Salaries on the Rise for Security Pros

Getting your bachelor’s degree before entering the information security job market? Don’t expect to get paid more than a high school graduate. If you’re working on a master’s or doctorate degree, however, you can expect your salary to take a jump.

This comes from a new report out of the SANS Institute. The 2005 Information Security Salary & Career Advancement Survey, which polled 4,250 security professionals, shows that the IS job market is growing, as are salaries.

The study also shows that security professionals say writing and speaking skills are more valuable than technical skills; the thing that angers them about management the most is a lack of vision, and people with soft security certifications say they’re not prepared for hands-on work.

”We had some interesting results,” says Alan Paller, director of research at the SANS Institute, a major IT research and education organization. ”The techies themselves say there’s one thing more important than technical skills and that’s speaking and writing skills when it comes to career advancement. I expected their bosses to say it, but they said it themselves.”

Paller says they never asked the question before but he’s quite sure that it’s a new phenomena for IT professionals to be concerned about their communication skills.

”I don’t think it was ever very high on their list,” he told Datamation. ”One of the reasons security fails is because the security people can’t make the business people understand the importance of security. If they can learn to make effective presentations, they can make a lot of difference in improving security for their organizations. It also will help them with their careers, but think about how much it will improve security.”

Salaries are Up

Paller also says the stagnant salaries of the early part of the decade seem to be recovering. For security professionals in the United States, the median income, including salary and bonuses, is $81,558. And the U.S. is doing better than other countries. The worldwide median, according to SANS, is $77,050. Great Britain’s median is $76,389 (or 94 percent of the U.S. median), and Canada’s median is $67,982 (or 83 percent of the U.S. median).

The study also shows that a senior security executive, with a title like chief information security officer or chief privacy officer, has a median income of $106,326. That shows an increase of 3.6 percent. And a senior technology executive, with a title like chief technology officer or VP of operations, has a median income of $101,667 — an increase of 2.8 percent. For technical security professionals with titles like network architect or Web security manager, the median drops down to $75,275, an increase of 2.9 percent.

And not surprisingly, years of experience directly correlates with compensation. A security professional with less than three years of experience has a median income of $63,529. Someone with more than five years of experience but not quite 10 years, receives $82,283, and someone with more than 20 years of experience takes home $101,724.

”Salaries are rising about 3 to 3.5 percent.” says Paller. ”The average ranges from $75,000 for technical people to $106,000 for CSOs. Those are pretty good salaries. It’s about 14 percent better than three years ago. But it wasn’t a smooth transition. [Salaries] went down a little bit before they came back up. There was a year or two with no raises at all. That whole telecom collapse took a lot out of salaries.”

The SANS Institute study also shows that earning a bachelor’s degree isn’t going to do you much good when you open up your wallet. In fact, according to the survey, security professionals with a bachelor’s degree take home a median income of $77,247, while those with only a high school diploma earn $78,731.

To see any kind of salary increase, a security professional needs a master’s degree, which should bring them in $90,647, or a doctorate, which will earn them an average of $98,333.

Frustrations and Delights

The survey also asked IS professionals about what frustrates them and what delights them.

In choosing ”the single best thing your employer does to make you enjoy working,” nearly 28 percent said it’s trust. That trust might come in the form of freedom or autonomy, respect, support and encouragement. The second-highest choice (11.6 percent) was working hours and work/life balance. After that, respondents chose (in order) compensation, challenge, corporate culture, recognition and interesting projects.

The survey also asked people about ”the single worst thing your employer does that makes working no fun at all.”

The top complaint (at 20.2 percent) was lack of vision and micromanagement. That was far ahead of the second-place complaint, long and undesirable work hours, which came in with 9.9 percent. After that was low compensation, politics, lack of funding, lack of authority, bureaucracy and red tape, poor communications and lack of training.

”The top thing that makes them mad is management with a lack of vision, long working hours and low compensation,” says Paller. ”That’s what you’d figure. What makes them happy, though, is trust. It’s higher than the next thing (balance between work and home) by a factor of three. I think security people really care about improved security and they’re frustrated that they can’t get people to do what they’re suggesting. Nobody listens to them. It’s a Rodney Dangerfield problem. Maybe this is what led them to say that speaking and writing skills matter.”

Soft certifications also got a thumbs down in the survey. People who hold soft security certifications voted two to one that their certifications do not prepare them for a hands-on job. ”The people who hold those certifications voted that way,” adds Paller. ”If you want a hands-on security job, you don’t focus on soft certifications.”

RELATED NEWS AND ANALYSIS

• Ethics and Artificial Intelligence: Driving Greater Equality

  FEATURE |  By James Maguire,
  December 16, 2020

• AI vs. Machine Learning vs. Deep Learning

  FEATURE |  By Cynthia Harvey,
  December 11, 2020

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2021

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020