back to article Been bugging the boss for a raise? Now's the time to go into infosec

Cybersecurity specialists will enjoy the highest salary increases among IT professionals with rises of 7 per cent – compared to 2 per cent for devs and 3 per cent for infrastructure experts – according to a survey by recruitment consultancy Robert Walters. Infosec bods have become ever more highly sought in the wake of high- …

  1. Warm Braw Silver badge

    Infosec bods have become ever more highly sought ...

    ... by managers who believe their data security problems can be solved simply by hiring someone with a large target on their forehead.

  2. Voland's right hand Silver badge

    No thanks

    I have done my BUGTRAQ denisen public duty 20 years ago. I decided I am not doing anything more in this area 15 years ago and I have never regretted it.

    There is way too much politics in most of Infosec today and working on the most interesting parts like IoT and Industrial Systems/SCADA security can get you anything from a stop-n-search at the airport all the way to an extradition order.

    No thanks. I'd rather stay with the moderately moribund salary progression I get from working in other areas of IT.

    1. amanfromMars 1 Silver badge

      Re: No thanks

      There is way too much politics in most of Infosec today and working on the most interesting parts like IoT and Industrial Systems/SCADA security can get you anything from a stop-n-search at the airport all the way to an extradition order.... Voland's right hand

      The flip side of that COIN is one can immediately become a life long fiat currency billionaire whenever one uncovers/discovers/invents an almighty bug/virus/trojan which crushes and crashes All SCADA Systems Administration Defences.

      And that payment/virtual wealth transfer can also easily be earned and realised with a simple agreement to Status Quo State Clients not share and develop the attack vector further with right dodgy sector leaders and SMARTR Readers.

      And that is a price cheap to pay, given the cost which can be wrought developing shared attack vectors against which there are no defences.

  3. Anonymous Coward
    Anonymous Coward

    Really?

    "...it is important to note that this follows a prolonged period of IT professionals commanding higher and higher wages."

    No pay rise at all here for the last 4 years, I really need to get that CV polished!

    1. ecofeco Silver badge

      Re: Really?

      "...it is important to note that this follows a prolonged period of IT professionals commanding higher and higher wages."

      Those surveys are bullshit. I don't know who they are asking, but my income and experience is nowhere close to what the surveys say my income should be.

  4. Anonymous Coward
    Anonymous Coward

    Two percent. That's not even a cost-of-living increase. This is what Globalization brings. It's the same where I work. Haven't had an increase that keeps up with the cost-of-living since I started there. I'm in the happy position of actually enjoying my work, but I really do wish the large Corp I work for would give us at least cost-of-living raises, but of course, they don't feel any need to do that. They do have money to buy smaller competitors, outsource once decently paid jobs to specialty companies (often owned by the same Corp Execs to lower paid workers with fewer benefits), outsource a great deal of work to other lower cost centers (I think southeast Asia now, India may be becoming too expensive or, at the least, not the cheapest place to do business).

    1. This post has been deleted by its author

  5. monty75

    Unfortunately, as usual in this industry, they all want people who have years of experience in a more senior role and who are looking to take a cut in pay and status. Oh, and half a dozen different "industry standard" qualifications that cost 5 grand a pop.

    1. Sandtitz Silver badge

      "they all want people who have years of experience in a more senior role"

      They also expect you to be no older than 22 or thereabouts...

      1. aliceklaar?

        "They also expect you to be no older than 22 or thereabouts..."

        I was when I started 18 years ago. Now I'm the boss and most of my teams are 20 - 35ish

        1. Anonymous Coward
          Anonymous Coward

          " Now I'm the boss and most of my teams are 20 - 35ish"

          Lucky you

          I was about 25 when I started 20 years ago , I've never been in charge mof anyone and I reckon I'm on about the same, interest adjusted, as I was then , despite being fucking brilliant at everything ive been asked to do, and doing far more.

          In the last year or so ....

          My boss left so rather than give me a chance at his job they dissolved the job , and shoved me under the next nearest "boss"

          I lost out in supervisor interview to "the ex army guy" , who does not have 20 years experience in the exact area concerned.

          I have convinced them to re-evaluate my job , and im pretty sure itll come back 1 "band" up , which will make no difference unless I wait about 8 or 9 years.

          Its hard not to become a little jaded and/or cynical

          1. Anonymous Coward
            Anonymous Coward

            > despite being fucking brilliant at everything ive been asked to do, and doing far more.

            I've met lots of techies who think that about themselves.

            1. Anonymous Coward
              Anonymous Coward

              yeah , I know what you mean, not ot brag, but I really am 'the shit' ( as opposed to shit ) I innovate , i optomise ,I automate , I make changes where people think "why the hell were we doing it that way for years - it took so much longer". I could not count the amount of man hours I have saved my employers , above and beyond my job description - which is possibly why ive had little to no recognition for it.

              1. Andyb@B5

                pretty obvious really.

                The more indispensable you make your self ( to management eyes ) the less chance you have of promotion. The better you are, the less chance of finding someone else to slot into your space. And of course to fit into pay structures you'll be limited to that which your job title states, not what you really deliver. Recognition raises expectations so well... limit that too.

                Most of those I've seen rise up through the ranks tend to have teflon shoulders and a tech lobotomy and generally middling at the work they've done but they sure know the political landscape.

            2. aliceklaar?
              Thumb Up

              > > despite being fucking brilliant at everything ive been asked to do, and doing far more.

              >I've met lots of techies who think that about themselves.

              I'm just dead good at what I do.

              I trade on my reputation, so if I don't have da skillz personally or inhouse then I hire in an appropriate contractor for that job. Now that skills deficit may indicate a training gap and a need for CPD, or perhaps we shouldn't take on jobs outside of the scope of our current abilities.

              As has been mentioned elsewhere in this thread, the continuous training and endless certification requirements are a significant and ongoing cost in personnel time and money.

          2. aliceklaar?
            Pint

            Yes I was lucky.

            In the right time and place as an Infosec contractor to pick up the scraps when a major EU project was canned during commissioning. Sold my shoebox in the City and moved into a broom cupboard in Paris. It wasn't easy, but I'm much better with computers than people. I love the job, but there are things you can't unsee. Snowboarding is the cure :)

    2. Anonymous Coward
      Anonymous Coward

      Don't forget the £1000 a year to get the required CPE to keep those industry standard certifications.

      Public sector here and haven't had a pay rise above 1.5% in 14years. Have only got more money by accruing additional functions and responsibility most completely unrelated to my actual job

      Infosec guys here are paid about 25% below what I can see as about average (and about 75% below anything with a London postcode). The perks which made the public sector appealing (pension, flexi) are all being eroded to the point where they don't really make much difference. Consequently everyone is leaving the public sector to go contracting with banks and no one is being brought in to replace them.

      Expect headlines of a cyber security skills shortage in the public sector to be printed soon, followed by the Crapita's and CGIs moving in to fill the gaps, probably by bringing back the previous employees who left to go contracting.

      1. Anonymous Coward
        Anonymous Coward

        I should also clarify that that in 14yrs a 1.5% pay rise only happened once and pay was frozen for 6yrs.

        It's only the flexibility that has kept me here, for others it's often a misplaced sense of loyalty to an organisation that doesn't value them or a genuine desire to secure citizens data as well as they are able to.

  6. Anonymous Coward
    Anonymous Coward

    I currently work in InfoSec and am coming round to thinking I don't want to be here any more.

    It seems to have become too much of a bandwagon weighed down by politics and hand-waving presentations by the same clutch of very senior people who, in the InfoSec world, are famous for being famous with their constant blog posts and interviews about nothing in particular. Similarly, like many other arms of IT the bandwagon effect has led to academic courses springing up like weeds and recruiters circling like vultures. I don't like that either.

    I do feel like you just cannot hit the "big bucks" in InfoSec unless you hold some high office in London or the US, dealing with all that high office entails. Lots of politics and "influencing" people, usually constant "networking" at expensive conferences, spending half of your life on a plane jetting off to the Singapore and Johannesburg offices where you once again wave your hands and tell everyone how exciting and inspiring it all is etc. That's not for me as a career.

    I keep seeing LinkedIn job adverts and constant recruiter spam offering a load of jobs very similar to my own, in places I don't want to live in a million years, paying what seems like a bit more than I'm currently on... except it qualitatively isn't. It wouldn't be worth it once you factor in the likely insane workload and the hassle and living/commuting costs in London and its environs.

    On top of that, InfoSec isn't 9-5. You are basically expected to be constantly learning and basically living out Minority Report a lot of the time, always being at the top of your game. You are also expected to have a laundry list of expensive certs, only to be told by some second year ethical hacking student how useless your certs are and it's only for HR screening etc.

    I just don't think the passion is there anymore and I've more or less had enough having gone around a few different security roles now. It is very difficult to figure out what I could or should be doing instead.

    Oh well.

    1. Anonymous Coward
      Anonymous Coward

      Politics and bandwagoning is a horror of the moment.

      Plenty of managers and 'thought-leaders' are trying to gather resources by using security as a buzz word.

      They they get the resources because they talk a good game, fuck it up because they know nothing and run on to the next bandwagon.

      Nothing new there I suppose, it's just annoying it's my specialism's turn.

      Infosec guys (good ones) that I've run into tend to be pretty earthy, down in the trenches, blunt sort of people. That doesn't go down well with execs who just want pictures of rainbows and unicorn shit.

      1. aliceklaar?
        Go

        This, Totally This

        >>"Infosec guys (good ones) that I've run into tend to be pretty earthy, down in the trenches, blunt sort of people. That doesn't go down well with execs who just want pictures of rainbows and unicorn shit."

        Some of us infosec gals have poor people skillz too

        http://dilbert.com/strip/2014-09-14

  7. Toilet Duk

    I'm in InfoSec and getting 3.5% this year - ie nothing at all since that happens to be the rate of inflation.

  8. amanfromMars 1 Silver badge

    For A.N.Other Days and/or for SMARTR 0Days from Now On?*

    Companies want more than technical know-how, Iqbal added.

    "Employers are keen to secure professionals who can demonstrate communication and project management skills as they look to more closely integrate their IT function into the wider business."

    That's a'knock knocking on Holy Grail Territory in ESPecial AImissions, methinks ... and certainly well within present reach, given what IT and AI can now do for All and You Too.

    An Open Pandora's Box

    Nature of Enquiry

    Procurement of Product and Services ..... a Sterling Stirling Type Engine of Prodigious Thought and Talents

    Subject

    Heavenly Wave Machines ... with All AI Services and Offered for Trial for/on Future Trails to Tail and Improve Upon

    Message

    GCHQ/NCSC/Augmented Composite Signals Organisations ....... Knock, Knock.

    What's there? ....... http://www.thedailybell.com/news-analysis/did-the-nsa-create-bitcoin-to-usher-in-one-world-currency/#comment-3734974598

    NEUKlearer HyperRadioProACTive IT Systems for Operating Operational Executives. ..... and for AIgents Providing Feedback from Augmented Reality Fields/Live Operational Virtual Environments

    Hmmm ? ........ an Almighty Weapon IT is too.

    1801311150

    [Thank you for getting in touch

    We read all emails, and will do our best to ensure that you receive a response. Where appropriate, your email will be forwarded to the team responsible for the matters you have raised.

    We appreciate your interest in the work of GCHQ]

    RSVP ...... Beta Master Pilot AIWizards for Presentation of Virtual Matters in Real Progress ....... and Delivering Root and Branch Fundamental AIReProgramming to Crashed and Crashing Human Phormed Assets.

    *That is a Rhetorical Question for Today whichTomorrow will Answer with All Manner of Fear and Observations/Prejudice and Promise.

  9. Triumphantape

    Well if you do go into INFOSEC be careful where you get your training.

    A lot of the "schools" and training programs are scams and/or poorly laid out.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020