Information Security Interim Market Report 2009
The information security recruitment market is currently a tough market with limited vacancies and significant numbers of redundant information security practitioners. Employers are in a strong bargaining position.Demand for information security staff has continued to fall during the first half of 2009, as the recruitment market has become increasingly subdued. Business investment, particularly in IT, is falling and with it the development work that helps underpin demand in information security. Much proposed recruitment is failing to receive the necessary authorisation.
Redundancy and the fear of redundancy remains a feature of the market, particularly for more senior staff in the end user and consultancy markets. There are fewer good quality junior and mid level staff entering the recruitment market, with many people preferring the security of their existing employment relationship.
One area where demand has remained relatively strong is for government skills. There is currently a rush of information security job for practitioners seeking to gain CLAS and make themselves marketable for government sector work.
There is now a large pool of redundant information security practitioners. Perhaps the best that we can anticipate is that this pool does not grow any larger during the latter part of 2009. A decisive upturn in business investment will be required to shrink it.
The Information Security Recruitment Market
*Every statistic reveals how hard the current information security market is for candidates
*The number of new vacancies fell to 25. Vacancy generation is down across all sectors and is 57% lower compared to the corresponding period in 2008
*At just 12, closing vacancies are 64% down on the corresponding period in 2008
*The number of candidate registrations is rising and is 36% higher than at the height of the recruitment market in June 2007
*At 53%, defensive registrations are a major factor and have accelerated over the last six months, continuing the upward trend since mid 2007
*At 4%, salary increases are at historically low levels, but have stabilised The raw statistics in terms of vacancy creation and number of candidates being forced into the information security job market remain daunting. Vacancy levels are at multi year lows. Redundancies will continue as companies rationalise and adapt to a smaller economy and more limited business environment.
In the present market, for those who have been made redundant the major obstacle in finding another job is not simply competition from other information security practitioners, but the lack of vacancies.
Frustratingly for candidates, those departments with vacancies often have inflated expectations. There is a recession and, not unreasonably, Heads of Department after years of candidate shortages believe they now have the opportunity to recruit their ideal candidates.
Information Security Salary Survey 2009 In the first 6 months of 2009, for those information security professionals changing jobs, permanent salaries have increased by only 4%, the same as the final six months in 2008. However, there was an actual decline in technical security salaries. This has been caused by increased competition for roles and security practitioners willing to take reduced salaries to get back into employment. CLAS consultants and penetration testers have bucked this trend. They remain in high demand and good candidates are in short supply.
Barclay Simpson analyses the salary data that accumulates from the placements we make in the UK. This provides a useful guide to salaries and salary trends in information security.
This survey consists of 20 profiles of typical security specialists, for whom we have provided an approximate salary range they could realistically expect to achieve. The profiles are for good rather than exceptional individuals and take no account of other benefits that can accrue to information security specialists such as company cars, nor do they take account of non-contractual bonus and profit sharing arrangements. View the full Information Security Salary Survey.
Summary and Conclusive Remarks Given the unprecedented contraction in the UK economy, it is not surprising the impact it has made on the information security recruitment market. Conditions have been similar to those that existed in the early part of the decade after the bursting of the dotcom bubble.
There are, however, tentative signs of improvement. While the market remains depressed, the widespread recruitment freeze in banking and financial services is starting to lift. There is a limited increase in activity from companies in the consulting, systems integration and telco sectors. There is also a build up of latent demand for business continuity professionals. The contract market has stabilised at much lower levels of demand and the increase in the availability of experienced security practitioners has depressed rates.
Whatever happens to demand, it is likely that there will be further redundancies as the corporate sector consolidates and any rebound in the economy will take time to filter through to employment.
In our view, the information security market may be at or possibly past its nadir. While market conditions for information security professionals are ultimately dependent on the economy, those pursuing careers can take comfort from the fact that IT is constantly evolving, presenting new security challenges that will support the need for their services. The technical, reputational or political risks of security breaches are better understood across all economic sectors and, in the medium to long term, information risk and security will remain a growing profession.
Barclay Simpson is a Corporate Governance recruitment specialist