Certified Information Security Manager (CISM) Salary in 2025

In this modern digital era, the need of the hour is to maintain information security in organizations. Intuitively, there are specific people responsible for the same. CISMs, or Certified Information Security Managers, are one of these people. There is a humongous demand for CISMs as they have a crucial role in managing, designing, overseeing, and assessing an enterprise’s information security program.

These experts also protect organizational data from cyber threats and check for lethal leakage or weak points that can cause damage to essential data streams. However, to become a CISM, you need to get certified by ISACA. CISM course online will help you ace cyber security and boost your career.

Who is a Certified Information Security Manager (CISM)?

A Certified Information Security Manager or CISM is an expert who identifies possible threats and vulnerabilities and prevents security breaches by designing, implementing, and managing an organization’s security network.

They are crucial to governance, risk management, incident management, and running infosec programs. As mentioned earlier, you must be certified as an information security manager.

According to ISACA, there are more than 48,000 CISM-certified professionals worldwide, and it is one of the most in-demand managerial positions within the information security world.

CISM Certification Job Trends

CISM salaries range from $94,000 to $232,000. However, there is constant change considering market trends and other individual factors. Here are some CISM job trends:

• According to the U.S. Bureau of Labor Statistics (BLS), from 2020 to 2030, there will be an increase of 11% for CISM experts, with the 2021 median pay of $159,010 per year and $76.45 per hour.
• According to the Certification Magazine 2022 [Salary Survey, the average CISM pay scale is $150,040 in the U.S. and $118,087 worldwide.

Certified Information Security Manager salary also varies according to Job titles (as per Salary.com), which are reported below:

CISO (Chief Information Security Officer)	$232,103
Security Director	$167,280
Cyber Security Architect Manager	$152,678
Security Manager	$101,617

CISM Salary 2024: How Much Can CISM Make?

The estimated total pay for a CISM is up to $151,496 per year in the United States area, with an average salary of $123,551 per year. The CISM salary range typically falls between $133,158 and $163,776.

This can include cash bonuses, commission, tips, and profit sharing. Salary ranges can vary widely depending on many important factors, including education, certifications, additional skills, and the years you have spent in your profession.

1. Average CISM Certification Salary

Here is how much can CISM make per hour, month, and year:

Criterion	Hourly	Monthly	Yearly
CISM Salary	68 USD	11,800 USD	123 551 USD

2. CISM Certification Salary: Based on Experience

Here is an overview of the average CISM pay scale based on experience:

• Beginner: Entry-level roles will pay at the lower end of the range with an average of $126,525.
• Intermediate: A CISM-certified professional at the intermediate level may earn an average income between $52,402 and $243,610.
• Advanced: Candidates who have managed complicated projects at a senior level can get a much higher five-figure or six-figure income, with an average pay package of USD 180,305.

Experience	Salary in USD
Entry level	USD 126,525
Mid-level	USD 122,048
Senior Level	USD 180,305

3. CISM Certification Salary: Based on Location

Here is the average Certified Information Security Manager salary earned in different parts of the world, along with the salary in the top cities and top companies of popular countries:

A. India

CISM salary in India ranges between INR 8.5 Lakhs to INR 40.0 Lakhs, with an average annual salary of INR 19.0 Lakhs.

Ambitionbox

Avg. CISM Certification Salary in top cities of India (INR)

City	Range	Average
Bengaluru/Bangalore	INR 10.0 Lakhs to INR 41.5 Lakhs	INR 22.0 Lakhs
Mumbai	INR 8.5 Lakhs to INR 32.0 Lakhs	INR 15.6 Lakhs
Chennai	INR 9.5 Lakhs to INR 32.0 Lakhs	INR 16.7 Lakhs
Pune	INR 9.0 Lakhs to INR 35.0 Lakhs	INR 20.7 Lakhs
Gurgaon/Gurugram	INR 10.2 Lakhs to INR 37.0 Lakhs	INR 19.0 Lakhs
Hyderabad/Secunderabad	INR 9.6 Lakhs to INR 38.5 Lakhs	INR 20.8 Lakhs

Avg. CISM Certification Salary in top companies of India (INR)

TCS	INR 9.9L (INR 3.0L - INR 27.0L)
Infosys	INR 15.0L (INR 10.0L - INR 21.0L)
Cognizant	INR 20.0L (INR 16.0L - INR 28.2L)
IBM	INR 17.1L (INR 9.0L - INR 24.5L)
Wells Fargo	INR 29.5L (INR 20.2L - INR 42.0L)
JP Morgan Chase	INR 23.4L (INR 15.0L - INR 33.0L)

B. US

Refer to the tables below for a city- and company-wise estimate of CISM salaries in the United States.

Avg. CISM Certification Salary in top cities of USA (USD)

City	Annually	Hourly Rate
San Francisco, CA	$158,053	$75.99
Seattle, WA	$133,112	$64.00
Portland, OR	$129,073	$62.05
Jersey City, NJ	$128,290	$61.68
Irving, TX	$124,859	$60.03
Phoenix, AZ	$122,867	$59.07
Boston, MA	$121,071	$58.21
Raleigh, NC	$120,610	$57.99
Washington, DC	$118,200	$56.83
New York, NY	$116,478	$56.00
Rochester, MN	$114,703	$55.15
Portland, ME	$112,371	$54.02

Avg. Salary of CISM in top companies of USA (USD)

eBay	$160,903	$77.36
Apple	$160,343	$77.09
PayPal	$158,247	$76.08
The Walt Disney Company	$158,129	$76.02
Thumbtack	$156,445	$75.21
Mayo Clinic	$155,752	$74.88
Rubrik	$148,695	$71.49
Cisco	$142,638	$68.58

C. UK

The average salary for CISM is £62,587 per year in the United Kingdom while the additional cash compensation is £4,878, with a range from £1,537 - £15,483.

Average CISM Certification Salary in top cities in UK (GBP)

England	£72,500
UK excluding London	£72,500
London	£85,000
Midlands	£68,750
Yorkshire	£50,000
Scotland	£65,000
East Midlands	£68,750

Average CISM Certification Salary in top companies in UK (GBP)

Wren Kitchens	£44,585
HM Revenue and Customs	£45,803
Anson McCade	£54,022
Redline Group	£55,861
Opus Recruitment	£58,139
IC Resources	£59,140

D. Australia

A person working as a CISM in Australia typically earns around 133,000 AUD. Salaries range from 66,700 AUD (lowest) to 207,000 AUD (highest).

Average Salary of CISM in top cities of Australia

Sydney, AU	$167,999
Melbourne, AU	$80000 - $120000
Brisbane, AU	$158,393
Perth, AU	$150000 - $180000.
Adelaide, AU	$154654
Gold Coast, AU	$95,000 to $115,000

Average Salary of CISM in top companies of Australia (AU$)

Honeysuckle Health	$133000 - $144000
GHD	$171000 - $210000
Link Group	$164000 - $17900
ABN AMRO	$120000 - $129000
Annalise-AI	$172000 - $188000
WEX	$152000 - $165000
TSA Telco Group	$143000 - $157000

E. Canada

The average salary for CISMs is $139,837 per year in the Canada along with an additional cash compensation of $18,967, with a range from $12,368 - $29,087.

Average Salary of CISM in top Cities in Canada (CA$)

Hagersville (Canada)	CA$1,04,945 per year
Toronto	CA$32000 - CA$35000
Vancouver, BC	CA$93000 - CA$200000

Average Salary of CISM in leading companies in Canada (CA$)

Sun Life	$142000 - $155000
Definity	$135000 - $146000
Newmont	$198000 - $216000
Greenko Group	$87000 - $93000
PSP Investments	$142000 - $154000
Apple	$150000 - $163000

F. Singapore

The average salary for Information Security Manager is SGD $147,000 per year while the cash compensation is SGD $28,000, with a range from SGD $14,000 - $52,500.

Top Companies and the average salary of CISM

CSC	$97000 - $112000
Bank of Singapore	$271000 - $289000
Singtel	$10000 - $10000
PayPal	$83000 - $89000
ANZ	$160000 - $180000
Visa Inc.	$139000 - $151000

4. CISM Salary: Based on Industry

The average information security manager's salary varies across industries. This is because each sector has its own information security requirements, depending on the size and sensitivity of data.

Highest Paying Industries for Information Security Managers

Finance industry	USD 205,176 per year.
Health care	USD 112,000 per year.
Information technology	USD 122,000 per year.
Government	USD 82,000 per year.
Retail	USD 143,880 per year.

5. CISM Salary: Based on Skills

CISMs must have a skillset that manages people and security processes. As a CISM, you will also be in charge of IT security programs, auditing, and control, depending on the skills you inculcate. Your skillset is reflected by the job roles you take up as a CISM professional. Here is the medium CISM salary 2024 and the range reported below:

CISO (Chief Information Security Officer)	$232,103
Security Director	$167,280
Cyber Security Architect Manager	$152,678
Security Manager	$101,617

6. CISM Salary: Based on Education

Higher education often equals a bigger CISM job salary. You must pursue higher education to switch to a higher-paying CISM job, as the return on investment is definitely worth it. Besides, certifications can also help you get better salaries and equip you with the required tools and skills.

You can also enroll in some IT Security training courses to better understand the nuances of information security. Below is an overview of how CISMs with different levels of education are compensated.

Certificate or Diploma	112,000 USD
Bachelor's Degree	154,000 USD
Master's Degree	198,000 USD

Factors Affecting CISM Salary

Here are some of the key factors that impact the CISM job salary:

1. Location

The Certified Information Security Manager CISM salary depends majorly on which part of the globe he is employed. Primarily, the difference arises from factors like the cost of living, economic development, and the technological state of the country. Here is an overview of the countries and the salary offered to CISM professionals in these countries:

United States	USD 131,000
India	INR 19,00,000
Singapore	SGD 119,000
Germany	EUR 84,000
Belgium	UR 92,000
Canada	CAD 115,000
Luxembourg	GBP 90,000
United Kingdom	GBP 62,000
Saudi Arabia	SAR 312000
Japan	JPY 9,000,000
Malaysia	MYR 182,000
Austria	EUR 60,000
Spain	EUR 51,000

2. Industry / Employer / Company

CISM certified salary for professionals differs from industry to industry. Here is a table depicting the average salary of these experts based on various industries in the market:

Industry	Average Salary	Hourly Rate
Media	$146,049	$70.22
Retail	$130,745	$62.86
Health Care	$123,808	$59.52
Finance	$115,289	$55.43
Technology	$107,062	$51.47

3. Experience

The majority of reported salaries, approximately 65%, fall within the range of 82,500 USD to 115,000 USD. About 20% of salaries are below the 82,500 USD mark, while 10% fall from 115,000 USD to 130,000 USD. Only 5% of individuals have salaries exceeding 130,000 USD.

According to experience, here are the different salaries that CISM employees can earn:

0 - 2 Years	84,800 USD
2 - 5 Years	112,000 USD
5 - 10 Years	150,000 USD
10 - 15 Years	179,000 USD
15 - 20 Years	193,000 USD
20+ Years	207,000 USD

4. Demand and Supply

CISM holders primarily take up access control jobs, chief of staff, risk analyst positions, and developer roles. Their prime responsibility is to track the firm's security problems and develop efficient solutions. They get paid according to the wide range of tasks.

According to Payscale, the mean salary of these employees is over $115,000 per year. Most ethical hackers earn something between $90,000 to $100,000 on average every year. Therefore, CISM holders earn high salaries based on the demand and supply of jobs and tasks.

5. Credentials / Certifications

Obtaining professional certifications help you advance your career and step into a leadership position in your industry. They make you worth more and take your value through the roof. While the average Certified Information Security Manager CISM salary is around $52,400, some professionals with multiple accreditations, certifications, leadership skills, and experience earn up to $243,610. 

6. Skills

There are some critical skills that CISM employees must portray in their work. They get paid high salaries according to the skills they showcase in their portfolio or work. Some key skills are:

• Job Skills and Versatility – CISM professionals should be able to work with security programs, analyze risky files, track the effects of different security measures, and report the usage of various tools for employers.
• Networking Skills - CISM should be able to engage, interact, communicate, and network with a broad community of experts with experience.
• Soft Skills – Besides technical and leadership skills, the power to communicate effectively, coordinate and collaborate with other teams, and run tasks with patience and utmost sincerity are some other skills that CISMs get paid highly for.

Having these skills can positively impact CISM salaries.

How to Improve CISM Certified Professional Salary? 

It has been estimated that a Certified Information Security Manager in the United States can expect a CISM job salary increase of almost 13% every 17 months. The national average annual increment for all professions is 8%, granted to employees every 16 months. However, you need to upskill accordingly. Here are some significant ways CISM-certified professionals can improve their pay scales:

1. Skills

It is essential to brush up your skills as a CISM to get a higher salary. You should be able to design and deploy security systems that protect all elements of a company's network and database infrastructure. You should learn how to add new features to the existing security architecture. Another primary skill required by CISM is risk management. You should be able to portray soft skills like analytical, detail-oriented, and ingenuity skills to apply for a better pay package.

2. Certifications

Once you complete your CISM training and certification, you must add other certifications like CISA, CRISC, and CGEIT to your portfolio to earn a higher CISM payscale.

3. Degrees

Academic education is crucial in enhancing your pay package as a CISM-certified expert. Getting a Bachelor’s degree gives you, as a CISM, the leverage of 37% more salary than the basic pay, while getting a Master's Degree can give you a 29% increment more than the previous (Bachelor’s) level.

4. Experience

According to a study, it has been observed that after 10 years, CISM-certified experts can expect their salaries to double up. Hence, the more experience you get working in the field of cybersecurity and internet protection, the better your CISM payscale gets.

Why are CISM-certified Professionals Paid so Much?

CISM accreditation helps professionals grow their average CISM salary package and is highly in demand in various industries and organizations. Here are some reasons why these professionals are paid so much:

• CISM certification offers numerous professional and personal advantages, such as improved skills, experience, and knowledge in job growth.
• You can also be a part of the government’s information security activities, making the CISM-certified journey worthwhile.
• The accredited experts have a critical understanding of management, IT, and security principles. It also allows them to join a group of top infosec experts, which is one of the most significant advantages.
• Since this certification is difficult to obtain, experts are paid highly to demonstrate their dedication to work and the information security field.
• Other two reasons are increased employment opportunities and improved earning potential.
• CISM-certified professionals are 70% more effective on on-the-job performance, can build 90% more efficient teams, and have 70% greater efficiency and knowledge.
• The certification garners higher salaries as it improves performance, credibility, and confidence in cybersecurity.

Salary Growth and Projections

A career in cyber information that is significant for safeguarding the privacy of accelerating businesses is in great demand.

Between 2013 and 2021, cybersecurity roles increased by 350%, from 1 million to 3.5 million. The same is anticipated for the next five years, which is forecasted to influence the average CISM salary. According to a survey, 48% of CISM professionals received a raise within a year after receiving their CISM Certificate.

Thus, it is ascertained that prospects of working as a CISM are onward and upward.

Conclusion

The bottom line is that CISM-certified professionals have an edge over the non-certified ones concerning CISM payscale hike and their contribution to holistic team efficiency. Stakeholders value their expert opinion; thus, handsome packages, perks, and bonuses are attributed to CISMs.