An analysis of the cybersecurity job market looking back at 2014, the first half of 2015, and projecting out to 2019, reveals some interesting figures. For instance, the top paying cybersecurity job is a security software engineer with an average annual salary of $233,333, according to a recent report from the job board Dice. That tops the salary for a CSO which is $225,000.
But the big story in the cybersecurity labor market is a severe workforce shortage.
"The demand for the (cybersecurity) workforce is expected to rise to 6 million (globally) by 2019, with a projected shortfall of 1.5 million," stated Michael Brown, CEO at Symantec, the world's largest security software vendor. Not long before Brown's statement, the Cisco 2014 Annual Security Report warned that the worldwide shortage of information security professionals is at 1 million openings, even as cyberattacks and data breaches increase each year.
The shortage of experienced cybersecurity talent may explain why a cybersecurity software engineer earns more than a CSO.
According to a 451 Research recent study, based on responses from more than 1,000 IT professionals, primarily in North America and EMEA, security managers reported significant obstacles in implementing desired security projects due to lack of staff expertise (34.5%) and inadequate staffing (26.4%). Given this challenge, only 24% of enterprises have 24×7 monitoring in place using internal resources.
The need for more cyber-workers also explains why infosecurity is considered one of the best jobs out there - for the next seven years. U.S. News and World Report ranked a career in information security analysis eighth on its list of the 100 best jobs for 2015. They state the profession is growing at a rate of 36.5 percent through 2022.
Don't feel bad for the CSOs who might have engineers underneath them earning more than they do. IDC predicts that "by 2018, fully 75% of chief security officers (CSO) and chief information security officers (CISOs) will report directly to the CEO, not the CIO". This will arguably push those positions higher up in to the salary stratosphere.
Checking in with an experienced executive recruiter in the cybersecurity field aligns the market analysis and forecasts with what search firms, employers, and candidates are seeing. "The cybersecurity job market is on fire" says Veronica Mollica, founder and executive information security recruiter at Indigo Partners. "Our candidates are facing competing offers from multiple companies with salary increases averaging over 30%. Current employers are scrambling to retain talent with counter offers including 10% and higher salary increases for information security team members to remain on board."
The U.S. government numbers line up to the IT analyst and research firm statistics. More than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74% over the past five years, according to a Peninsula Press (a project of the Stanford University Journalism Program) analysis of numbers from the Bureau of Labor Statistics. The demand for information security professionals is expected to grow by 53 percent through 2018.
Sign up for CIO Asia eNewsletters.