Salary Survey Extra: Portrait of an IT security consultant
Salary Survey Extra is a series of weekly dispatches that give added insight into the findings of both our annual Salary Survey and our smaller Salary Survey PLUS polls. These posts contain previously unpublished Salary Survey data.
IT industry observers frequently — almost relentlessly, really — point to cybersecurity as a (your adjective here: hot, booming, explosive, etc.) sector for both job availability and salary growth. Employers need skilled security personnel, and that need is intensified by both a general scarcity of qualified professionals, and the ever-escalating intensity and creativity of cyberattacks.
As part of our recent survey of more than 600 IT security professionals, Certification Magazine asked respondents to indicate their current job role. The most common job role, held by 27.4 percent of respondents, is IT security consultant. That significantly outpaces the next most popular answers: IT security engineer (15.7 percent) and IT security administrator (12.1 percent).
Security consulting is both demanding and rewarding. Consultants have an arduous task: Generally speaking, an IT security consultant is brought in to make a thorough assessment of a company’s IT systems and develop a plan to secure those systems against intrusion and theft. The job requires an array of IT skills and strong knowledge of cybersecurity, generally gained from long years of experience.
The rewards are considerable: We found that the average annual salary of an IT security consultant in the United States is $133,050. Intrigued IT pros shouldn’t, however, expect to just walk into a consulting job.
Among all consultants in our survey, 70 percent are college-educated, claiming either a bachelor’s degree (43 percent), master’s degree (20 percent), or a doctorate (7 percent). And you’ll need a fair amount of experience in IT security. Roughly 96 percent of the consultants in our survey have been professionally employed in IT security at least 5 years.
Those not among the 4 percent of U.S. consultants who have professional experience totaling less than 5 years are generally pretty seasoned. Just 20 percent of U.S. consultants in the survey have between five and nine years of professional cybersecurity experience, while 23 percent have between 10 and 15 years of experience, and 53 percent have worked professionally in cybersecurity for more than 15 years.
Not surprisingly, the longer you’ve been in the game, the more you can expect to make. Consultants who have between five and nine years of professional cybersecurity experience pull an average annual salary of $103,330. Those whose professional cybersecurity experience ranges between 10 and 15 years make an average annual salary of $122,210.
The warhorses of the group, whose professional cybersecurity experience exceeds 15 years, have an average annual salary of $147,840.
It’s not a field with many spring chickens, either. More than 80 percent of IT security consultants in the survey are at least 35, and 52 percent are between the ages of 45 and 64. And while it would appear that most IT security consultants in the United States are men, 13 percent of those tracked in our survey are women.
For those contemplating a career shift, there are two IT backgrounds in particular that produce a lot of consultants. About 52 percent of those in the survey who are now IT security consultants worked in systems administration before shifting to cybersecurity, while 34 percent came from a background in IT networking.
GETTING FROM POINT A How do you arrive at your place of work in the morning? We asked survey respondents what mode of conveyance gets from home to work (and back again) each day.
Most of them aren’t going to and fro under their own power. There are only tiny fractions of both walkers (2.9 percent) and bikers (3.4 percent). Nearly as many people, actually, at least claim to “live at the office” (3.2 percent) as ride a bike to work. (Those must be the Google types, with their nap pods and three meals a day at the cafeteria.)
Public transportation fared a little bit better, but not by much. A fairly marginal 4.3 percent of those survey take the subway to work, though a notably healthier 8.5 percent do ride the bus. And it’s fairly exciting to find that 15.6 percent work from home. What’s left? Oh, yeah. That would be the 62.3 percent who use a car or “other personal vehicle” (motorcycle, truck, SUV, etc.) We can smell the gridlock from here.