The high-profile security breaches of the past few years have made it clear that organizations need to do everything necessary to safeguard their technology stack and databases against both internal and external threats. According to a new analysis of Dice salary data, that need has translated into salaries for certain tech professionals that greatly exceed the baseline for tech-pro salaries. Lead Software Security Engineers, Directors of Security, Security Consultants and others tasked with repelling cyber-threats can expect to earn six-figure salaries per year—so long as their skills, experience and certifications prove to be a match for very demanding roles that are continuously evolving. With that in mind, here’s a list of the top 10 security jobs, ordered by average salary for 2015: Lead Software Security Engineer Lead Software Security Engineers are often charged with quite a lot. Depending on the specific job, someone in this role might be tasked with doing everything from maintaining and deploying training programs for employees to developing security-related aspects of application programs. In addition to certifications, and at least a BS in Computer Science or a similar technical field, Lead Software Security Engineers typically must have some “soft skills” such as excellent communication. Average Salary: $233,333 Chief Security Officer Chief Security Officers must prepare organizations to counter not only existing but also emerging threats. This includes establishing and communicating best practices for maintaining data security, as well as monitoring the effectiveness of security operations. This role often requires certifications in addition to at least a BS degree in Computer Science or similar field. Average Salary: $225,000 Global Information Security Director This role involves the maintenance and execution of information-security projects; if there’s a database breach or similar incident, the Global Information Security Director also coordinates the response. Depending on the organization and its market, tech pros in this role may be required to have a working knowledge of certain industry rules and regulations such as HIPAA or FISMA. Average Salary: $200,000 Security Consultant Security Consultants must work with clients to devise a strategy for effective cyber-security. In addition to knowing best practices and recommended procedures, they must also possess solid communication skills. Organizations prize consultants with multiple years of experience, as well as a working knowledge of industry rules, regulations and (often) enterprise products. Average Salary: $198,909 Chief Information Security Officer This role is similar in many ways to that of the Chief Security Officer, albeit with a more intensive focus on protecting an organization’s database and other information-related assets. As with the other jobs on this list, responsibilities typically include maintaining best practices and designing effective policies to handle breaches and other disasters. (Directors of Information Security, who handle many of the same responsibilities, can expect to earn $185,714 a year, or a bit lower on average than Chief Information Security Officers.) Average Salary: $192,500 Director of Security Responsibilities for Directors of Security can vary widely depending on the organization, with most centering on minimizing the risk of attack while guiding internal teams in maintaining proper security procedures. As with other roles included on this list, the Director of Security will need to interact with employees as well as external vendors and partners, so good “soft skills” are a must. Average Salary: $178,333 Cyber Security Lead The Cyber Security Lead has a particularly demanding job: evaluating the organization for potential vulnerabilities (in conjunction with analysts and other security staff), detecting any attacks underway and informing management. Average Salary: $175,000 Lead Security Engineer Depending on the organization, Lead Security Engineers might find themselves tasked with securing any number of operating environments; one recent job posting on Dice, for example, included an organization’s telephony and video-conference systems as part of the candidate’s responsibilities. Whether the organization wants its Lead Security Engineer to focus on apps or hardware, though, the job’s constants typically include reviewing code and procedures to detect security vulnerabilities, spreading awareness of those potential vulnerabilities to employees and implementing security tools to protect the organization. Average Salary: $174,375 Cyber Security Engineer Cyber Security Engineers generally have a lot of experience in penetration testing and cyber-security tools, and they’ll use them all to keep an organization buttoned up tight against internal and external threats. Many jobs require certifications in addition to at least a BS in a technical field, along with some actual experience. Average Salary: $170,000 Application Security Manager Application Security Managers are in charge of ensuring any apps produced or used by their organization meet standards for security and privacy. This role often reports to a Director of Security or similar position. Average Salary: $165,000 While all of the above roles generally offer excellent salaries and benefits, other security-related jobs pay below the baseline average for tech pro salaries. A Security Analyst, for example, may expect to earn $59,880 this year—not an insignificant sum, but below the average tech-pro salary. “Both companies and professionals recognize that security plays a key role in a company’s success, which is why we’re seeing more demand for professionals with security skills,” said Shravan Goli, president of Dice. “With that in mind, if companies and recruiters want to lure top security talent, they need to offer generous compensation packages and benefits.” No matter what the security-related position, however, a review of Dice’s job postings makes it clear that those tech professionals who take the time to earn certifications such as CISA, CRISC, CISM and Certified Ethical Hacker (CEH) will find themselves more highly sought-after by employers.
Nick Kolakowski has written for The Washington Post, Slashdot, eWeek, McSweeney's, Thrillist, WebMD, Trader Monthly, and other venues. He's also the author of "A Brutal Bunch of Heartbroken Saps" and "Maxine Unleashes Doomsday," a pair of noir thrillers.
Find Your Next Hire
Post your open jobs and reach a database of skilled technologists, with tools you need to seamlessly transition from posting to hiring.