What should I ask for in Salary Range?

LeifAlire

Job is at a big Software Company in the Northwest, I was asked what salary I wanted and don't want to price myself out but don't want to leave money on the table, honestly I have no clue what range to say...any input would be appreciated.

1. Will be responsible for ensuring applications are compliant to security and privacy standards.
2. The candidate will be responsible for conducting internal audits, reviewing the remediation plans and providing guidance on Security Development Lifecycle (SDL).
3. Conduct periodic user access review audits (Front-end and Back-end) across all applications
4. Closely partner with internal (infra) and external (project) teams and ensure that security and privacy requirements are clear and reviewed by both the teams.
5. Effectively identify the risks and dependencies early in the cycle and work with the project teams in identifying the mitigation plans.
6. Effectively communicate reviews/audits status, risks and issues on a timely fashion to the project stake holders
7. Quickly resolve/escalate issues as necessary
8. Maintain security practices and principles knowledge and how it applies to our business
9. Effectively communicate security status, risks and issues on a timely fashion to the stake holders
10. Ensure compliancy with privacy, security guidelines.
11. Document lessons learned/best practices at the end of every review cycle completion
12. Has experience in analyzing IDS and IPS sensors
13. Has experience interpreting sensor logs and applying changes to the IDS/IPS using vendor profiles or regular expression
14. Has experience helping the business determine requirements for specific IDS/IPS/DLP policies
15. CISSP certification is a must

Tom Servo

I had a similar sounding position in Indianapolis once. I had no security experience (sysadmin prior) and was paid 60k. A senior level (but not manager) guy with 5 years experience made around 90k. Not sure how much experience you've got or how cost of living measures up (Indy is cheap). I always recommend checking the company and competitors on glassdoor.com if you haven't already.

The Technomancer

Depends entirely on the title, the company size, their core industry, and the area, with the area being the biggest variable. Do some market research with glassdoor.com, salary.com, and other sites like that. Look at the title they're offering, and either look at the company's salary listings or salary listings with companies near that size. If you're 10x engineer, ask for 90th percentile pay, and be willing to get negotiated down to 75th percentile. If you're not 10x engineer, ask for 75th and be willing to negotiate down the median. No matter what, always ask for more than your actual "number" to accept an offer. You might just get it, and if they talk you down to the number you want, you'll get what you want and they'll feel like they're getting a deal.

Also, if there's a lot of good benefits and flexibility attached to the role/company, be willing to leave money on the table during salary negotiations.