Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
Editor's Blog and Industry Comments

Career development in IT Security

08 June, 2009
With salaries having remained stable or grown during the last 12 months, (ISC)2 tell us more about careers in the field of IT Security
Earlier last month, I spoke to John Colley, the Managing Director of ISC-Squared EMEA and Iain Sutherland of Information Security Solutions (ISS) about changes in the roles of IT professionals and the new breed of security experts required by the industry.

Against a backdrop of continued high profile data loss scandals and surveys revealing widespread implementation inconsistencies for security policies within UK industry, the role of the IT Security professional is one that is under considerable focus.

With a 20 year history, ISC-Squared or (ISC)2 is an organisation with aspirations to become the recognised professional certification body for IT security professionals worldwide. Their membership has swollen in recent years with a membership of 62000 with European membership having recently hit the 10000 mark, the majority of which are in the UK but with significant numbers also in the Netherlands, France, Germany and Switzerland.

As IT has always been a profession where skills requirements are constantly shifting as technology changes, I was interested in knowing where current demand is lying. Iain explained that the main focus areas are data leakage and compliance. Skills in ISO 27001 implementation are also highly valued and that recruitment is picking up in all these areas.

These are hardly boom times and so what has been the impact of budget cuts on the salaries of these professionals which remain in such high demand. Iain went on to explain that although 72% of the companies surveyed had experienced budget cuts in the previous year, they were not expecting any further reductions and that over a third of these respondents were actively looking to recruit.

The salary survey, which was conducted by (ISC)2 with ISS in April, revealed that 56% of IT professionals had seen an increase in salary during the last 12 months and that 38% had remained the same reflecting the importance given to the role despite other economic cutbacks that are being made.

The average salary for the period came in at around £56000 per annum for permanent staff and this reflects the seniority of the positions held by IT security professionals in general. With large proportions of IT staff being contract workers, I was curious as to whether this trend was shifting. John explained that although contract workers surveyed were attracting good daily rates which had been held steadily during the year, there had also been many redundancies in the contract area.

He went on to say that IT Security is seen as a very good career opportunity and that the survey reflects this with 6% of respondents holding functional head positions and over half having some managerial responsibility. However, the problem is breaking into this area with most recruiters looking for experienced professionals. Also, to reach the more senior positions, business skills are also required reflecting the new breed of hybrid professionals which will shape the industry's future.

I asked John what (ISC)2 can do to help its members overcome these difficulties of breaking into such a lucrative career path and develop their profession. There are clear advantages to joining the organisation which is structured similarly to other professional institutes with associate and full membership programs. John explained that to join the Associate Membership program, a certain amount of experience is required, an exam needs to be passed and the potential member needs to conform to (ISC)2's ethics policy and commit to continuous professional development.

The organisation also contributes to member's development with the provision of free one day workshops, webinars and seminars. (ISC)2 has also just increased it's budget to expand the conference program for it's membership.

To help (ISC)2 members get on the IT Security Professional career ladder, the organisation also sponsors career clinics where recruiters are in attendance as well as vendor presentations.

The latest news from (ISC)2 in early June indicated that as many as 80% of recruiting organisations in Europe are experiencing difficulties in finding the right calibre of staff as the job market is expanding. These companies are citing, amongst other things, lack of training and professional development as factors influencing their recruitment difficulties.

This is a good time to embark on a career in IT Security and it is encouraging to have an organisation representing members of the profession and driving professional development and career progression in an industry that would otherwise be difficult to keep abreast of.

Related (ISC)2 news:

29th April - EMEA certified professional community grows

30th April - Information security salaries maintain their value

5th June - Lack of available IT security skills despite economy
Bookmark and Share