|Assistant Vice President / Vice President, Information Security Threat Management Specialist (Vulnerability Monitoring & Response), Cyber Security Defense, Global Information Security|
|Bank of America||Singapore, Singapore||15/05/2022|
|Assistant Vice President / Vice President, Information Security Threat Management Specialist (Network Access Monitoring), Cyber Security Defense, Global Information Security|
|Bank of America||Singapore, Singapore||15/05/2022|
|Vice President / Senior Vice President, Senior Information Security Officer, Global Information Security|
|Bank of America||Hong Kong, Hong Kong||16/05/2022|
|Vice President, Offensive Security Engineer (Vulnerability Researcher), Cyber Security Defense, Global Information Security|
|Bank of America||Singapore, Singapore||16/05/2022|
|Part-Time Instructor, Information Technology Certified Information Systems Security Professional-Corporate College|
|Lone Star College||Texas, United States||07/04/2022|
|Cyber Security Monitoring Analyst (Sr. Specialist, Information Security)|
|BNY Mellon||Honolulu, Hawaii, United States||07/05/2022|
|Cyber Security Consultant - Information Security Office, Senior Manager|
|Capital One||Plano, Texas, United States||01/05/2022|
|Information Security Engineer - Women Cyber Security Defense Rotation|
|Bank of America||Washington, Dist. Columbia, United States||21/05/2022|
|Sr. Specialist, Information Security - Security Monitoring|
|BNY Mellon||Pittsburgh, Pennsylvania, United States||02/05/2022|
|Cyber Security Consultant, Sr. Manager - Information Security Office (Remote-Eligible)|
|Capital One||McLean, Virginia, United States||30/04/2022|
The Certified Information Security Manager (CISM) certification gives information technology professionals a chance to develop expertise in cybersecurity, incident management, and more.
Professionals with a CISM qualification understand how information systems fit into a company’s broader goals. Because of the scope of their knowledge, they are more likely to have higher-level jobs and manage the other IT employees in an organization.
The CISM certification is certainly a designation to strive for. There are only about 23,000 CISM professionals worldwide, compared to over 100,000 CISA professionals. These jobs are in demand, and completing your CISM certification ensures job security.
The Information Systems Audit and Control Association (ISACA) oversees the CISM certification, as well as other professional qualifications.
Many certifications require work experience, but the CISM qualifications are more strict than others. You need five years of work history in the information security field. At least three of those years should be in security management.
Your experience can’t be more than ten years old, but you don’t have to have it all before you take the exam. ISACA gives you five years after passing the exam to acquire this experience.
There are some qualifications that can pass for work experience. If you’ve worked in information systems management or general security management for a year, it counts as one year of work experience. Certain skill-based certifications, like GIAC, MCSE, or CBCP, also count as one year of work experience.
For professionals who already hold a CISA or CISSP qualification, you can use that as two years of work experience. Post-graduate information security degrees also count as two years of experience.
The CISM is challenging, but it’s not the hardest part about earning your certification. It takes about four hours to complete 150 questions. You have to pay for the exam to schedule your test date, but give yourself at least three months to prepare.
On the exam, you’ll answer questions relating to real-life problems, including topics like:
It’s best to take advantage of study guides for the test because, while it’s multiple-choice, there’s no one correct answer for each question. The exam requires critical thinking so you can choose the best-case scenario for realistic situations.
In addition to adhering to ISACA’s Code of Professional Ethics for your entire career, the organization also asks that you stay informed on IT developments. Through your membership, they provide professional development courses for continued education. You can also attend workshops online or in person and work with a coach or mentor.
To stay in compliance with ISACA, professionals must earn 20 hours of Continued Professional Education (CPE) annually. This ensures you’re aware of changes in the field and can do your best work with this knowledge.
Many people think a CISM qualification only makes you eligible for high-level IT jobs, but there are a variety of possible positions for CISM professionals, such as:
Other people might find work as systems auditors, risk assessors, or system developers.
While you might start with an entry-level IT job, you can quickly follow other career paths with your CISM qualification. The following three jobs are some of the most common for professionals with CISM certifications.
Information security managers work with all departments in a company to keep the security system functioning smoothly. They use their expertise to help IT employees assess and prevent security breaches. They also use test data to run scenarios to ensure there are no gaps in the system.
Some information security managers have an IT team under them, but some might manage IT systems themselves so they can have a big picture of the company’s network.
Information risk compliance specialists focus on the network’s process. They constantly search for any points of failure that could lead to a security breach for the organization. After preventing these risks, they also work to train employees about the best practices for handling sensitive data.
Though it seems like a simple job title, this professional basically juggles several jobs at once. They constantly work as information security, risk assessment, and privacy impact assessment.
The chief information officer oversees the systems. They’re on the lookout for security risks and critical issues that could bring down the network. These professionals need to stay up-to-date on the industry since it so rapidly changes due to automation. A chief information officer works closely with the business leaders, so they understand the impact security has on the company.
People with an interest in information technology don’t want to stay in a stagnant job for years. They want to learn more about the field and current policies. Putting this quest for knowledge to use by earning a CISM certification pays off in many different ways. They’re able to keep major businesses running smoothly. And, of course, the money is great.
According to Payscale.com, the base salary for someone with a CISM certification is $129,000. This amount can vary depending on your location, years of experience, and education.
This field is in demand, with the United States Bureau of Labor Statistics projecting a 33% growth by 2030. There aren’t enough employees to satisfy the need, so you can make a good living worldwide.
While many IT positions start at about $60,000, a CISM qualification gives you a major salary increase. An entry-level information security officer starts at $65,000, so your certification is already paying off. Most jobs going to CISM professionals pay in the low to mid-six figures.
Earning your CISM qualification requires a lot of work, from having five years of relevant work experience to studying for a four-hour exam. But it pays off greatly in terms of potential career paths and annual salary. Expand your IT knowledge with this certification so you can climb the company ladder.