Certified Information Security Manager (CISM) Jobs

Search CISM Jobs
Search hundreds of information security manager jobs.

>>Or browse all of our CISM job listings

Latest Certified Information Security Manager (CISM) Jobs Listings

Find More Certified Information Security Manager (CISM) Jobs
Position Company Location Posted
Senior Information Security Analyst
BYN MellonPune, India21/11/2022
Sr. Information Security Engineer
Fortune Brands Home & SecurityDeerfield, Illinois, United States19/11/2022
Associate Director, Information Security Risk & Governance
Astellas PharmaNorthbrook, Illinois, United States09/11/2022
IT Data Business Information Security Lead - 100% Remote
US FoodsRosemont, Illinois, United States10/11/2022
IT Data Business Information Security Lead - 100% Remote
US FoodsRosemont, Illinois, United States09/11/2022
Information System Security Engineer IAT III (Government)
AT&TChantilly, Virginia, United States22/11/2022
Assistant Vice President / Vice President, Information Security Assessment (Secure-By-Design Case Manager), Global Information Security
Bank of AmericaSingapore, Singapore13/11/2022
Information Security Risk and Compliance Senior Specialist
Marsh & McLennan CompaniesArizona, United States11/11/2022
Lead Information Security Analyst - CTI
Wells FargoChandler, Arizona, United States24/11/2022
Lead Information Security Analyst - CTI
Wells FargoSAN LEANDRO, California, United States24/11/2022
Find More Jobs

The Certified Information Security Manager (CISM) certification gives information technology professionals a chance to develop expertise in cybersecurity, incident management, and more.

Professionals with a CISM qualification understand how information systems fit into a  company’s broader goals. Because of the scope of their knowledge, they are more likely to have higher-level jobs and manage the other IT employees in an organization.

What Is a CISM Certification?

The CISM certification is certainly a designation to strive for. There are only about 23,000 CISM professionals worldwide, compared to over 100,000 CISA professionals. These jobs are in demand, and completing your CISM certification ensures job security.

The Information Systems Audit and Control Association (ISACA) oversees the CISM certification, as well as other professional qualifications.

Work Experience

Many certifications require work experience, but the CISM qualifications are more strict than others. You need five years of work history in the information security field. At least three of those years should be in security management.

Your experience can’t be more than ten years old, but you don’t have to have it all before you take the exam. ISACA gives you five years after passing the exam to acquire this experience.

There are some qualifications that can pass for work experience. If you’ve worked in information systems management or general security management for a year, it counts as one year of work experience. Certain skill-based certifications, like GIAC, MCSE, or CBCP, also count as one year of work experience.

For professionals who already hold a CISA or CISSP qualification, you can use that as two years of work experience. Post-graduate information security degrees also count as two years of experience.


The CISM is challenging, but it’s not the hardest part about earning your certification. It takes about four hours to complete 150 questions. You have to pay for the exam to schedule your test date, but give yourself at least three months to prepare.

On the exam, you’ll answer questions relating to real-life problems, including topics like:

  • Risk management
  • Security program development and management
  • Information security governance
  • Information security incident management

It’s best to take advantage of study guides for the test because, while it’s multiple-choice, there’s no one correct answer for each question. The exam requires critical thinking so you can choose the best-case scenario for realistic situations.

Ongoing CISM Requirements

In addition to adhering to ISACA’s Code of Professional Ethics for your entire career, the organization also asks that you stay informed on IT developments. Through your membership, they provide professional development courses for continued education. You can also attend workshops online or in person and work with a coach or mentor.

To stay in compliance with ISACA, professionals must earn 20 hours of Continued Professional Education (CPE) annually. This ensures you’re aware of changes in the field and can do your best work with this knowledge.


Many people think a CISM qualification only makes you eligible for high-level IT jobs, but there are a variety of possible positions for CISM professionals, such as:

Other people might find work as systems auditors, risk assessors, or system developers.

CISM Career Paths

While you might start with an entry-level IT job, you can quickly follow other career paths with your CISM qualification. The following three jobs are some of the most common for professionals with CISM certifications.

Information Security Manager

Information security managers work with all departments in a company to keep the security system functioning smoothly. They use their expertise to help IT employees assess and prevent security breaches. They also use test data to run scenarios to ensure there are no gaps in the system.

Some information security managers have an IT team under them, but some might manage IT systems themselves so they can have a big picture of the company’s network.

Information Risk Compliance Specialist

Information risk compliance specialists focus on the network’s process. They constantly search for any points of failure that could lead to a security breach for the organization. After preventing these risks, they also work to train employees about the best practices for handling sensitive data.

Though it seems like a simple job title, this professional basically juggles several jobs at once. They constantly work as information security, risk assessment, and privacy impact assessment.

Chief Information Officer

The chief information officer oversees the systems. They’re on the lookout for security risks and critical issues that could bring down the network. These professionals need to stay up-to-date on the industry since it so rapidly changes due to automation. A chief information officer works closely with the business leaders, so they understand the impact security has on the company.

Benefits of CISM Certification

People with an interest in information technology don’t want to stay in a stagnant job for years. They want to learn more about the field and current policies. Putting this quest for knowledge to use by earning a CISM certification pays off in many different ways. They’re able to keep major businesses running smoothly. And, of course, the money is great.

Base Salary

According to Payscale.com, the base salary for someone with a CISM certification is $129,000. This amount can vary depending on your location, years of experience, and education.

This field is in demand, with the United States Bureau of Labor Statistics projecting a 33% growth by 2030. There aren’t enough employees to satisfy the need, so you can make a good living worldwide.

Salary Increases

While many IT positions start at about $60,000, a CISM qualification gives you a major salary increase. An entry-level information security officer starts at $65,000, so your certification is already paying off. Most jobs going to CISM professionals pay in the low to mid-six figures.

In Closing

Earning your CISM qualification requires a lot of work, from having five years of relevant work experience to studying for a four-hour exam. But it pays off greatly in terms of potential career paths and annual salary. Expand your IT knowledge with this certification so you can climb the company ladder.