Salary Survey Extra: Deep Focus on GIAC Certified Incident Handler (GCIH)
Posted on
July 13, 2018

Salary Survey Extra is a series of dispatches that give added insight into the findings of our annual Salary Survey. These posts contain previously unpublished Salary Survey data.

The GCIH certification prepares credential holders to be the first line of respond to cybersecurity incidents.

Society couldn’t function without the tireless contribution of first responders who provide rescue and relief during the initial stages of a disaster. Security disasters have become commonplace in the IT realm, where the first responder must have the skills and training to detect, remediate, and resolve breaches and attacks.

One of the foremost cybersecurity credentials that provides the necessary training and education to digital first responders is the GIAC Certified Incident Handler (GCIH) credential (No. 24 on our most recent Salary Survey 75 list) offered through the GIAC certification portfolio managed by the SANS Institute.

Here’s what the salary picture looks like for GCIH holders who responded to the Salary Survey:

All U.S. Respondents
Average Annual Salary: $129,330
Median Annual Salary: $125,000
How satisfied are you with your current salary?
Completely Satisfied: 4.8 percent
Very Satisfied: 31.7 percent
Satisfied: 42.8 percent
Not Very Satisfied: 17.5 percent
Not At All Satisfied: 3.2 percent

All Non-U.S. Respondents
Average Annual Salary: $104,620
Median Annual Salary: $97,500
How satisfied are you with your current salary?
Completely Satisfied: [No responses]
Very Satisfied: 38.5 percent
Satisfied: 15.4 percent
Not Very Satisfied: 38.5 percent
Not At All Satisfied: 7.7 percent

The largest single body of GCIH holders who responded to the survey is made up of U.S. residents (82.9 percent of those surveyed), but the GIAC certification program is global in its reach. There are nine other countries represented in our results: Australia, Canada, Finland, Germany, India, New Zealand, Saudi Arabia, Thailand, and the United Kingdom.

As is commonplace in cybersecurity certification circles, most of those we heard from (90.8 percent) are men, with women accounting for fewer than 10 percent (though not by much) of those certified. Most of the GCIH-certified professionals we heard from are mid-career professionals, with 32.9 percent of those surveyed landing between the ages of 35 and 44, and 36.9 percent between the ages of 45 and 54. The outliers are the 14.5 percent of those surveyed who are between the ages of 25 and 34, the 13. percent between the ages of 55 and 64, and the 2.6 percent between the ages of 65 and 74.

You don’t have to hold a college degree to become GCIH-certified, but degrees appear to be a strong predictor of success. In the case of more than 80 percent of respondents, the highest level of formal education completed is either a bachelor’s degree (38.2 percent), master’s degree (35.5 percent), doctorate (2.6 percent), or associate’s (two-year) degree (5.3 percent). The rest are either currently in school (1.3 percent of those surveyed), or went no further than to either complete high school (7.9 percent) or add post-high school technical training (9.2 percent).

Most of GCIH holders who responded to the survey have full-time jobs (98.7 percent of those surveyed), with just a handful currently taking sabbatical (1.3 percent). Among those on the job, more than 97 percent of respondents are fully engaged, with 31.6 percent putting in a standard 40-hour work week, 51.3 percent at work between 41 and 50 hours per week, and 14.5 percent logging more than 50 hours per week. A fortunate few, just 2.6 percent percent of those surveyed, work between 31 and 39 hours per week.

In terms of workplace standing, the largest single group of GCIH holders (45 percent of those surveyed) are senior specialists, followed, in descending order, by directors (13.8 percent), senior managers and managers (11.2 percent each), specialists (10 percent), rank-and-file employees (5 percent), and executives (3.8 percent).

There are very few cybersecurity newcomers in in the GCIH bunch. A mere 3.7 percent of respondents have worked in a role that directly utilizes one or more of their certified skills for between zero years (1 to 11 months) and two years, while 16.3 percent have been thus engaged for between 3 and 5 years, 15 percent have been at it for between 6 and 8 years, and 11.3 percent have between 9 and 10 years of direct cybersecurity experience. The rest, more than half (53.7 percent) of those surveyed, have been plying their certified skills for more than a decade.

Finally, here’s the view of GCIH holders on key questions from the survey about how certification impacts job performance:

At my current job I use skills learned or enhanced through certification:
Several times a day: 71.3 percent
Several times a week: 21.2 percent
Several times a month: 5 percent
Occasionally: 2.5 percent
Rarely: [No responses]

Since becoming certified, I feel there is greater demand for my skills.
Strongly agree: 40 percent
Agree: 41.2 percent
Neither Agree nor Disagree: 16.3 percent
Disagree: 2.5 percent
Strongly Disagree: [No responses]

Becoming certified has increased my problem-solving skills.
Strongly agree: 35 percent
Agree: 47.5 percent
Neither Agree nor Disagree: 12.5 percent
Disagree: 3.8 percent
Strongly Disagree: 1.2 percent

Becoming certified has increased my workplace productivity.
Strongly agree: 38.7 percent
Agree: 38.7 percent
Neither Agree nor Disagree: 18.8 percent
Disagree: 2.5 percent
Strongly Disagree: 1.3 percent

About the Author

Certification Magazine was launched in 1999 and remained in print until mid-2008. Publication was restarted on a quarterly basis in February 2014. Subscribe to CertMag here.

Posted to topic:
Jobs and Salary

Important Update: We have updated our Privacy Policy to comply with the California Consumer Privacy Act (CCPA)

CompTIA IT Project Management - Project+ - Advance Your IT Career by adding IT Project Manager to your resume - Learn More