Times tough for info security guards

July 15, 2009

Cyber attack protest in South KoreaWith all the cyberscare stories about North Korea making headlines these days, the last place you might expect to see job losses is among information security workers.

However, a survey by UK recruiters Barclay Simpson says the number of IT security professionals looking for work has risen 17 percent so far this year, even as the number of new positions has fallen by 57 percent.

“The market has been swollen by candidates whose contracts have come to an end and permanent staff who have been made redundant and are making themselves available for both permanent and contract work,” the report finds

Hardest hit are more senior and managerial roles, the survey finds, while junior roles are less affected.

Mark Ampleford, head of Barclay Simpson’s IT security unit says: “Information security, despite its current high profile, has not been protected from corporate cost cutting. Q1 and Q2 redundancy levels were high and whilst many departments have vacancies few have permission to recruit.”

Corporate cost-cutting is taking its toll, and not just through layoffs.  Swelling ranks of unemployed security technicians is further dampening salaries and wages, the recruiter says.

Lower level security analysts at banks in the UK start around £30,000. Penetration testers — pretend hackers who test client networks for vulnerabilities — can expect between £51,00 and £62,000, the survey’s salary data shows.

Day rates for contract intrusion detection specialists working within a government agency start at £250. Business continuity analysts — those charged with figuring out how to keep the lights on at organisations in crisis — can expect to make even less, just £200 a day.

This story comes full circle with word from the Guardian that the cyber attacks first thought to orginate in North Korea may actually have orginated in Britain.

(Photo: Reuters/Jo Yong hak)

One comment

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/

The industry in general has experienced an influx of fresh faces, newly certified with their CISSPs, that lack the insight and experience to do the jobs they have their sights set on. This is a normal trend for an niche industry like Information Security that experiences periodic swells in popularity, and when the new faces leave to pursue greener pastures the job market will right itself.

In the meantime, between the time that candidates show up looking for work and IT shops realize that certifications don’t equal ability, the perception of more workers than jobs can be expected to lower wages somewhat as competition for available positions heats up.

Posted by Devon | Report as abusive