Information Security Jobs (And Salaries!) See A Dramatic Rise
The demand for cyber security professionals continues to grow, as more companies across more industries are hiring infosec workers. And with this high demand in workforce, security professionals are able to command higher salaries, too.
It's no surprise that the demand for cyber security professionals is on the rise. With the proliferation of security breaches and cyber threats and attacks, organizations across the globe are realizing just how important security—and a qualified security staff—is to their business. With more job openings than in any other technology sector, security professionals can also demand higher salaries. According to the Job Market Intelligence: Cybersecurity Jobs, 2015 (PDF format) report, 9 percent higher than other IT workers.
Last year's (ISC)2 Global Information Security Workforce Study (PDF format), which involved over 14,000 participants from around the globe, projects that the world-wide shortage of infosec workforce will reach 1.5 million by 2020. The study also pointed to a "dramatic rise" in infosec salaries and revealed that:
- Over 60 percent of respondents indicate that their organizations already have "too few information security professionals" on staff.
- According to those same respondents, "an insufficient pool of suitable candidates is causing this shortfall."
- Security salaries are at their highest level as "security profession scarcity is reaching beyond developed countries, increasing salaries in developing countries as well."
To put the 1.5 million workforce shortfall into perspective, according to the latest Employment Situation Summary from the U.S. Bureau of Labor Statistics, which covers December 2015, the total population of the information sector in the U.S. economy was 2.79 million (Table A-14). Though that sector doesn't capture all of the IT jobs in the U.S. economy (because IT professionals work in other sectors, too) it does stand as a rough-and-ready estimate of the total number of IT workers in the U.S. workforce. If that is proportional to the global population (which the U.S. Census Bureau's Population clock estimates at 322.8 M to 7.3B at present), that means about 66,000 infosec positions inside the U.S., with the bulk falling outside the country. Of course, it's not proportional, because first world countries employ the vast majority of IT workers of all stripes. Thus, the U.S.'s share is more likely to be about 25 percent of the 1.5M total, which translates to 375,000 new jobs going unfilled in cyber security by the end of the decade.
What does all of this mean for info professionals already at work and aspiring IT professionals seeking such work?
As has been the case for the past decade, and as things will remain for the foreseeable future, working security knowledge and a current set of skills and knowledge in the area will be both useful and valuable. This brings a security dimension of some kind to nearly every IT job, but also speaks to those interested in specializing in this field of ongoing and potentially lucrative employment opportunities.
To translate this into IT certification terms, it means that all IT professionals should possess at least a working knowledge of information security fundamentals. Thus, credentials like the CompTIA Security+, SANS GSEC, (ISC)2 SSCP, EC-Council CSCU, and so forth, should be a part of every IT professional's professional learning and development plans.
Those who wish to specialize in security should look long and hard at our updated list of the Best Information Security Certifications to set more ambitious certification targets, and to put together their own personal plans for career development and advancement in the information security field.
One thing these ongoing security workforce studies and surveys make perfectly clear is that obtaining new infosec skills and certifications can't help but be rewarded, given looming shortfalls in "suitable candidates" for infosec jobs at all levels and in all positions. Though this may be an ill wind of sorts for the global economy, it is one that can push skilled and knowledgeable IT professionals into the forefront of their fields, and provide interesting and lucrative opportunities galore.
Certainly, this will be a seller's market for many years to come, so savvy IT pros will want to work on their security skills and knowledge portfolios to make sure they will have high-demand skillsets to offer prospective employers.