Pay Rates For Security Professionals

The Tech recruitment experts at North Starr have compared 2018 pay rates across the UK IT Security marketplace across different categories and the results might surprise you.  

The review  looks at salary levels  paid in the Information Security marketplace in 2017 compared to 2018 and average technology salary in the UK is  presently over £80k.

The results are summarised in the table below: 

ROLELOWHIGH% VARIATION H2 2017
Technical   
SOC Engineer£35,000£50,000+1.3%
Senior Technical Security Specialist£55,000£70,000+2.3%
Application Security Specialist£85,000£110,000+3.4%
Penetration Tester£70,000£90,000+1.8%
Check Team Leader£80,000£110,000+2.6%
Security Architect£90,000£120,000+2.8%
Governance & Compliance   
Security Policy Specialists£55,000£75,000+1.3%
Governance & Compliance Specialists£60,000£80,000+0.6%
Leadership   
Information Security Manager£60,000£80,000+0.8%
Head of Information Security£70,000£90,000+1.4%
Head of IT/Operational Security£70,000£90,000-0.8%
Security Director£80,000£110,000+0.5%
CISO**£100,000£180,000+1.2%

The variances differ over the different jobs and most have had small to medium salary percentage increases year on year. And of course many jobs vary because of the size of the business, maturity of the security function and the size of the team being managed or working with.

Technical roles like SOC (Systems on a Chip) Engineers with average annual salaries between £35k and £50k have risen around 1.3% and because the average is around £45k these people are more likely to move jobs for more money.

Whereas Application Security Specialists have salaries between £85k and £110k and have seen rises of 3.4% and are more likely to remain in their current employment.

Leadership jobs like the Head of Information Security are on average between £70k and £90k and have gone up by about 1.4%. And Chief Information Security Officers who on average get paid between £100k and £180k have had increases of around 1.2%.  

There is still a growing skills gap in the UK with a general lack of basic digital and IT skills in most companies.

Please contact andrew.nitek@thenorthstarr.com for more information.

News By CSI:        Image: Nick Youngson

You Might Also Read: 

How To Get Into Cyber Security: Tips, Strategy And Skills:

 

 

 

« DARPA Wants To Emulate Insect Brains
Blockchain Transforms The Internet of Things »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

CompliancePoint

CompliancePoint

We design and implement strategies, processes & procedures to mitigate risk, reach compliance goals, protect data assets, and meet industry standards.

SEWORKS

SEWORKS

SEWORKS provides offensive and defensive app security that ensures mobile and web apps are safe from dangerous hacking threats.

Institute for Cybersecurity & Privacy (ICSP) -  University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

Herbert Smith Freehills

Herbert Smith Freehills

Herbert Smith Freehills is a leading professional services including data protection and privacy.

CSIRT-CY

CSIRT-CY

CSIRT-CY is the National Computer Security Incident Response Team for Cyprus.

WiJungle

WiJungle

WiJungle is an Indian Cyber Security Company that develops and markets a unified network security gateway solution.

Cyber Threat Alliance

Cyber Threat Alliance

CTA is working to improve cybersecurity of our digital ecosystem by enabling near real-time cyber threat information sharing among companies and organizations in the cybersecurity field.

GreenWorld Technologies

GreenWorld Technologies

GreenWorld has a proven track record in industry leading IT asset management, secure data destruction and remarketing.

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

Elpha Secure

Elpha Secure

Elpha Secure provides a comprehensive cybersecurity solution, combining technology and insurance to protect against cyber threats.

North American International Cyber Summit

North American International Cyber Summit

The North American International Cyber Summit brings together experts from around the globe to provide timely content and address a variety of cybersecurity issues impacting the world.

Query.ai

Query.ai

At Query.AI, we are committed to helping companies unlock the power of their security data, so they are empowered to meet security investigation and response goals while simultaneously reducing costs.

Tide Foundation

Tide Foundation

Tide's breakthrough multi-party-cryptography enables TRUE-zero-trust technology that unlocks cyber-herd immunity.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Inversion6

Inversion6

Inversion6 (formerly MRK Technologies) is a cybersecurity risk management provider that offers custom security solutions.