Government IT security pay trails private sector

Security pays. A new 2007 survey of information security professionals found that those working in government positions earned an average of $84,500 ' higher than information technology professionals across many industries based on separate data released last year (See But the study, conducted by the SANS Institute, also found public-sector IT security professionals earned 10 percent to 18 percent less in salaries and bonuses than their nongovernment counterparts. The gap proved significantly smaller among security people with strong technical backgrounds.

The study also found:

  • Government raises are restrained ' increases are one-fourth less than raises for nongovernment security professionals (3.9 percent vs. 4.6 percent).
  • Higher education pays off ' those with a college degree earn 18 percent more than those without; and those with master's degrees earn 16 percent more than those with a bachelor's degree.
  • Training improves effectiveness ' with half of respondents mentioning skills improvement being the best way to improve government security.

Salaries of security professionals

Security professionals in government make less than their counterparts in the private sector.

Job Responsibility Government Non-Government
CISO, CSO, chief compliance officer, chief privacy officer, chief of audit $103,500 $125,000
Director or manger in information security or audit $93,400 $110,000
Intrusion detection, forensics, patch testing, secure configuration development and testing $79,600 $88,200
Security assessments, application security reviews $78,000 $96,300
Security architect $87,700 $103,500
Security consultant $90,900 $107,800
Security or IT auditor or security analyst for regulatory review $73,100 $86,900
System and/or network administrator with some security responsibility $70,700 $74,000
Systems or network management with significant security responsibility $82,600 $83,200
Average salary (including bonus) $84,500 $94,000
Median salary (including bonus) $68,500 $71,600

Source: SANS Institute. Based on 2,146 responses. Nongovernment respondents included a cross-section of small firms (less than 2,000 employees), medium and large firms (more than 20,000 employees) representing a variety of industries: financial services (19%), education (14%), consulting/systems integration for government (13%) and business (12%), telecom & IT (9%), health care (8%), manufacturing (6%).

About the Author

Wyatt Kash served as chief editor of GCN (October 2004 to August 2010) and also of Defense Systems (January 2009 to August 2010). He currently serves as Content Director and Editor at Large of 1105 Media.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected