Without a doubt, the endless number of major data breaches over the past few years has driven home the fact that organizations must step up their game in protecting both corporate and customer data. According to a new analysis of Dice salary data, that need has translated into salaries for certain tech professionals that greatly exceed the baseline for tech-pro salaries.
Lead software security engineers, directors of security, security consultants and others tasked with repelling cyber threats can expect to earn six-figure salaries per year — so long as their skills, experience and certifications prove to be a match for very demanding roles that are continuously evolving. Additionally, a review of Dice’s job postings makes it clear that those tech professionals who take the time to earn certifications such as CISA, CRISC, CISM and Certified Ethical Hacker (CEH) will find themselves more highly sought-after by employers.
With that in mind, here’s a list of the top 10 security jobs, ordered by average salary for 2015.
Top 10 Security Jobs
Click through for the 10 top-paying IT security jobs, as identified by Dice.
Lead Software Security Engineer
Lead software security engineers are often charged with quite a lot. Depending on the specific job, someone in this role might be tasked with doing everything from maintaining and deploying training programs for employees to developing security-related aspects of application programs. In addition to certifications, and at least a B.S. in computer science or a similar technical field, lead software security engineers typically must have some “soft skills” such as excellent communication.
Average salary: $233,333
Chief Security Officer
Chief security officers must prepare organizations to counter not only existing but also emerging threats. This includes establishing and communicating best practices for maintaining data security, as well as monitoring the effectiveness of security operations. This role often requires certifications in addition to at least a B.S. degree in computer science or similar field.
Average salary: $225,000
Global Information Security Director
This role involves the maintenance and execution of information-security projects; if there’s a database breach or similar incident, the global information security director also coordinates the response. Depending on the organization and its market, tech pros in this role may be required to have a working knowledge of certain industry rules and regulations such as HIPAA or FISMA.
Average salary: $200,000
Security consultants must work with clients to devise a strategy for effective cybersecurity. In addition to knowing best practices and recommended procedures, they must also possess solid communication skills. Organizations prize consultants with multiple years of experience, as well as a working knowledge of industry rules, regulations and (often) enterprise products.
Average salary: $198,909
Chief Information Security Officer
This role is similar in many ways to that of the chief security officer, albeit with a more intensive focus on protecting an organization’s database and other information-related assets. As with the other jobs on this list, responsibilities typically include maintaining best practices and designing effective policies to handle breaches and other disasters. (Directors of information security, who handle many of the same responsibilities, can expect to earn $185,714 a year, or a bit lower on average than chief information security officers.)
Average salary: $192,500
Director of Security
Responsibilities for directors of security can vary widely depending on the organization, with most centering on minimizing the risk of attack while guiding internal teams in maintaining proper security procedures. As with other roles included on this list, the director of security will need to interact with employees as well as external vendors and partners, so good “soft skills” are a must.
Average salary: $178,333
Cyber Security Lead
The cyber security lead has a particularly demanding job: evaluating the organization for potential vulnerabilities (in conjunction with analysts and other security staff), detecting any attacks underway and informing management.
Average salary: $175,000
Lead Security Engineer
Depending on the organization, lead security engineers might find themselves tasked with securing any number of operating environments; one recent job posting on Dice, for example, included an organization’s telephony and videoconference systems as part of the candidate’s responsibilities. Whether the organization wants its lead security engineer to focus on apps or hardware, though, the job’s constants typically include reviewing code and procedures to detect security vulnerabilities, spreading awareness of those potential vulnerabilities to employees and implementing security tools to protect the organization.
Average salary: $174,375
Cyber Security Engineer
Cyber security engineers generally have a lot of experience in penetration testing and cybersecurity tools, and they’ll use them all to keep an organization buttoned up tight against internal and external threats. Many jobs require certifications in addition to at least a B.S. in a technical field, along with some actual experience.
Average salary: $170,000
Application Security Manager
Application security managers are in charge of ensuring any apps produced or used by their organization meet standards for security and privacy. This role often reports to a director of security or similar position.
Average salary: $165,000