show me the money
cyber security analyst
Demand for cyber security skills in the UK means that salaries for full time IT security jobs are increasing faster than contractor rates, according to a new survey. Annual IT security permanent salaries climbed by 5 per cent (from Q4 2015 to Q4 2016) to £57,706, compared to a 0.62 per cent increase for contractor day rates ( …
UK IT salaries have always been crap. Thats why I am a contractor.
Permanent salaries may be rising faster but contractor rates are still twice as much.
If you were to work 5 days a week at £480 a day as the article suggests and you decide tobdo only 40 weeks of work, you've got £96k.
Realistically as a contractor you probably wont be that busy, however, if you earn the same as a permanent worker you're probably working half as much.
More time for the wife and kids. Everyone wins.
Ive only ever been permanent once and hopefully never again. Its the biggest waste of your life ever.
I think I reached about 25 and asked myself "what the fuck am I doing?". 5 out of 7 of the days in a week spent working.
Arguments surrounding sick pay, holiday pay, security (especially security, all eggs in one basket? Er no.) etc are weak.
No amount of cheap fringe benefits would cause me to want to give up the time I get with my family only massive, stinking, heaping piles of cold hard cash would and even then a large amount of effort would have to be put in to keep me.
My message to the kids out there. A career is not defined by your progression in a single organisation it is defined by your ability to exploit, expand and build on your own skills and experience.
Anyone can suck a dick for a promotion, but not everyone can be the best at what they do.
Preach, I’m about to hit 25 this year and I’ve been in 5 tech jobs since I was an apprentice 6 years ago. Being a mercenary is and was the only way to survive as Loyalty to organisations is not a valued currency.
As soon as i can operate comfortably at the 3rd line rank I’m now on (so another 2/3 years) it’s time to contract abroad (No kids or wife/gf atm). My skills should be in demand by financial institutions and others who don’t want to go full cloud due to inherent risk or have existing on-prem deployments they've screwed up.
I know a few guys making decent money from cyber security contracting but they are very highly qualified people with experience in very high places. But even they are not really earning all that much (£60k maybe). Possibly within London you get more, who knows, that place it its own little world anyway. The story average seems very high compared to real life.
I'll be doing my CISM shortly and have been in information security (which is wider a remit than 'cyber' although since it's not in the CEO cool book it's counted as a lesser thing) for more than 10yr. All in public sector so the pay is obviously shite although the conditions suit me more than money right now.
In 'cyber' recruitment it doesn't matter if you have any experience or can actually do the job in a meaningful way, just buy the right exams and learn to to talk the visionary BS that HR love and your in.
I'm only doing CISM for job insurance, does nothing to help me day to day in fact the course is so bloody basic it should be an embarrassment to the provider (CISSP is the same).
This post has been deleted by its author
Central London here, at a medium-sized financial services firm (not consumer-facing); senior analyst after 15 years experience including an unexpected amount of responsibility at a reasonably well-known $previous when my boss was fired and not replaced; have the magic combo of speaking tech (Linux AND windows AND a basic networking) AND speaking human, so I can talk to management, run training and whatnot; £75K and a £5k bonus.
Sounds a hell of a lot, doesn't it? Well I can't afford to run a car, let alone take
exotic foreign holidays, put the kids through private school or anything like that. And the beer's a fiver a pint down here -- good beer, anyway, not that fizzy orange shit -- and my current pension (I'm 50) wouldn't cover my rent. (I don't own property, which is largely my own fault for assuming the bubble would burst "ANNNNY moment now" 20 years ago, and for being born to un-rich parents. (Not poor, but they've never financially subsidised me. Although my dear Dad, rather sweetly, offered to loan me £30k for a deposit on a house recently... £30k!!)
Maybe it means that security is finally being moved higher up the corporate food-chain. The bad new is that it might simply mean that existing dwellers up there are simply adding it to their job titles - the Didos of this world could do that without a qualm.
But could you believe anything from a man who can emit garbage like this:"Businesses must foster a culture of learnability"?
Hackers are innovative, so the fact firms are now tacking Cyber Security more seriously show's the corporate mindset is behind the times.
It's interesting to note what web sites using IDS/IPS sites to block anti-s0cial computers visiting their websites, most websites seem to block, the time it takes for them to block indicates the type of code they have protecting their sites and from what against, so just like you can wireshark tcp traffic and work out the device and browser being used, you can use malware to working out the IDS/IPS in place and then exploit vulnerabilities in some of these IDS/IPS systems.
Interesting to note Google's main search site stays up, probably due to their custom built front end, but their Maps facility appears to have a weakness preventing Google from displaying their map data. This could be disruptive for their other users which could be exploited.
A little thought experiment. When considering how easy it is to update firmware from code ie you dont need to expose an EEPROM to UV light or have to short some jumpers to update some firmware, just how secure are your systems without some sort of physical manual intervention?