Thursday, January 31, 2019

Information Security lead roles with salaries

This is an alternative model to understand the Information Security maturity level of a medium/large company. This is based just on my experience in companies and therefore it's to be used just as a reference. Salaries are for London based permanent employees. I don't pretend this model to be very accurate but can be used as a starting point to understand the maturity with one simple question: who will lead the information security?

Possible answers:

1) Network and security manager (base salary £50k to £70k), this person comes from the network background and probably has none or very little experience in security.
The company has no security culture and does not even imagine what information or cyber security means. They will deploy security appliances and maybe buy some external services without understanding really the value of them.

2) Information Security Manager (base salary from £70k to £85k), this person has usually previously no experience in leading Informaton Security teams.
The company has a very little security culture and some security intiatives/projects are delivered.

3) Head of Information Security (base salary around £100k+20% bonus), this person has 0 to 2  experiences in leading Information Security.
The company starts to take security a bit more seriously. The company starts to have a security strategy with multiple projects.

4) Group Head or Director of Information Security (base salary from £120-130k + 20/30% bonus to £150k), this person has at least 2-3 previous experiences leading Information Security.
The company understood Information Security is important even if probably the senior management (CEO) has still no interest in the Information Security and still think Information Security is a "technical" thing for "technical" people.

5) Chief Information Security Officer (CISO, salary from £130k up to £250/300k + bonus). This person has a deep experience and is able to communicate difficult concepts in an easy and clear way to non-technical people.
The company has understood Information Security should be embedded in every process and the senior management (CEO and the board) would like to be informed on the Information Security.
Posted by at
Labels: , , , , , , , ,

14 comments:

  1. Johnson14/11/19 07:20

    This comment has been removed by the author.

    ReplyDelete
  2. Victoria19/11/19 11:22

    No doubt, protection against ransomware is an important part of modern information security policies.

    ReplyDelete
  3. Security Cameras Australia15/1/20 07:01

    Nice reading, I love your content. This is really a fantastic and informative post. Keep it up and if you are looking for Car Tracking Device then visit Vimel Technology Pty Ltd.

    ReplyDelete
  4. Vijilan11/9/20 23:40

    This comment has been removed by the author.

    ReplyDelete
  5. Vijilan11/9/20 23:44

    Really very happy to say, your post is very interesting to read. we also providen service for Cyber Security White Label. for more information visit on our website.

    ReplyDelete
  6. SHAHZAIB1/11/20 11:07

    Wow, cool post. I'd like to write like this too - taking time and real hard work to make a great article... but I put things off too much and never seem to get started. Thanks though. construction employment agencies

    ReplyDelete
  7. SHAHZAIB19/11/20 12:27

    I think this is an informative post and it is very useful and knowledgeable. therefore, I would like to thank you for the efforts you have made in writing this article. اینترنت اشیا

    ReplyDelete
  8. Sarah19/11/20 20:07

    Evacuation of middle people would diminish the expenses in the creation and circulation esteem chain. The data advancements have encouraged the development of improved mail request retailing, in which products can be requested rapidly by utilizing phones or PC organizations and afterward dispatched by providers through incorporated vehicle organizations that depend broadly on PCs and correspondence advances to control their tasks. Alfresco Training

    ReplyDelete
  9. D. James Anderson5/5/21 11:05

    This comment has been removed by the author.

    ReplyDelete
  10. D. James Anderson10/5/21 23:28

    Like recommend (Youngs, 2004) and (Lohnes, 2012), those equivalent occupied instructors would have gone to those trainings if there were given a motivator.Security Cameras

    ReplyDelete
  11. mohsin2/7/21 12:30

    i never know the use of adobe shadow until i saw this post. thank you for this! this is very helpful. security company

    ReplyDelete
  12. mohsinkhatri4/9/21 09:06

    We are really grateful for your blog post. You will find a lot of approaches after visiting your post. I was exactly searching for. Thanks for such post and please keep it up. Great work. singapore security company

    ReplyDelete
  13. mohsinkhatri9/9/21 08:33

    This is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value of providing a quality resource for free. security firms singapore

    ReplyDelete
  14. mohsinkhatri16/9/21 13:35

    I appreciate everything you have added to my knowledge base.Admiring the time and effort you put into your blog and detailed information you offer.Thanks. singapore security guard services

    ReplyDelete

Subscribe to: Post Comments (Atom)