Salary Survey Extra is a series of dispatches that give added insight into the findings of our annual Salary Survey. These posts contain previously unpublished Salary Survey data.
After a pipe breaks and floods your basement TV room, a home restoration company steps in to replace the carpet, fix the drywall, repaint and provide any other needed services. We have that sort of thing in the cybersecurity world, too. People who step in to clean up the mess and reset your system.
There are numerous different causes of cybersecurity attacks and breaches, but what's required in the aftermath of every incident is the same: proper response and remediation. That brand of disaster cleanup skills are verified by the GIAC Certified Incident Handler (GCIH) credential, No. 33 on our most recent Salary Survey 75 list.
Here's what the salary picture looks like for GCIH holders who responded to the Salary Survey:
All U.S. Respondents
Average Annual Salary: $114,800
Median Annual Salary: $108,330
How satisfied are you with your current salary?
Completely Satisfied: 7.9 percent
Very Satisfied: 18.4 percent
Satisfied: 63.2 percent
Not Very Satisfied: 10.5 percent
Not At All Satisfied: [No responses]
All Non-U.S. Respondents
Average Annual Salary: $128,310
Median Annual Salary: $127,500
How satisfied are you with your current salary?
Completely Satisfied: 7.4 percent
Very Satisfied: 14.8 percent
Satisfied: 59.3 percent
Not Very Satisfied: 18.5 percent
Not At All Satisfied: [No responses]
The GIAC certification program (administered by the SANS Institute) is global, but more than 65 percent of the GCIH holders who participated in the 2022 survey live in the United States. The rest are scattered across 11 different countries: Albania, Australia, Barbados, Canada, Germany, India, Japan, Netherlands, Singapore, United Arab Emirates, and the United Kingdom.
A not-surprising 82.8 percent of GCIH holders who participated in the survey are men, while 12 percent are women, and 5.2 percent chose not to identify their gender. What is somewhat unexpected, given the industry-wide effort to recruit young talent into the cybersecurity profession, is that nearly 80 percent of the GCIH holders we heard from are ensconced in middle age, either between the ages of 35 and 44 (48.2 percent) or between the ages of 45 and 54 (29.6 percent). That leaves just the 11.2 percent of those surveyed who are between the ages of 25 and 34, and the 11 percent who are between the ages of 55 and 64.
There tends be a strong correlation between certification and higher education, and that's true here as well: Nearly 90 percent of survey respondents have an educational background that includes time spent at a college or university. The highest level of education completed by most GCIH holders is either a bachelor's degree (31.5 percent of those surveyed), master's degree (44.4 percent), associate's degree (9.3 percent), or professional degree (1.8 percent). The outliers are the 5.6 percent of respondents who topped out at some level of post-high school technical training, the 5.6 percent who exited the realm of formal education after completing high school, and the 1.8 percent who are currently in the process of completing or furthering their schooling.
A tick more than 93 percent of GCIH holders who responded to the survey have full-time jobs, with 1.7 percent holding part-time employment, and 5.2 percent on sabbatical. Among those who have full-time jobs, most either have a standard 40-hour work week (25.9 percent of respondents) or put in between 41 and 50 hours per week (29.6 percent). The remaining 44 percent of respondents either have a full-time schedule of more than 50 hours per week (20.4 percent), or put in between 31 and 39 hours per week (24.1 percent).
In the aftermath of the COVID-19 pandemic, just 38 percent of respondents are spending most (or all) of those hours in a traditional workplace, working from home either fewer than 10 hours per week (29.6 percent) or between 10 and 20 hours per week (7.4 percent). The leaves 3.7 percent of those surveyed working from home between 21 and 30 hours per week, 9.3 percent at home for between 31 and 39 hours per week, 14.8 percent toiling at home 40 hours per week, and 35.2 percent working from home for more than 40 hours per week.
In terms of workplace standing, the largest single group of GCIH holders we heard from (36.7 percent of respondents) are employed at the senior specialist level. The rest, in descending order, are either senior managers or executives (both 14.3 percent of respondents), managers (12.7 percent), directors (9.5 percent), specialists (7.9 percent), or rank-and-file employees (4.6 percent).
A notable 54 percent of GCIH holders holders who participated in the survey are IT veterans, having worked in a role that directly utilizes one or more of their certified skills for more than a decade. The rest have been plying their certified skills for either between zero years (1 to 11 months) and 2 years (6.3 percent of respondents), between 3 and 5 years (also 6.3 percent), between 6 and 8 years (6.4 percent), or between 9 and 10 years (27 percent).
Finally, here's the view of GCIH holders on key questions from the survey about how certification impacts job performance:
At my current job I use skills learned or enhanced through certification:
Several times a day: 39.7 percent
Several times a week: 42.9 percent
Several times a month: 12.7 percent
Occasionally: 3.2 percent
Rarely: 1.5 percent
Since becoming certified, I feel there is greater demand for my skills.
Strongly agree: 38.1 percent
Agree: 39.7 percent
Neither Agree nor Disagree: 19 percent
Disagree: 1.6 percent
Strongly Disagree: 1.6 percent
Becoming certified has increased my problem-solving skills.
Strongly agree: 27 percent
Agree: 49.2 percent
Neither Agree nor Disagree: 19 percent
Disagree: 3.2 percent
Strongly Disagree: 1.6 percent
Becoming certified has increased my workplace productivity.
Strongly agree: 27 percent
Agree: 44.4 percent
Neither Agree nor Disagree: 23.8 percent
Disagree: 3.2 percent
Strongly Disagree: 1.6 percent
PAST GCIH DEEP FOCUS FEATURES
Important Update: We have updated our Privacy Policy to comply with the California Consumer Privacy Act (CCPA)