In many ways, 2015 is the year to be an information security professional – data breaches have become a daily occurrence, the attack-surface is broader, with mobiles, wearables and the Internet of Things (IoT) joining the mix, and of course the cyber-security skills gap remains unplugged. In short, if you're in this sector and proficient, you're in demand as never before.
In our salary survey SC Magazine UK polled 100 UK and European respondents across various sectors and IT security positions, from system admins and consultants (35 percent) to network engineers, data protection officers, IT security managers (20 percent) and CISOs (17 percent). Salaries varied widely, from £16,000 to more than £100,000 a year.
The good news is that most salaries have increased; more than half of respondents reported rises between one to five percent year-on-year whilst another 18 percent reported rises between six and 20 percent.
Our report also found there was no decrease in salaries, over half worked in small teams (one to five staff), there is an increasing number of infosec pros in consultancy and most people work regular hours, between 35 and 50, each week.
Approximately 51 percent of responses said that the heads of information security report to a CIO, just over quarter (26 percent) to the CEO and rest are split between the CTO and CFO.
The study follows in the wake of others; Badenoch and Clark's recent market update found an increasing desire for governance, risk and compliance (GRC) professionals, identity and access management (IAM) and those with stakeholder management skills, and it also detailed how CISO salaries typically varied between £100,000 and £140,000 pa. Acumin's Salary Index last December revealed salaries had grown to as much as £200,000 pa for CISOs in some sectors. CwCJobs, meanwhile, indicated that the average salary of information security professionals was £57,000, but significantly higher for contractors (£96,000) and, surprisingly, higher in Reading than in London.
And last November, Morgan McKinley's 2014 Salary Survey revealed that salaries for infosec specialists at every level of experience were increasing significantly faster than average UK pay – between £50,000 to £62,000 for data scientists, £38,000 to £45,000 for experienced IT sec analysts, and cyber-sec analysts' day rates doubling, from £225 up to £450.