Security Career With Highest Payout

egrizzly · September 2018

We've all heard of all the dozen or more InfoSec certifications out there. CISSP, GSEC, GCIH, CISA, CISM, CCSA, etc. The list goes on.
However, do you all know which one pays the highest, or at least which are the top 3 highest paying careers and any idea of how much they pay.

This is assuming everything being equal. Assuming the candidates all have the same level of experience in their given roles.

cyberguypr · September 2018

What is the goal with knowing this? Are you trying to make career decisions based on compensation? I argue it's inherently flawed to try to measure this becusae you just can't keep everything equal no matter how hard you try. Titles or reponsibilities vary from company A to B so trying to circumscribe it to roles achieves nothing. An architect, sales guy, consultant, etc. in security can all make ridiculous amounts of money.

Clm · September 2018

If you want to make sure you have the cert that gets you paid the most then just get them all lol. But honestly, if you're looking to get paid high there are a lot of factors to consider location, Role, Organization, Vertical, Technology the list goes on. what I would do is pick a number that you like just say 150k (that's a lot to me) and find the roles that offer that pay. Pick which ones you can enjoy doing and then find all the people in those roles and research what they have. Ask them if you have to.

JDMurray · September 2018

Looks like you are going to be shooting for CISO. There's a cert for that!

Clm · September 2018

JDMurray wrote: »

Looks like you are going to be shooting for CISO. There's a cert for that!

How is that cert I like the idea im just wary of EC Council

Danielm7 · September 2018

Clm wrote: »

How is that cert I like the idea im just wary of EC Council

Stay wary, I'm fairly sure he's joking.

cyberguypr · September 2018

Do not speak ill of EC Council. I will not allow it.

DZA_ · September 2018

From what I've heard from and discussed with others that even for a CISO, they're not up there with their counterparts. If you're aiming for the highest salary with all things equal, I'm going to position that a very skilled senior sales architect/engineer would be the way since they generate income for the organization + commission and bonus.

EANx · September 2018

JDMurray wrote: »

Looks like you are going to be shooting for CISO. There's a cert for that!

Well played

Mitechniq · September 2018

I have pursued a lot of certifications and what I have realized throughout the years. The person that is above me in position and probably in pay has always had less certs than me. When I was a Linux Administrator, I had my RHCSA but the engineer above me had no cert. When I worked on VMware I got my VCP-DCV but the Architect above me only had a Comptia cert..Now in Security, I rarely see a person above me with certs...

egrizzly · September 2018

That's why I started this thread...hmmm. Thanks for the input

Clm wrote: »

If you want to make sure you have the cert that gets you paid the most then just get them all lol. But honestly, if you're looking to get paid high there are a lot of factors to consider location, Role, Organization, Vertical, Technology the list goes on. what I would do is pick a number that you like just say 150k (that's a lot to me) and find the roles that offer that pay. Pick which ones you can enjoy doing and then find all the people in those roles and research what they have. Ask them if you have to.

UnixGuy · September 2018

I found there is no direct correlation between a cert and pay increase, with the exception of the CCIE is some instances.

To get the highest salary you need to be working for a company that actually pays those high numbers (a lot of companies have a pay cap), you need to be good at something IN DEMAND, and you need to be in the right place at the right time.

General manager, CISO/CSO, CIO, Sales, PreSales, Architect, Consultant, VP...are among the titles where I saw the highest salaries...

paul78 · September 2018

A CEO at a security company can rake it in too. The CEO at Qualys took home about USD$22.74MM in 2017 - most of it in restricted stock. Not sure if he has any certifications though

Info_Sec_Wannabe · September 2018

cyberguypr wrote: »

Do not speak ill of EC Council. I will not allow it.

DZA_ · September 2018

paul78 wrote: »

A CEO at a security company can rake it in too.

Let me just tweak this a bit: "A CEO at a unicorn security company can rake it in too." It'll be an episode like Billions.

paul78 · September 2018

DZA_ wrote: »

Let me just tweak this a bit: "A CEO at a unicorn security company can rake it in too." It'll be an episode like Billions.

I don't think that's necessarily true. Most venture-backed startups cap the salaries of the founders and CEO's. I've worked at startups where I made much more than the CEO. From what I understand from VC's, the average CEO cash salary is between 100k-250k. The obvious incentive is the equity which is why CEO's want to elevate their startups into Unicorn category and then either take the company public or sell it.

However, that said, the CEO at a Unicorn will really rake it in only if there is a significant liquidity event.

paul78 · September 2018

paul78 wrote: »

.... CEO at a Unicorn will really rake it in only if there is a significant liquidity event.

I thought I would check out the latest public offering of a security company. Tenable's IPO was last month. I was curious about how much the founders raked in. According to the S1, the co-founders Ronald Gula and John Huffard had 9.21 and 4.09 shares owned. I found it interesting that Renaud Deraison who is the author of Nessus and one of Tenable's co-founders was not listed as a principal shareholder on the S1.

With the IPO, Tenable is trading around USD$30 so Gula should have made over USD$276MM and Huffard should have about USD$122.7MM. They probably could have made more because the S1 indicated that during the series B offering, Gula and Huffard sold back shares at $5.81/share.

In terms of payouts, I would call that pretty good.

So I guess the best security career is to be an entrepreneur and start your own security company and build it until you can take it public. Of course, the odds of a payout are a bit more competitive and more difficult to achieve.

Tekn0logy · September 2018

egrizzly wrote: »

We've all heard of all the dozen or more InfoSec certifications out there. CISSP, GSEC, GCIH, CISA, CISM, CCSA, etc. The list goes on.
However, do you all know which one pays the highest, or at least which are the top 3 highest paying careers and any idea of how much they pay.

The highest paid would be the individual that has mastered the art of social engineering. (Is there a cert for that?)

cyberguypr · September 2018

Tekn0logy wrote: »

... mastered the art of social engineering. (Is there a cert for that?)

Of course! Chris Hadnagy's outfit runs the Social Engineering Pentest Professional (S.E.P.P.) cert.

Techand$$ · September 2018

UnixGuy wrote: »

I found there is no direct correlation between a cert and pay increase, with the exception of the CCIE is some instances.

To get the highest salary you need to be working for a company that actually pays those high numbers (a lot of companies have a pay cap), you need to be good at something IN DEMAND, and you need to be in the right place at the right time.

General manager, CISO/CSO, CIO, Sales, PreSales, Architect, Consultant, VP...are among the titles where I saw the highest salaries...

Exactly this, normally a highest paid individual is the person who saves or makes a lot of money for an organization. I’m working in the MSSP industry and arguably the best technical person in my company but the highest paid are the ones in presales, these are the guys that have a rounded knowledge in both technical and business areas. Soft skills is another highly valued aspect for the positions listed above, wish there was a certification for that too

vanquish23 · September 2018

+Location
+Cost of Living
+Years in IT field
+Size of company (budget)
+Specialty

ITSec14 · September 2018

It's worth noting that highly talented technical folks can and do often make more than even mid level management. If you possess in demand skills in the right market, you can rake in the money.

cale2kit · September 2018

Also to add on, at least for Public Sector, couple those certs with a Security Clearance and you'd be surprised at the salaries offered.

E Double U · September 2018

egrizzly wrote: »

do you all know which one pays the highest

As a matter of fact I do. What are you willing to give for this highly valuable information?

JDMurray · September 2018

Techand$$ wrote: »

...but the highest paid are the ones in presales, these are the guys that have a rounded knowledge in both technical and business areas...

Salespeople put money on a business' books and all other roles eat the money away. Looks like the highest earning security people are the ones selling security products and services.

JoJoCal19 · September 2018

JDMurray wrote: »

Salespeople put money on a business' books and all other roles eat the money away. Looks like the highest earning security people are the ones selling security products and services.

Can confirm. I still get those "in awe" moments at how much us pre-sales engineers make.

Security Career With Highest Payout

Comments