Government IT security pay trails private sector
- By Wyatt Kash
- Sep 20, 2007
Security pays. A new 2007 survey of information security professionals found that those working in government positions earned an average of $84,500 ' higher than information technology professionals across many industries based on separate data released last year (See GCN.com/848). But the study, conducted by the SANS Institute, also found public-sector IT security professionals earned 10 percent to 18 percent less in salaries and bonuses than their nongovernment counterparts. The gap proved significantly smaller among security people with strong technical backgrounds.
The study also found:
Salaries of security professionals
- Government raises are restrained ' increases are one-fourth less than raises for nongovernment security professionals (3.9 percent vs. 4.6 percent).
- Higher education pays off ' those with a college degree earn 18 percent more than those without; and those with master's degrees earn 16 percent more than those with a bachelor's degree.
- Training improves effectiveness ' with half of respondents mentioning skills improvement being the best way to improve government security.
Security professionals in government make less than their counterparts in the private sector.
Source: SANS Institute. Based on 2,146 responses. Nongovernment respondents included a cross-section of small firms (less than 2,000 employees), medium and large firms (more than 20,000 employees) representing a variety of industries: financial services (19%), education (14%), consulting/systems integration for government (13%) and business (12%), telecom & IT (9%), health care (8%), manufacturing (6%).
|Job Responsibility ||Government ||Non-Government |
|CISO, CSO, chief compliance officer, chief privacy officer, chief of audit ||$103,500 ||$125,000 |
|Director or manger in information security or audit ||$93,400 ||$110,000 |
|Intrusion detection, forensics, patch testing, secure configuration development and testing ||$79,600 ||$88,200 |
|Security assessments, application security reviews ||$78,000 ||$96,300 |
|Security architect ||$87,700 ||$103,500 |
|Security consultant ||$90,900 ||$107,800 |
|Security or IT auditor or security analyst for regulatory review ||$73,100 ||$86,900 |
|System and/or network administrator with some security responsibility ||$70,700 ||$74,000 |
|Systems or network management with significant security responsibility ||$82,600 ||$83,200 |
|Average salary (including bonus) ||$84,500 ||$94,000 |
|Median salary (including bonus) ||$68,500 ||$71,600 |
Wyatt Kash served as chief editor of GCN (October 2004 to August 2010) and also of Defense Systems (January 2009 to August 2010). He currently serves as Content Director and Editor at Large of 1105 Media.