Banking and finance security professionals earn the most, but bonuses were found in all roles and sectors.
Dealing with endpoint protection without overwhelming professionals with information overload
Chris Bell, director of product management at Secureworks, describes the difficult balance of finding useful information to security professionals without exhausting them with information overload.
Security professionals starting their career in the IT world, as opposed to security, have a better chance of a higher salary. This pivot seems to have a greater impact than years of experience or training, according to Cynet’s 2020 Cyber Security Salary Survey. The survey examined the remuneration percentages measured on the basis of experience, education, location and industry.
One of the findings, Cynet found that a diploma does not guarantee more money. The distribution of the salary range was comparable for both employees with or without a degree in computer science or a related technical field.
On the other hand, career change can be a way to get a better salary. The report showed that people who moved from an IT role to a cyber security position earned more than people who started in cyber security.
The survey revealed one financial equalizer: everyone had the same chance of a bonus. With the exception of security analysts, all other jobs include periodic bonuses with annual rates between 1-10%.
More than 1,300 people completed the survey in Q4 2019. The data relates to salary profiles for five popular security positions:
- Cloud security architect
- Network security engineer
- Penetration tester
- Security analyst
- Director / manager security
Security professionals in North America (NAM) had considerably higher salaries than people working for companies in Europe, the Middle East, Africa (EMEA) and the Asia Pacific region (APAC). The survey found that more than 80% of NAM employees earned between $ 71,000 and $ 110,000, as opposed to less than 35% in EMEA and 21% in APAC.
Here are the financial details for each role.
Cloud security architect
This person provides the technical authority behind the decision making about the organization’s security stack. There is more distribution across the salary categories for these professionals. Only 22% earn less than $ 50,000 with 32% in the range of $ 51,000 to $ 110,000. Eight percent reported salaries of $ 191,000 and higher.
Network security engineer
Security engineers configure cyber security, including firewalls and IDS / IPS security measures. In this position, 38% achieved less than $ 50,000, while 42% were between $ 51,000 and $ 110,000. Ten percent of respondents earned between $ 131,000 and $ 150,000.
Experience seems to work better for these professionals. Among people with nine to fifteen years of experience, 40% were in the highest salary range. People in both the one to three year experience category and the four to eight year category most likely earned less than $ 50,000.
SEE: Kit for hiring security analysts (TechRepublic Premium)
These members of the security team test the cyber defense of an organization. In this group, 60% earn less than $ 50,000, while 33% earn between $ 51,000 and $ 110,000. Experience did not have as much influence on salaries for this position as on other positions. The majority of people with one to three years of experience earned less than $ 50,000, while 29% of people with nine to 15 years of experience earn between $ 111,000 and $ 130,000.
People with a university degree had no advantage over people without a diploma, with 60% of each group earning less than $ 50,000. In the highest salary range, 4% obtained a diploma and 5% did not.
These threat information experts triage alerts, respond to threats, and search for threats. Half of the people in this group earned less than $ 50,000, reflecting the entry position of this job on the career ladder. About 41% of respondents earn between $ 51,000 and $ 110,000. Time at work didn’t necessarily mean more money: 42% of people with one to three years of experience and 44% of people with four to eight years of experience earned less than $ 50,000. Among people with nine to 15 years of work, 36% earned more than $ 111,000. A university degree had little impact on analysts with a lower wage level, but 5% of people without a diploma earned more than $ 131,000 compared to just 1% among diploma holders.
Director / manager security
This person is responsible for managing the security team, leading recruitment, setting procedures and workflow, and connecting the security team and business management.
This role also showed more variation in salaries. Only 17% earned less than $ 50,000, while 18% earned $ 191,000 and higher. Experience did not have much influence on the salary in this position. Among people with one to three years of work, 31% earned less than $ 50,000 but 15% earned between $ 131,000 and $ 150,000.
For people with four to eight years of experience, 29% earned less than $ 50,000, 24% earned between $ 151.00 and $ 170,000 with 14% in the range of $ 231,000 – $ 250,000. Most managers with 16 years or more worked in the range of $ 111,000 to $ 130,000, with 14% in the top class from $ 251,000 to $ 290,000.
Of the five positions, there were more women in the position of security director, with 10%, than in any other position.
Cyber Security Insider Newsletter
Strengthen the IT security of your organization by staying up to date with the latest news, solutions and best practices for cyber security.
Delivered on Tuesday and Thursday
Security professionals in North America earn more than people with similar positions in Europe, Africa, the Middle East, and the Asia Pacific region.
Sinenkiy / Getty Images / iStockphoto