Career Advice Tuesday – “Using Website Data In Determining Compensation”
March 27, 2012
Do you feel that the accuracy of these sites take into consideration outside factors such as clearances? What would the baseline salary be for someone with a CISSP, TS Clearance, and Masters Degree?
Better yet, how should the information gathered utilizing these tools be applied to your current compensation and desired compensation if searching for a new position.
C’mon Billy, I would think that you, of all people, would know a thing or two about negotiating price on the internet!
As an information security professional, you cannot negotiate your salary or determine your market value based on the information that you glean on these types of websites. It is simply impossible. The data is baseless, as these sites are more focused on generalities as opposed to the many nuances which may determine compensation in an information security professionals role.
I have my own opinions on some of the market intelligence and salary scales that corporations utilize when it comes down to assigning compensation for information security professionals. Considering that the information security industry is comprised of both generalists and specialists, it is very difficult to apply this type of salary information broadly
For example, if you are an identity management specialist with a CISSP, a Masters Degree, and a TS Clearance – with a highly technical skill set, you will earn considerably more than someone with similar experience who has the same credentials that focuses on Certification and Accreditation work, or policy development.
The best way to determine your market worth is to ask your peers who hold similar positions, have similar experiences, and who work for similar types of organizations within your geography. If you can get a sample of the compensation of people who share your background, you will find that your compensation should fit within the range of these numbers. It is very rare that information security professionals have compensation packages that are outliers and anomalies – we just are not that type of industry,
I would tell you and the infosecleaders audience that the factors that determine compensation usually combine skill, responsibility, location, company size, quality of life and industry type. In addition, companies that have greater commitments to the protection of their information, generally have a slightly higher scale than others.
In the future, forget sites that claim to have this information. They do little more that build misconceptions and create false expectations that are not based in reality.
Hope this helps,