Cybersecurity Pros in High Demand, Highly Paid and Highly Selective

Experts in cybersecurity are among the most sought-after professionals in the tech sector, with demand for workers in that field outpacing other IT jobs by a wide margin.

A new survey by Semper Secure, a public-private partnership in Virginia formed to advance the cybersecurity profession, offers a fresh glimpse at what security workers earn, what they look for in an employer and where the hubs of innovation are located.

Cybersecurity Salaries Three Times National Average

Cybersecurity professionals report an average salary of $116,000, or approximately $55.77 per hour. That's nearly three times the national median income for full-time wage and salary workers, according to the Bureau of Labor Statistics.

But it's more than just the money. Cybersecurity professionals say that they actively seek employers with strong reputations for integrity and those that are recognized as leaders in their field.

[Related: U.S. Agencies Explore Cybersecurity Incentives for the Private Sector]

"For top talent, cybersecurity isn't about just a job and a paycheck," says Jim Duffey, secretary of technology at the office of the governor of Virginia. "It is about the hottest technology, deployed by honorable organizations, for a purpose that is inherently important."

Asked to identify the most important attributes of an employer, respondents cite these characteristics:

Reputation for integrity; code of honor: 44 percent

Reputation as a leader in cybersecurity: 34 percent

Known for addressing leading challenges in cybersecurity: 33 percent

Relatively high compensation scale: 31 percent

Expansive cybersecurity career opportunities: 30 percent

Excellence of leadership: 30 percent

Excellence of coworkers: 23 percent

[Related: Federal CIOs Fret Over Budget Pressures, IT Talent and Cybersecurity]

Respondents to the survey also indicated that they have a strong interest in the nature of the work they do. Asked what interests them most about the profession, challenging and meaningful topped the list.

Interesting, challenging work: 56 percent

Important and meaningful work: 44 percent

Love the technology: 39 percent

Constant change/dynamic industry: 31 percent

Job security: 27 percent

High salary and benefits: 25 percent

Validates my talent and skill: 18 percent

Opportunity to work with the best people: 13 percent

Where Do the Cybersecurity Pros Go to Work

Where are the great hubs of innovation in the cybersecurity sector? Perhaps not surprisingly, respondents identified California (home to so much of the IT sector) and the greater Washington-D.C. area, with its heavy concentration of government workers, contractors and the defense industry.

[Related: Obama's Cybersecurity Mandate Hits First Milestone]

One-third of respondents said that California is the center of cybersecurity innovation, while 44 percent believe that innovation is most heavily concentrated in D.C., Northern Virginia and Maryland.

"Government agencies and defense/aerospace firms remain magnets for cybersecurity professionals," Duffey says.

Asked to name the company they would most like to work for, respondents ranked Google at the top, followed by the federal government, self-employment and Cisco. Respondents cited Symantec-Norton, IBM, McAfee and Cisco as industry leaders in cybersecurity.

The survey also suggested that there is relatively little churn in the industry, with 65 percent of cybersecurity pros polled saying that they have worked at two or fewer organizations throughout their career.

"These people aren't jumping from job to job looking for salary bumps and signing bonuses," says Lee Vorthman, CTO of NetApp's Federal Civilian Agencies unit. "Many of them want to work for federal agencies and most of them tend to stick with employers for the long term. For companies, that means they better get them early or risk not getting them at all."

The survey also probed security professionals' career aspirations, finding that 22 percent anticipate taking on more difficult challenges, 18 percent envision themselves in a leadership role, while 16 percent are seeking to start their own company or consult, and 15 percent are aiming to become a CIO or CISO.

What Cybersecurity Pros Know

Finally, the survey shed some light on the educational profile of the cybersecurity workforce. Eight-five percent of respondents said that they hold a professional certification, naming the Certified Information Systems Security Professional (CISSP), Cisco Certified Network Professional Security (CCNIP), and Certified Ethical Hacker (CEH) as the most popular credentials.

Forty-four percent of respondents said that they hold a bachelor's degree in computer science, mathematics or electrical engineering, and 34 percent said they hold a master's degree in those fields. Just 5 percent said that they hold a doctoral degree in those subjects.

Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for Follow Kenneth on Twitter @kecorb. Follow everything from on Twitter @CIOonline, Facebook, Google + and LinkedIn.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitycareersIT managementSemper Secure

More about CiscoFacebookGoogleIBM AustraliaMcAfee AustraliaMilestoneNetAppNetAppNortonSymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Kenneth Corbin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts