Salary Survey Extra is a series of periodic dispatches that give added insight into the findings of our most recent Salary Survey. These posts contain previously unpublished Salary Survey data.
Cloud computing can be a real rainmaker in terms of furthering the business interests and bottom line of companies and organizations. Remote storage of data, software and servers on demand, simplified access to robust tools for developers, and many other benefits have caused adoption of cloud technology to loom large over the IT landscape.
Billowing demand for cloud solutions, however, has also kicked up a storm of security concerns. Businesses that aren't properly prepared can fall victim to the thunder and lightning of data breaches and other mischief rained down by eager hackers. The fast-brewing cloud security niche is a great place for information protection professionals to find stable and lucrative employment.
Gusting security anxiety blew the Certificate of Cloud Security Knowledge (CCSK), offered by Cloud Security Alliance, all the way to the top (No. 1!) of our Salary Survey 75 list at the end of last year. If cybersecurity in general is an area of pressing need, then demand for cloud security specialists is a regular four-alarm blaze.
That's true not just in the United States — while 57.6 percent of CCSK holders who responded to this year's survey are scattered across the 50 states, there's a healthy global population as well. In all, we heard from CCSK-certified individual in 12 countries outside the United States: Brazil, Canada, China, Colombia, France, Germany, India, Israel, Netherlands, Slovakia, Taiwan, and the United Kingdom
Among U.S. CCSK holders, the average annual salary in 2016 was an eye-opening $149,760, with a median annual salary of $138,340. In other reaches of the globe, the numbers are considerably less staggering. The average annual salary across all countries outside the United States was $69,590, with a median annual salary of $67,550.
Per the norm in the male-dominated cybersecurity realm, 94 percent of all CCSK-certified survey respondents are men. Though there is some representation among millennials, with 27.6 percent of those surveyed falling between the ages of 19 and 24 (3 percent) or 25 and 34 (24.6 percent), most CCSK holders are either just entering middle age (23.8 percent between the ages of 35 and 44) or deep in the heart of it (33.1 percent between the ages of 45 and 54). At the far end of the spectrum are a smallish 15 percent either between the ages of 55 and 64 (13 percent) or between the ages of 65 and 74 (2.5 percent).
The highest level of education attained by most CCSK holders is either a bachelor's degree (36.4 percent of those surveyed) or master's degree (45.5 percent of those surveyed), though some have gotten by with either an associate's degree (6 percent), or nothing more than post-high school technical training (12.1 percent).
Nearly all CCSK-certified individuals have a schedule to keep, with 94 percent employed full time, compared to just 3.2 percent who have part-time jobs, and 2.9 percent who are currently on the employment sidelines. Going somewhat against the cybersecurity grain, CCSK holders are not horribly overworked. Though 40 percent of survey respondents do work between 41 and 50 hours per week, only 5 percent put in more than 50 hours.
For the most part the rest are either keeping a standard 40-hour work week (39.4 percent), or working somewhere between 31 and 39 hours per week (12 percent). An intriguing 3.3 percent claim to work fewer then 20 hours per week — where can the rest of us get one of those gigs, right?
CCSK-certified professionals are most likely to be found at the senior specialist rung of the corporate ladder (36.8 percent of those surveyed), though an impressive 48 percent are either executives (5.7 percent), directors (21.2 percent), senior managers (6 percent) or managers (15.2 percent). (Just 6 percent consider themselves specialists, while 9 percent are rank-and-file employees.) All of that placement near the top of the pyramid may at least partially explain the flashy average annual salary figure.
It takes a lot of security experience, it would seem, to add CCSK to your resume. A solid 60 percent of those surveyed have work in security for more than a decade, while an additional 21.2 percent have been in the field for between 6 and 8 years. There are a handful of novices (6.6 percent with between 3 and 5 years of security experience) as well as a fair number of newcomers: 12 percent of respondents have worked in cybersecurity realm for between 0 years (1-11 months) and two years.
Finally, here's the view of CCSK holders on key questions from the survey about how certification impacts job performance:
At my current job I use skills learned or enhanced through certification:
Several times a day: 66.8 percent
Several times a week: 24.2 percent
Several times a month: 9 percent
Occasionally: [No responses]
Rarely: [No responses]
Since becoming certified, I feel there is greater demand for my skills.
Strongly agree: 42.8 percent
Agree: 39.1 percent
Neither Agree nor Disagree: 11.9 percent
Disagree: 3.2 percent
Strongly Disagree: 3 percent
Becoming certified has increased my problem-solving skills.
Strongly agree: 30.3 percent
Agree: 48.5 percent
Neither Agree nor Disagree: 15.2 percent
Disagree: 4.1 percent
Strongly Disagree: 1.9 percent
Becoming certified has increased my workplace productivity.
Strongly agree: 18.3 percent
Agree: 51.5 percent
Neither Agree nor Disagree: 24.2 percent
Disagree: 2.8 percent
Strongly Disagree: 3.2