First, the good news. According to Foote, pay for 149 leading non-certified tech skills grew 4.1 percent in the last six months, and a whopping 9.1 percent over the last year.
But the bad news at least for those investing in IT certification is that in this same time period, pay for 141 certified IT skills fell 1.1 percent, and 2.1 percent, respectively.
These numbers follow a trend that Foote has reported over the last year: pay for IT certifications has been on a steady downward slope, while pay for skills without certification has been trending higher.
Bucking the Trend
However, a single category of IT certification security is bucking the trend. Across a list of 27 security-related certs, pay levels tipped up an average of 1.7 percent over the last six months, according to Foote.
This pay boost also contradicts a bigger picture. Pay levels for IT security experts became flat a few years ago. In response to the Homeland Security Act, as well as Sarbannes-Oxley, such a large influx of individuals entered the security field that it depressed pay levels.
Moreover, in recent years employers have been more interested in investing in areas like SAP, app development and Web systems development. In the case of IT vendors, notes Foote CEO David Foote in the report, this is starting to hurt them in the marketplace. The reason: their customers are becoming nervous and demanding more security in their vendors products and services. This is especially true when their data is running across networks, Foote writes.
Businesses have by no means been ignoring security, he observes, but many companies are seriously understaffed and they know it. As more companies realize they could use more security staffers, IT experts with certified security skills are seeing modestly larger paychecks.
Why certified as opposed to non-certified?
Security certifications are among those that have defined the IT certifications industry from the beginning, Foote writes. Security is a deeply technical domain and certification is an important qualification where technical skills dominate.
Perhaps complicating the issue, employers are eager to hire IT workers with skills beyond technology, like customer- and business-centric skills. Its a case of the oft-stated desire to hire tech staffers who can relate to the business department. Not, however, that actual IT skills are short-changed.
With security, the emphasis is still very much about technology, Foote notes.
According to Foote Partners, the following security certifications are earning premiums of 10-14 percent over base pay:
InfoSys Security Management Professional (ISSMP/CISSP)
Certified Information Systems Security Professional (CISSP)
InfoSys Security Architecture Professional (ISSAP/CISSP)
InfoSys Security Engineering Professional (ISSEP/CISSP)
Certified Information Systems Auditor (CISA)
SANS/GIAC Security Expert (GSE)
Certified Information Security Manager (CISM)
Cisco Certified Security Professional (CCSP)
System Security Certified Practitioner (SSCP)
SANS/GIAC Certified Forensic Analyst (GCFA)