Salary Survey Extra is a series of periodic dispatches that give added insight into the findings of our annual Salary Survey. These posts contain previously unpublished Salary Survey data.
Later this month the deadline will pass for a certain segment of T-Mobile users to claim a share of the $350 million settlement of a class action lawsuit stemming from a 2021 data breach that affected somewhere in excess of 50 million customers. Did you remember that hackers stole PII connected to 50 million T-Mobile customers in 2021?
We didn't recall any of this, and honestly might have learned the details for the first time ... today. Cybercrime has become so commonplace and so persistent that it's hard to keep track of just the major breaches. Maybe we're even getting to a place 50 million individuals hacked and $350 million in damages is small potatoes.
One thing is clear: Businesses across all sectors of the global economy need more cybersecurity workers just to keep from being overwhelmed. Many skilled cybersecurity professionals take an important step up the career ladder with tech industry association CompTIA's widely respected Security+ certification (No. 36 on our most recent Salary Survey 75 list).
Here’s what the salary picture looks like for Security+ holders who responded to the Salary Survey:
All U.S. Respondents
Average Annual Salary: $118,030
Median Annual Salary: $114,300
How satisfied are you with your current salary?
Completely Satisfied: 9 percent
Very Satisfied: 23 percent
Satisfied: 38.1 percent
Not Very Satisfied: 24.8 percent
Not At All Satisfied: 5.1 percent
All Non-U.S. Respondents
Average Annual Salary: $62,580
Median Annual Salary: $69,690
How satisfied are you with your current salary?
Completely Satisfied: 6.8 percent
Very Satisfied: 13 percent
Satisfied: 32.4 percent
Not Very Satisfied: 31.9 percent
Not At All Satisfied: 15.9 percent
The CompTIA certification program has a global footprint, but 79 percent of Security+ holders who responded to the Salary Survey live and work in the United States. That said, we did still hear from credential holders in 53 other countries: Albania, Australia, Austria, Barbados, Belgium, Bhutan, Botswana, Brazil, Bulgaria, Cameroon, Canada, China, Colombia, Croatia, Dominican Republic, France, Germany, Ghana, Honduras, India, Indonesia, Ireland, Israel, Jamaica, Japan, Kenya, Malaysia, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Pakistan, Peru, Philippines, Poland, Qatar, Romania, Saudi Arabia, Singapore, South Africa, Spain, Sri Lanka, Sweden, Switzerland, Taiwan, Thailand, Trinidad and Tobago, Uganda, United Arab Emirates, the United Kingdom, Venezuela, and Vietnam.
Cybersecurity as a profession has long been dominated by men, and that trend shows up here as well, with women accounting for just 12.3 percent of those surveyed, while 82.8 percent are men, 0.4 percent are transgender male, 0.2 percent are gender variant/nonconforming, 0.1 percent are transgender female, and 4.2 percent chose not to identify their gender. Despite widespread concern about a general lack of interest in IT as a career path among teens and young adults, nearly 60 percent of those swimming in our pool of Security+ holders are younger than 45, either between the ages of 19 and 24 (2 percent of respondents), between the ages of 25 and 34 (19.4 percent), or between the ages of 35 and 44 (35.9 percent). Even the “old folks” are generally youthful, with 27.8 percent of respondents between the ages of 45 and 54, while just 14 percent are 55 or older, either between the ages of 55 and 64 (12.9 percent), or between the ages of 65 and 74 (1.9 percent).
Nearly 90 percent of Security+ holders who participated in the survey have an educational background that includes time spent at a college or university. The highest level of formal education completed by most of those surveyed is either a bachelor’s degree (42.1 percent of respondents), master’s degree (33 percent), associate’s degree (9.2 percent), doctorate (1.8 percent), or professional degree (1.4 percent). The outliers are the 7 percent of those surveyed who topped out at some level of post-high school technical training, the 3.8 percent who exited the realm of formal education after completing high school, the 0.2 percent who had no formal education before entering the workforce, and the 1.5 percent who are currently in the process of furthering their education.
An impressive 94.8 percent of Security+ holders who responded to the survey are employed full-time, with 1.2 percent holding part-time employment, 0.9 percent on sabbatical, 0.8 percent attending school, and 2.3 percent unemployed. Among those who have full-time jobs, most are at work either for the standard 40 hours per week (44.8 percent of respondents), for between 41 and 50 hours per week (37.1 percent), or for more than 50 hours per week (9.1 percent). The remaining roughly 8 percent of full-timers enjoy some degree of freedom from rigid scheduling, working either between 31 and 39 hours per week (6.8 percent), between 21 and 30 hours per week (0.8 percent), or fewer than 20 hours per week (0.4 percent).
Security professionals aren’t necessarily tied to a single workplace location. That’s a condition that became even more pronounced during the COVID-19 pandemic with just 42 percent of the Security+ holders we heard from are enjoying the master bedroom-to-kitchen-table commute either fewer than 10 hours per week (31.5 percent), or between 10 and 20 hours per week (11.7 percent). That leaves almost two-thirds of those surveyed who are true homebodies, working from home either between 20 and 30 hours per week (12.1 percent), between 31 and 39 hours per week (9 percent), 40 hours per week (18.4 percent), or more than 40 hours per week (17.3 percent).
In terms of workplace standing, the largest single group of Security+ holders who participated in the survey, 34.8 percent of respondents, are employed at the senior specialist level. The rest, in descending order, are either managers (17 percent of those surveyed), specialists (16.9 percent), rank-and-file employees (11.2 percent), senior managers (10.8 percent), directors (7.1 percent), or executives (2.2 percent).
Close to half (42.3 percent) of the Security+ holders who participated in the survey are IT veterans, having worked in a role that directly utilizes one or more their certified skills for more than a decade. The rest have been plying their certified skills for either between zero years (1 to 11 months) and 2 years (11.9 percent), between 3 and 5 years (21.4 percent), between 6 and 8 years (16.7 percent), or between 9 and 10 years (7.7 percent).
Finally, here’s the view of Security+ holders on key questions from the survey about how certification impacts job performance:
At my current job I use skills learned or enhanced through certification:
Several times a day: 50.6 percent
Several times a week: 28.8 percent
Several times a month: 10.3 percent
Occasionally: 7.9 percent
Rarely: 2.4 percent
Since becoming certified, I feel there is greater demand for my skills.
Strongly agree: 42.8 percent
Agree: 39.9 percent
Neither Agree nor Disagree: 11.7 percent
Disagree: 3.3 percent
Strongly Disagree: 2.3 percent
Becoming certified has increased my problem-solving skills.
Strongly agree: 31.1 percent
Agree: 42.5 percent
Neither Agree nor Disagree: 18.9 percent
Disagree: 5 percent
Strongly Disagree: 2.4 percent
Becoming certified has increased my workplace productivity.
Strongly agree: 26.5 percent
Agree: 41.1 percent
Neither Agree nor Disagree: 24.5 percent
Disagree: 4.9 percent
Strongly Disagree: 3 percent
PAST SECURITY+ DEEP FOCUS FEATURES
Important Update: We have updated our Privacy Policy to comply with the California Consumer Privacy Act (CCPA)