Cyber attacks drive demand for network security staff

Juniper and Checkpoint skills are in demand

The increase in cyber attacks has driven a growth in demand for network security staff, according to a report into the information security jobs market.

In light of attacks by Anonymous and Lulzsec on major organisations like Amazon, MasterCard and the Sony Playstation Network, the 2011 Interim Market Report from recruitment agency Barclay Simpson found that companies are now strengthening their network security infrastructure.

"There is an increase in demand for firewall experts with qualifications in Juniper and Checkpoint and for security practitioners with experience of configuring IDS/IPS (Intrusion Detection System or Intrusion Prevention System).

"As the year progresses those who have specialised in network security will be more highly sought-after, which will increase rates for permanent and contract candidates alike," the report said.

The study follows recent research from Lancaster University, which found that network and security experts from academia, industry and government were most worried about the misuse of data and malicious traffic attacks on the network, than physical attacks on the infrastructure.

Moreover, the Barclay Simpson report found that the information security jobs market is currently experiencing pre-recession supply and demand patterns.

Demand for IT security professionals in 2010 was driven mainly by retail banking, but this year, a wider range of end user companies, such as telecoms, utilities and insurance, are now recruiting IT security staff.

In particular, due to new PCI regulations, companies have been employing PCI-DSS (Data Security Standard) specialists to avoid using consultancies. Barclay Simpson believes that while most of the demand has been for single recruits focusing on PCI-DSS work, this demand will grow as larger teams are formed.

Another skill that is becoming more in demand is the ability to cross between information security and IT risk management skills.

"In the banking sector, the line between security and risk management is becoming increasingly blurred," the report said.Salaries

In terms of pay, the average salary increase that information security workers moving jobs during the first half of the year had increased from 11 percent in the last six months of 2010 to 13 percent.

This is the highest increase for two years (in June 2009 it was just four percent), but the report said that the higher salaries often offset the loss of benefits such as company cars and bonuses in the financial services sector.

Furthermore, IT professionals who stay in the same jobs only see annual salary increases that match inflation at best.

Unsurprisingly, salary increases continue to be highest in the financial services sector, followed by commerce and then by system integrators and consultancies.

The highest-paid permanent IT security role is a senior account manager specialising in cloud or security services within the cloud, who is responsible for between seven and 10 SME accounts. In London, a professional in this role could earn up to £160,000, or up to £150,000 in the rest of the UK.

This is followed by the enterprise business development consultant, who is responsible for new business lead generation and sales in a security consultancy. Salaries for this role range from up to £110,000 for the rest of the UK to up to £140,000 in London.

At the other end of the scale, an entry-level role of business continuity analyst working for a large financial services firm earns up to £44,000 in London and up to £41,000 in the rest of the UK.

Contractors, meanwhile, can earn the most - between £500 and £650 a day in London - as technology risk consultants, closely followed by information security consultants and CLAS consultants at between £500 and £600 per day. In the rest of the UK, all three roles see a drop to between £400 to £500 a day.

Join the CSO newsletter!

Error: Please check your email address.

Tags careersIT managementsony

More about Amazon Web ServicesetworkIntrusionIPSJuniperJuniperPlaystationSony

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anh Nguyen

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place