What does a CISO take home? What about a Lead Security Consultant? Firebrand Training’s Alex Bennett gives you the top salaries in the industry, as well as the skills needed for these high paying roles.
If you’re working in IT, or looking for a career change, a job in cyber security can be rewarding – especially if you land one of these high-paying roles.
Demand for staff with cyber security skills has increased more than 50% because of explosive growth in the Internet of Things (IoT) and introduction of EU General Data Protection Regulation in 2018.
Cyber crime has now moved to the top of the C-suite agenda, resulting in a surge in demand for IT security professionals. This demand is reflected in salary rises: annual IT security salaries climbed by 4.99% on average in Q4 2016.
“The market for IT security professionals is poised for another strong year,” notes CompTIA Senior Vice President Tim Herbert. “The security job category was one of the faster growing IT occupations during 2016.”
With rising salaries and an increased demand for professionals, cyber security is an incredibly attractive industry to work in right now. These are the roles every cyber security professional should aim to achieve.
Chief Information Security Officer (CISO) – £135,000
Responsible for establishing and maintaining information security for the entire company, CISOs need broad shoulders to support their varied high-stakes responsibilities.
As the most senior security role, CISOs often face the blame for incidents and regularly resign over breaches.
But for professionals prepared to manage the responsibility of this position, it can be immensely rewarding. The highest percentage change in salary across tech jobs was in the CISO role, up 4% in 2017, according to the Robert Half 2017 Salary Guide.
By 2018, 75% of CISOs will report directly to the CEO, not the CIO, predict IDC. When CISO positions reach C-suite level, alongside Chief Financial Officers (CFO) and Chief Operating Officers (COO), it will increase the scope of CISO salaries – potentially doubling them.
The CISO role demands considerable experience, including high-level industry certifications like (ISC)2’s CISSP – one of the most widely-recognised and highly prized in the information security field.
Head of Cyber Security – £117,500
Two thirds of large UK firms were targeted by cyber criminals in 2016, demonstrating that the need for a permanent professional to oversee the cyber security of large operations is crucial.
The Head of Cyber Security fulfils this need by evaluating the organisation for potential vulnerabilities, detecting underway attacks and informing management, customers and law enforcement if breaches do occur.
This role varies depending on each business, but most energy will be spent minimising the risk of attack whilst guiding internal teams to maintain proper cyber security procedures.
The Head of Cyber Security must also interact with external vendors and partners to ensure security compliance, so good soft skills are a must.
Day-to-day responsibilities include: leading data protection policy, monitoring security standards and policies, designing security systems and providing security guidance to executive leadership.
This high-pressure role often reports directly to the board level and professionals can expect a median salary of £117,500 (ITjobsWatch.)
Senior Network Security Specialist – £110,000
Network Specialists are now expected to possess knowledge of cyber security and network defence techniques: “While there will be over 1.5million cyber security jobs that remain unfilled by 2019, millions of IT and Network administrators remain untrained on network defence techniques,” says former Symantec CEO Michael Brown.
Preventing criminals from accessing your company network requires expert Network Security Specialists to continuously monitor systems and upgrade security measures.
Senior Network Security Specialists detect, prevent and resolve security threats to computer networks, playing a crucial role in maintaining the integrity and confidentiality of a company’s data.
At a time when data breaches cost an average of £3.2 million, seasoned networking experts are crucial to any security policy.
Plus, with EU General Data Protection Regulation incoming in 2018, organisations that fail to secure their confidential data with strong network security risk fines of up to £17 million, or 4% of annual revenue.
Senior Network Security Specialists are expected to perform a wide range of duties, from identifying compromised machines to analysing network security risks and developing effective response procedures.
Networking security certifications are beginning to emerge and are increasingly sought after for IT professionals. EC-Council, providers of the renowned Certified Ethical Hacker certification, recently introduced the Certified Network Defender. This certification provides professionals with the knowledge needed to design secure networks and validates network security knowledge in the eyes of employers.
Lead Security Architect – £100,000
Lead Security Architects are responsible for designing, building and overseeing the implementation of network and computer security for an organisation.
This is a challenging senior role that requires professionals to build complex security structures. But with an average salary of £100,000 the responsibility associated with this role is well rewarded.
Lead Security Architects may participate in the development of security hardware and software, oversee and educate staff on company security policies and design security models.
As this is a management role, Lead Security Architects must be able to convey technical information to a non-technical audience. To validate managerial skills, many aspirational Security Architects aim to achieve the Certified Information Security Manager (CISM) certification from ISACA.
Lead Security Consultant – £80,000
Security consultants are advisors, guides and all-round security experts hired to develop strategies for effective cyber security across an entire organisation.
As consultants, these professionals must possess solid communication and negotiation skills. The best consultants will possess in-depth project management knowledge as collaboration with project managers and security managers is expected. And with an average salary of £80,000 (ITJobsWatch) it’s well worth pursuing these tertiary skills.
Day-to-day tasks in this role differ greatly, but professionals can be expected to perform vulnerability tests, research security standards and ensure the organisation is compliant, and deliver technical reports for non-technical employees.
Organisations look for consultants with many years of experience, as well as a working knowledge of industry rules, regulations and broad and deep knowledge of enterprise security vendors and products.