6 Certifications That Get You Hired as a Security Pro
In cyber security, the list of skills isn't really new or special, but when it comes down to proving abilities, a certification is required, advises ClearanceJobs.com.
Government and private-sector salaries and priorities for cyber security are coming in close alignment, according to a report released Monday by the International Information Systems Security Certification Consortium, (ISC)2.
Responses were gathered last fall by market research firm Frost and Sullivan through a website from 10,413 professionals in the public and private sectors, including 145 federal C-level managers. Of those making $120,000 or more, 32 percent were federal chief information security officers or federal chief information officers, while only 23 percent in the private sector made that much, reports Nextgov.com.
Overall, 57 percent of federal CIOs and CISOs report salaries of $100,000 or more, compared to just 42 percent of worldwide. And there were more executives paid on the low end in the total population than in the public sector. Only 3 percent of federal cyber security chiefs earned $59,999 or less, while 21 percent of senior-level professionals worldwide were in that category.
The U.S. government, according to the survey, is not underpaying security professionals.
Tipton said that federal chief information security officers can earn up to $180,000 or bonuses may boost their pay to as much as $220,000. Meanwhile, Alan Paller, director of research at the SANS Institute, a cyber security training center, put the pay of some private-sector "hunters," network operators and penetration testers adept at finding vulnerabilities at close to $175,000.
The federal government is trying to define the skills needed in cyber security pros. A separate report from the government executives predicts the federal IT security work force will double by 2015, though Government Computer News quotes Tipton, a former Interior Department CIO, saying:
This is their assessment of what they would need. You never get what you ask for.
While federal government security has long focused on protecting confidential information, the report notes that government and the private sector now seek to address "application vulnerabilities and the potential exposure of confidential and sensitive information, data loss and leaks posed by the growth in cloud computing, the proliferation of mobile devices and the increasing use of social media," according to a press release.
With this convergence, IT becomes more commoditized and affordable, with standard platforms that are easier to manage. But standard platforms also are easier to attack.