ISACA CISM

Average CISM salary [2022 update]

If you have five or more years of experience in cybersecurity and are looking for your next move, consider a Certified Information Security Manager (CISM) certification. CISM is designed for information security professionals who want an active role in managing, designing, overseeing and assessing an enterprise’s information security program.

A CISM provides the essential skills needed to view and manage security from a holistic perspective: managing security programs, developing asset risk management models, providing security governance and delivering incident management plans using NIST frameworks. If you like managing the big picture while at the same time using your technical skills, this certification is for you.

The great news is that with added responsibility comes increased earning potential. Security managers typically make 30% to 50% more than security specialists and have CISO as the next rung in their career ladder.

What is the average CISM Salary?

Salaries vary greatly depending on several different factors, including years of experience, the city where you’re employed and the actual job role you fill. The salary ranges in our research range from $94,000 to $232,000.

According to the U.S. Bureau of Labor Statistics (BLS), from 2020 to 2030, there will be an increase of 11% for Computer and Information Systems Managers, with the 2021 median pay of $159,010 per year and $76.45 per hour.

According to the Certification Magazine 2022 Salary Survey, the average salary of an ISACA Certification Information Security Manager is $150,040 in the U.S. and $118,087 worldwide.

Payscale lists base pay at $131,000 and Glassdoor lists $122,002 base pay with total compensation at $145,767.

Again, pay depends on several factors, including your experience managing teams and years of experience in security and IT.

While pay varies depending on individual circumstances, IT managers across industries are, on average, paid equally, with small variances based on the organization.

Computer Information $165,940
Finance and insurance $162,240
Computer systems design and related services $162,150
Management of companies and enterprises $161,630
Manufacturing $160,010

Average CISM salary by state

According to ziprecruiter.com, the potential median salary for a CISM certificate holder in the United States is $131,209. The pay will vary significantly depending on where you live.

New Jersey — $143,637
Washington — $131,024
California — $120,119
Illinois — $108,905
Texas — $105,367
Georgia — $94,423

You can also create a customized search on indeed.com to see roles that require a CISM in your area:

Average CISM salary by job role

Job titles related to CISM and their corresponding medium salary and range (as per Salary.com) are reported below.

CISO (Chief Information Security Officer) — $232,103
Security Director — $167,280
Cyber Security Architect Manager — $152,678
Security Manager — $101,617

CISM distinguishes you from other security certifications

While certifications like CompTIA A+ and CISSP demonstrate your knowledge, CISM sets you apart with an emphasis on the management of both people and security processes.

Through CISM, ISACA emphasizes managing security strategies and assessing the policies and procedures used for information security concerning the needs of the business.

This high-earning certification is accepted as a standard worldwide for professionals in charge of IT security programs and IT auditing and control.

Preparing for your lucrative CISM career

With CISM on your site, you’re looking at an upward career trajectory and CISO as the next rung on your career ladder. How should you get started?

Check out Inflosec’s ISACA CISM hub. It covers all things CISM, including free study resources, exam details, where and how to take the exam and tips for landing your first CISM job.

While the CISM hub has everything you need to start your CISM path, you can also view the four CISM domains in these articles:

Domain 1 — Information security governance (17% exam weight)
Domain 2 — Information security risk management (20% exam weight)
Domain 3 — Information security program (33% exam weight)
Domain 4 – Incident management (30% exam weight)

There’s no shortage of opportunities to learn about CISM, pass your CISM exam and launch your career.

Sources:

Computer and Information Systems Managers : Occupational Outlook Handbook, U.S. Bureau Of Labor Statistics
What Is the Average CISM Salary by State in 2022, ZipRecruiter
Salary Survey 2022: An all-new Salary Survey 75, Certification Magazine
Salaries Information Security Manager Salary, Glassdoor
Certified Information Security Manager Salary, Payscale

Simon Puleo, Certified Ethical Hacker (CEH), is an educator by day and a security researcher at night. Simon has trained employees, customers and partners on security tools, methods and practices at Contrast Security, Micro Focus and HPE. He specializes in helping apply the NIST framework working across many domains including IAM, application security, network security and SIEM. Simon is a thought leader actively engaged in researching the cyber-threat landscape and sharing his perspectives in seminars and articles.

Average CISM salary [2022 update]

What is the average CISM Salary?

Average CISM salary by state

Average CISM salary by job role

CISM distinguishes you from other security certifications

Preparing for your lucrative CISM career

Sources:

Simon Puleo

Related Articles

CISM Domain 2: Information Risk Management (IRM) [2022 update]

CISM domain 1: Information security governance [Updated 2022]

CISM: Overview of domains [updated 2022]

CISM Domain 4: Information Security Incident Management (ISIM) [2022 update]