Infosec job prospects recover after credit-crunch slide
Trebles all round, especially for ID management experts
The information security recruitment market is beginning to recover, after problems with the wider economy pushed job prospects and salaries down to a record low last summer, according to a new UK-focused salary survey.
Information Security was hit by the recession worse than other areas of corporate governance, internal audit, risk management, compliance and legal.
A study by recruitment experts Barclay Simpson, published on Friday, found that typical daily rates for security consultants fell between 10 and 20 per cent during 2009. Most information security freelancers signed full-time contracts amid concerns over whether ongoing contracts would be continued.
Fast forward six months from an August 2009 low and things are looking much more healthy. Barclay Simpson reports a recent increase in the number of vacancies on its books, even though job prospects for contractors are yet to recover to pre credit-crunch boom times.
Vacancies were 53 per cent higher in the second half of 2009 than in the first six months of the year, a record low, Barclay Simpson reports. Salary increases by those moving jobs recovered from 4 per cent in 1H09 to 6 per cent in the second half of last year.
Permanent job salary levels range between £36,000-£40,000 for a security analyst in London, through £65,000-£75,000 for a team leader, and on to a heady £110,000-£130,000 for head of information security roles in financial institutions. Salaries outside London are between 10-20 per cent lower. Senior consultancy pay rates are roughly comparable with in-house management jobs.
Security contractors can expect to earn between £300-£350 per day in London rising to £550-£650 per day for identity management work. Gaining expertise in this key area has much become a much sought after and handsomely paid skill.
Although the current number of vacancies remains a third 32 per cent lower than pre-credit crunch levels, the growth in employment opportunities is steady and continuing, Barclay Simpson reports. Increased confidence means the number of security specialists who have registered with the recruitment consultancy as a result of redundancy or the threat of redundancy has halved.
The improved finances of UK banks, always a big employer of information security experts, and the stabilization of the wider economy have improved the job prospects of security contractors and consultants. The high profile role that governance and regulation serve in the management of firms has also helped in directing spending priorities towards information security projects.
"We are cautiously optimistic about the recovery that is underway within the corporate governance recruitment market,” said Adrian Simpson of Barclays Simpson. “Bank failures have focused attention on their governance and regulators throughout the world are responding. It is clear that corporate governance is no longer perceived as a 'nice to have' function, but an essential business requirement."
"We are confident that the demand for information security professionals will continue to improve and we are already seeing staff shortages in specialist areas," he added.
Barclay Simpson's 2010 recruitment market report, which contains a detailed breakdown of salary trends and vacancies in information security and a look towards future prospects, can be found here
Skills shortages created through rationalisation in early 2009 have created increases in the number of banking sector vacancies on Barclay Simpson's books, a trend it expects will continue during the rest of 2010. Smaller banks have started directly employing information security staff, after the FSA began taking greater interest in info protection.
The recruitment firm expects an increase in work, for both both permanent staff and contractors, in privacy impact assessments during the second half of 2010. In-house risk assessors and security specialists can also look forward to increased opportunities in cloud computing. ®
Sponsored: Network DDoS protection