Experts in cyber security are among the most sought-after professionals in the tech sector, with demand for workers in that field outpacing other IT jobs by a wide margin.
A new survey by Semper Secure, a public-private partnership in Virginia formed to advance the cyber security profession, offers a fresh glimpse at what security workers earn, what they look for in an employer, and where the hubs of innovation are located.
[ Also on InfoWorld: Steer clear of these 20 IT gotchas for the sake of your career. | Cut to the key news for technology development and IT management with our once-a-day summary of the top tech happenings. Subscribe to the InfoWorld Daily newsletter. ]
Cyber security salaries three times national average
Cyber security professionals report an average salary of $116,000, or approximately $55.77 per hour. That's nearly three times the national median income for full-time wage and salary workers, according to the Bureau of Labor Statistics.
But it's more than just the money. Cyber security professionals say that they actively seek employers with strong reputations for integrity and those that are recognized as leaders in their field.
"For top talent, cyber security isn't about just a job and a paycheck," says Jim Duffey, secretary of technology at the office of the governor of Virginia. "It is about the hottest technology, deployed by honorable organizations, for a purpose that is inherently important."
Asked to identify the most important attributes of an employer, respondents cite these characteristics:
- Reputation for integrity; code of honor: 44 percent
- Reputation as a leader in cyber security: 34 percent
- Known for addressing leading challenges in cyber security: 33 percent
- Relatively high compensation scale: 31 percent
- Expansive cyber security career opportunities: 30 percent
- Excellence of leadership: 30 percent
- Excellence of coworkers: 23 percent
Respondents to the survey also indicated that they have a strong interest in the nature of the work they do. Asked what interests them most about the profession, challenging and meaningful topped the list:
- Interesting, challenging work: 56 percent
- Important and meaningful work: 44 percent
- Love the technology: 39 percent
- Constant change/dynamic industry: 31 percent
- Job security: 27 percent
- High salary and benefits: 25 percent
- Validates my talent and skill: 18 percent
- Opportunity to work with the best people: 13 percent
Where do the cyber security pros go to work
Where are the great hubs of innovation in the cyber security sector? Perhaps not surprisingly, respondents identified California (home to so much of the IT sector) and the greater Washington-D.C. area, with its heavy concentration of government workers, contractors and the defense industry.
One-third of respondents said that California is the center of cyber security innovation, while 44 percent believe that innovation is most heavily concentrated in D.C., Northern Virginia and Maryland.
"Government agencies and defense/aerospace firms remain magnets for cyber security professionals," Duffey says.
Asked to name the company they would most like to work for, respondents ranked Google at the top, followed by the federal government, self-employment, and Cisco. Respondents cited Symantec-Norton, IBM, McAfee, and Cisco as industry leaders in cyber security.
The survey also suggested that there is relatively little churn in the industry, with 65 percent of cyber security pros polled saying that they have worked at two or fewer organizations throughout their career.
"These people aren't jumping from job to job looking for salary bumps and signing bonuses," says Lee Vorthman, CTO of NetApp's Federal Civilian Agencies unit. "Many of them want to work for federal agencies and most of them tend to stick with employers for the long term. For companies, that means they better get them early or risk not getting them at all."
The survey also probed security professionals' career aspirations, finding that 22 percent anticipate taking on more difficult challenges, 18 percent envision themselves in a leadership role, while 16 percent are seeking to start their own company or consult, and 15 percent are aiming to become a CIO or CISO.
What cyber security pros know
Finally, the survey shed some light on the educational profile of the cyber security workforce. Eight-five percent of respondents said that they hold a professional certification, naming the Certified Information Systems Security Professional (CISSP), Cisco Certified Network Professional Security (CCNIP), and Certified Ethical Hacker (CEH) as the most popular credentials.
Forty-four percent of respondents said that they hold a bachelor's degree in computer science, mathematics or electrical engineering, and 34 percent said they hold a master's degree in those fields. Just 5 percent said that they hold a doctoral degree in those subjects.
Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for CIO.com. Follow Kenneth on Twitter @kecorb. Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn.
This story, "Cyber security pros in high demand, highly paid, and highly selective" was originally published by CIO.