This report looks at trends in recruitment and compensation for cybersecurity employees, with a view to giving professionals - especially those looking for a career change - insight into the market.

How to break into the C-Suite. The report offers tips for cybersecurity employees hoping to break into executive roles, such as:

  • Understand what’s behind your ambition - whether it’s the desire for prestige or the opportunity to drive change within an organisation. Knowing what you ultimately want from the job will be helpful in finding the right fit.
  • Figure out what your values are. Under pressure, when everyone’s looking to you to make a decision, having a code of conduct already mapped out will help you act quickly and mindfully.
  • Build up your business knowledge so you understand the interconnections between cybersecurity and the organisation at large and can articulate them to the board. 
  • Boost your leadership skills - harness the wealth of resources that’s out there. Don’t shy away from feedback from your team, as it’s pivotal for helping you improve.
  • Find a mentor who can help you navigate the challenges of climbing the career ladder.

How to choose between startup and corporate. The report looks at the differences between corporate and startup culture:

  • With smaller teams, startups’ ‘all hands on deck’ atmosphere allows you to take on more responsibility and try new things. In a corporate organisation, you’re far more likely to build up your expertise in one area and become a go-to specialist, putting you in high demand.
  • Startups are inherently risky - they fail more often than not. You’ll need to make a judgement call about the viability of the business before taking on a position.
  • While corporations provide a stable salary that will probably exceed what a startup can offer, startups typically provide stock options - which could provide exceptionally high returns if the company succeeds or nothing if they don’t.

How to get into cloud security, application security & pen-testing. The report offers actionable advice for people aiming to enter cloud security, application security, or pen-testing. It highlights available certification options and provides practical guidance on enhancing knowledge in each area.

The salary guide. The report also offers a salary guide for young and experienced cybersecurity professionals. It states what jobseekers can broadly expect to be offered, depending on how well they meet criteria such as background, location and years of experience. It offers salary insights for: application security engineers, DevSecOps engineers, application security architects, cloud security engineers, cloud security architects, detection & response engineers, security operations engineers, monitoring analysts, privacy analysts, GRC analysts, threat hunters, threat intelligence analysts, enterprise security architects, IAM engineers, penetration testers, and product security engineers. 

Below is the table: 

Source: Adapted from Stanton House Cybersecurity Salary Guide 2023


Read the full report