 (0.84%) FMCG
13 11 (0.62%) Smart Energy
14 10 (0.56%) Algorithms
14 10 (0.56%) Data Structures
Operating Systems
1 272 (15.26%) Windows
2 228 (12.79%) Linux
3 139 (7.80%) Unix
4 132 (7.41%) Windows Server
5 59 (3.31%) Apple iOS
6 28 (1.57%) Android
6 28 (1.57%) Mac OS X
7 13 (0.73%) Kali Linux
8 8 (0.45%) VMS
8 8 (0.45%) Windows Server 2008
9 7 (0.39%) Windows Server 2003
10 4 (0.22%) Windows 7
10 4 (0.22%) Windows Server 2012
11 2 (0.11%) AIX
12 1 (0.056%) FreeBSD
12 1 (0.056%) OpenBSD
12 1 (0.056%) Red Hat Enterprise Linux
12 1 (0.056%) Windows 10
Processes & Methodologies
1 1377 (77.27%) Information Security
2 666 (37.37%) Cybersecurity
3 457 (25.65%) SIEM
4 436 (24.47%) Data Protection
5 395 (22.17%) Risk Management
6 352 (19.75%) Security Operations
7 335 (18.80%) Penetration Testing
8 298 (16.72%) Security Architecture
9 290 (16.27%) ITIL
10 246 (13.80%) Agile Software Development
11 242 (13.58%) Vulnerability Management
12 207 (11.62%) Security Management
13 196 (11.00%) Risk Assessment
14 172 (9.65%) Project Management
15 170 (9.54%) Stakeholder Management
16 168 (9.43%) Information Security Management
17 158 (8.87%) Data Loss Prevention
18 157 (8.81%) Identity Access Management
18 157 (8.81%) Vulnerability Scanning
19 140 (7.86%) ISMS
Programming Languages
1 56 (3.14%) Python
2 49 (2.75%) SQL
3 40 (2.24%) Java
3 40 (2.24%) Perl
4 35 (1.96%) C#
5 29 (1.63%) C
6 26 (1.46%) PowerShell
7 24 (1.35%) Bash Shell
8 21 (1.18%) Ruby
9 19 (1.07%) Bourne shell
9 19 (1.07%) Korn
10 15 (0.84%) C++
10 15 (0.84%) JavaScript
11 9 (0.51%) VB.NET
12 8 (0.45%) PHP
13 5 (0.28%) Objective-C
13 5 (0.28%) VB
14 2 (0.11%) Shell Script
Qualifications
1 1727 (96.91%) CISSP
2 767 (43.04%) CISA
3 394 (22.11%) Degree
4 277 (15.54%) CRISC
5 228 (12.79%) CEH
6 201 (11.28%) GIAC
7 148 (8.31%) SANS
8 121 (6.79%) Cisco Certification
9 106 (5.95%) SSCP
10 103 (5.78%) Security Cleared
11 100 (5.61%) CESG Certified Professional
12 92 (5.16%) Computer Science Degree
13 76 (4.26%) SC Cleared
14 63 (3.54%) CCNA
15 58 (3.25%) CCNP
16 50 (2.81%) CISMP
17 46 (2.58%) GSEC
18 45 (2.53%) CBAP
19 43 (2.41%) ISO 27001 Lead Auditor
20 42 (2.36%) CompTIA Security+
Quality Assurance & Compliance
1 833 (46.75%) ISO/IEC 27001
2 364 (20.43%) PCI DSS
3 285 (15.99%) GDPR
4 181 (10.16%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 134 (7.52%) COBIT
6 102 (5.72%) Cyber Essentials
7 49 (2.75%) ISO 22301
8 48 (2.69%) Sarbanes-Oxley
9 44 (2.47%) ISO/IEC 27005
10 29 (1.63%) HMG Security Policy Framework
11 24 (1.35%) Data Quality
12 21 (1.18%) NIST 800
13 20 (1.12%) ISO 9001
14 19 (1.07%) QA
15 18 (1.01%) ISO 31000
16 12 (0.67%) HIPAA
16 12 (0.67%) PMO
17 11 (0.62%) COSO
18 10 (0.56%) SLA
19 9 (0.51%) ISO 14001
System Software
1 197 (11.05%) Active Directory
2 17 (0.95%) vSphere
3 12 (0.67%) VMware Infrastructure
4 11 (0.62%) Snort
5 8 (0.45%) VMware ESXi
6 6 (0.34%) Firmware
7 3 (0.17%) Docker
7 3 (0.17%) XenApp
8 1 (0.056%) Hyper-V
8 1 (0.056%) Postfix
8 1 (0.056%) VMware NSX
Systems Management
1 77 (4.32%) Nessus
2 47 (2.64%) SCCM
3 39 (2.19%) McAfee ePO
4 31 (1.74%) QRadar
5 26 (1.46%) CSIRT
6 23 (1.29%) OpenVAS
7 17 (0.95%) RSA Security Analytics
8 16 (0.90%) Core Impact
8 16 (0.90%) Nexpose
8 16 (0.90%) PowerBroker
8 16 (0.90%) WSUS
9 14 (0.79%) Host Intrusion Detection System
9 14 (0.79%) Nmap
10 11 (0.62%) FTK
11 10 (0.56%) SCOM
12 8 (0.45%) FortiGate
12 8 (0.45%) Norton AntiVirus
12 8 (0.45%) Puppet
13 7 (0.39%) Ansible
14 6 (0.34%) RSA Archer
Vendors
1 158 (8.87%) Microsoft
2 110 (6.17%) Splunk
3 86 (4.83%) Cisco
4 66 (3.70%) Symantec
5 57 (3.20%) CyberArk
5 57 (3.20%) McAfee
6 48 (2.69%) CheckPoint
6 48 (2.69%) Palo Alto
7 46 (2.58%) LogRhythm
8 44 (2.47%) Qualys
9 40 (2.24%) Apple
9 40 (2.24%) SAP
10 30 (1.68%) Aveksa
11 27 (1.52%) AlienVault
12 25 (1.40%) Forcepoint
13 24 (1.35%) ArcSight
14 23 (1.29%) Google
14 23 (1.29%) IBM
15 22 (1.23%) SolarWinds
16 18 (1.01%) Sophos