| |||
|
|
||
|
|||
| |
|
Home > Security News > Survey: It pays to be a security pro |
| |
|
|
|
|
| Security News: |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
|||||||||||||||||||
Pay is good and getting better for security pros -- especially if their job titles include the words "chief" or "director" and they work for large companies in the IT, utilities and financial sectors. However, the benefits of advanced degrees and certifications aren't as clear; certifications haven't made much difference for some, while others have done well with nothing more than a high school diploma. Those are among the SANS Institute's findings after polling more than 4,250 security pros in October and November for its 2005 Information Security Salary and Career Advancement Survey. The Bethesda, Md.-based training and certification group released a .pdf of the survey Monday.
Pay is good and getting better
Compensation is highest among those with such titles as chief information security officer, chief risk officer, chief privacy officer, chief security officer, director of security and security manager. Professionals in this category are earning an annual salary of $106,326, including bonuses, in the U.S. On the lower end of the scale, those with such titles as network architect, security analyst/consultant, security auditor, security engineer, systems engineer, systems integrator, security penetration tester, network administrator, programmer, systems administrator, and Web security manager earn a salary of about $75,275 in the U.S. The survey also showed that larger companies pay more. Security pros working for companies with 100,000 or more employees said they earn a salary of about $86,388, while those working for companies with fewer than 250 employees earn about $75,185. Not surprisingly, those who've been at security the longest are earning more. Respondents with less than three years of experience reported earning a salary of about $63,529, while those with 20 or more years of experience are earning a salary of about $101,724. Keys to success not the same for all
For starters, security professionals with bachelor's degrees aren't necessarily earning more than people without college degrees. Those with a high school diploma reported earning about $78,731 a year, while those with a bachelor's degree reported earning $77,247. On the other hand, advanced degree holders get far better pay than people who hold master's or Ph.D. degrees. Those with a master's or Ph.D. reported earning between $90,647 and $98,333 a year. Meanwhile, those in the IT, utilities and banking-insurance-financial sectors said they're earning more -- between $82,927 and $84,397 a year -- than those in other industries. Professionals in the healthcare sector, for example, said they earn about $75,988. Certifications help some, not others
Of the 4,250 people polled, 1,172 said they hold ISC(2) certifications (CISSP, SSCP); 1,135 said they hold vendor certifications from the likes of Microsoft and Cisco Systems Inc.; 903 hold GIAC certifications (GSEC, GSWN, etc.); 459 hold ISACA certifications (CISA, CISM); and 442 hold CompTIA certifications (Security+, etc.). Of them:
People who hold certifications from ISC(2) and ISACA are earning more -- between $91,555 and $98,571 -- than those who hold other certifications, SANS found. Those with a CompTIA certification, for example, said they earn about $68,036. |
|
|
||||||||||||||||||
| ||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
