HWZ Forums

Login Register FAQ Mark Forums Read

Expected salary of Security Professional

Like Tree7Likes
Reply
 
LinkBack Thread Tools
Old 25-01-2006, 12:16 PM   #31
Banned
 
Join Date: Aug 2000
Posts: 2,099
Agreed totally. but a lot depends on luck lah

start high may not be good sometimes...esp if you aren't equipped with the right demand skillsets which your job trains you..you may get high pay, but u r stucked cuz u lack the skillset to go elsewhere to comannd a higher pay...

Threadstarter, i defintely think that your experience are worth more than what others said, be confident when u sell yourself, u might just stumble across an employer who is able to recognise talent!
Xiaosa is offline   Reply With Quote
Old 25-01-2006, 01:51 PM   #32
Member
 
Join Date: Mar 2002
Posts: 235
Just my 3 cents.

The right move will be to get a job with high starting salary, such that when u switch company, the next salary jump will stil be significant.

Because u start off with $2.5k, recruiters will definitely question on the $1.5k increment, that u are asking for.

Nevertheless, do not give up. Never settle for anything less than $3.3k. 2 of my friends jumped and their increment is $800 to $1k.

Gd luck.
beri true,,,,, do not let those HR *******s,,,,,press yr price down.,,,,,
HR pppl r just some cheap stakes....
__________________
[SIZE=1]Bcom(IT) CCNA Linux+ Security+ MCSE
[/SIZE]
ksc133 is offline   Reply With Quote
Old 25-01-2006, 01:55 PM   #33
Master Member
 
sfhuang's Avatar
 
Join Date: Jun 2000
Posts: 3,986
Good informative thread. Made this sticky.
sfhuang is offline   Reply With Quote
Old 25-01-2006, 02:04 PM   #34
Senior Member
 
csy71's Avatar
 
Join Date: Dec 2000
Posts: 1,829
beri true,,,,, do not let those HR *******s,,,,,press yr price down.,,,,,
HR pppl r just some cheap stakes....

just tell them tis is not a fish market where u bargain for the best deal, if u hv the budget to meet my requirement and i hv show u wat i can do, offer me wif the right price.

Most HR like make some cut when come to compensation just to show tat they r working.

U need to prove yourself tat u r e right person for e right job n r contributing extra if u join them, all e best for these looking for a move (including me oso )
__________________
[SIZE=1]IT = as easy as ABC = idiot technology
www.aces-star-tech.com[/SIZE]
csy71 is offline   Reply With Quote
Old 25-01-2006, 06:36 PM   #35
AC
Supremacy Member
 
AC's Avatar
 
Join Date: Sep 1999
Posts: 6,253
Jsut wonder, do u think that a local degree is impt when it comes to finding a local job?

Most of fresh IT grad I know, are getting a range $2.5k to $3.1k, For IT diplomas grads, the salary range is supressed to $1.3k to $1.8k.

Even though with lots of IT certs and experience, but no degree, still hard to negotiate for high salary isit?
AC is offline   Reply With Quote
Old 25-01-2006, 06:54 PM   #36
Senior Member
 
csy71's Avatar
 
Join Date: Dec 2000
Posts: 1,829
for pple wif not much experience maybe lah, if u hv work for number of years n e only tin u show pple is just a local uni degree then wat is e value in u?

experience will count more for senior position.
__________________
[SIZE=1]IT = as easy as ABC = idiot technology
www.aces-star-tech.com[/SIZE]
csy71 is offline   Reply With Quote
Old 25-01-2006, 10:03 PM   #37
Master Member
 
Join Date: Dec 2001
Posts: 2,841
Hi to all,

As mentioned in previous threads, I had recently entered the job market. My dilemna is that I had some recruiters reflect to me that my expected salary is too high. I started off as a IT admin in a foreign bank for a year, followed by doing Intrusion detection and response for 3.5 years.

- Security events correlations
- Incident handling
- Vulnerabilities Assessment
- Payload and TCPDump analysis
- Threat/ Impact analysis
- Trend analysis

My current salary is pretty low between 2000-3000. Its my company's pay structure, boh bian.
From a hiring manager's point of view, what should be the expected salary for a similar candidate with CISSP and/or CISA?

And advices
Dude, if you are good, you will get headhunted. No need to bargain with HR like fish market.

Back to your question, put a max of 30% increment for asking pay, make yourself valuable.
Tell the recruiters, you pay peanuts, you get Monkeys <But these days, one peanut cost $600k>.

If you have the skills, just be firm be with your asking pay. Take it or leave it.

Market pretty good now, colleague received many offers in IT field. Good luck to your job hunting!
nitrodrops is offline   Reply With Quote
Old 25-01-2006, 11:28 PM   #38
Banned
 
Join Date: Aug 2000
Posts: 2,099
What you said is of course the optimal situation. But in the end, these HR people when reviewing your resume will look at the expected salary. If not in range, your resume may not get selected for further scrutiny even if your skillsets are solid..

I do intrusion detection and response. Monitoring Firewall and IDS events. Looking out for possible intrusions, DDOS etc. In the mean time , gotta build baselines, filter out false alarms, decide on the severity of the events to warrant further action or not. Analysis of TCP Dump and Payloads and looking out at attack treneds. I like to think my job is pretty niche and not many people in SG can do what I do .

But a lot of HR recruiters are stumped when I tell them what I do. They don't even understand what I do ?? In terms of IT Sec, they only know " You know how to configure Checkpoint/ Watchguard" This I found laughable.. A lot of recruiters/ employers don't even know what they are looking for. The sad thing is HR people are not properly trained. A lot of them come from A levels or diplomas of irrevlevant fields. In ITsec recruitment, they just look for "keywords" , which I feel is appalling

I tend to think I am disadvantaged in the sense that my field in not popular in SG.. A lot of employers are looking at pple who can configure/ deploy security devices. But what's good with Security devices, if no ones monitors the alerts ?? I am not interested in the field of deployment and installation.

In the end, IT Sec in SG is still not mature enough and the skillsets are not properly defined..

beri true,,,,, do not let those HR *******s,,,,,press yr price down.,,,,,
HR pppl r just some cheap stakes....
Xiaosa is offline   Reply With Quote
Old 25-01-2006, 11:53 PM   #39
Supremacy Member
 
roo7's Avatar
 
Join Date: Jan 2000
Posts: 8,996
that's very true... even if you move into a vendor environment, they are just concern with figures. Sell solutions and earn $$. They don't care whether if customer's firewall is configured correctly. They don't care if customer get infected with a worm.. They are more than happy to service those customers.

That's why they see aah Checkpoint certified, Cisco certified. They are more than happy to hire you. You tell them you can analysis the TCP payload for possible exploits. They tell you save the trouble.

You can do things that are more high level compared to designing a security perimeter and implementing it.

Maybe look into risk management ?
__________________
Blog: http://jiehong.org/blog

Seiko Club Forum: http://forums.seikoclubsg.com
roo7 is offline   Reply With Quote
Old 26-01-2006, 12:23 AM   #40
Senior Member
 
csy71's Avatar
 
Join Date: Dec 2000
Posts: 1,829
What you said is of course the optimal situation. But in the end, these HR people when reviewing your resume will look at the expected salary. If not in range, your resume may not get selected for further scrutiny even if your skillsets are solid..

I do intrusion detection and response. Monitoring Firewall and IDS events. Looking out for possible intrusions, DDOS etc. In the mean time , gotta build baselines, filter out false alarms, decide on the severity of the events to warrant further action or not. Analysis of TCP Dump and Payloads and looking out at attack treneds. I like to think my job is pretty niche and not many people in SG can do what I do .

But a lot of HR recruiters are stumped when I tell them what I do. They don't even understand what I do ?? In terms of IT Sec, they only know " You know how to configure Checkpoint/ Watchguard" This I found laughable.. A lot of recruiters/ employers don't even know what they are looking for. The sad thing is HR people are not properly trained. A lot of them come from A levels or diplomas of irrevlevant fields. In ITsec recruitment, they just look for "keywords" , which I feel is appalling

I tend to think I am disadvantaged in the sense that my field in not popular in SG.. A lot of employers are looking at pple who can configure/ deploy security devices. But what's good with Security devices, if no ones monitors the alerts ?? I am not interested in the field of deployment and installation.

In the end, IT Sec in SG is still not mature enough and the skillsets are not properly defined..

u cannot blame these recruiter lah, from wat u explain i will just take u as doing security operation and monitoring, u shall not focus to detail on wat u do when u present to these pple, but seem u mention tat u not interested in e field of deployment n installation, i suppose u noe wat u r looking for, but y u wan to go n apply for role tat u r not interested?

i will not say tat your field if not so popular if u will to noe wat company require tis type of skill set in SG, but maybe in different type of enviroment n nature only. The job market is a supply n demand tin n everytin is biz related @ e end of e day.

if u r really good dun need to bother so much one lah, sooner or later sure hv good offer come to u
__________________
[SIZE=1]IT = as easy as ABC = idiot technology
www.aces-star-tech.com[/SIZE]

Last edited by csy71; 26-01-2006 at 12:32 AM..
csy71 is offline   Reply With Quote
Old 26-01-2006, 12:47 AM   #41
AC
Supremacy Member
 
AC's Avatar
 
Join Date: Sep 1999
Posts: 6,253
.... I like to think my job is pretty niche and not many people in SG can do what I do .
......
That is not entirely true that ur speciality is very unique in SG

I have work with a few vendors before, and there are many whose scope covers yours as well.

Network General, E-COP, Bluecoat, Proventia etc

Just lately, we bought a 40K sniffer solution from Network Generals. Trainings were provided on TCP analysis and packet sniffing.
AC is offline   Reply With Quote
Old 26-01-2006, 12:56 AM   #42
Senior Member
 
Lokimack's Avatar
 
Join Date: Mar 2003
Posts: 858
beri true,,,,, do not let those HR *******s,,,,,press yr price down.,,,,,
HR pppl r just some cheap stakes....
I think that's a sweeping statement to make. HR folks also have their work targets to keep attrition rate down. By saving a bit up front and losing the valued staff later, just dun make sense to a HR professional. Think about the training and mentoring already spent on the staff. Think also about the recruitment cost for replacement and loss of productivity when the staff goes into ROD mood.
Lokimack is offline   Reply With Quote
Old 26-01-2006, 01:48 AM   #43
hj
Senior Member
 
Join Date: Nov 2000
Posts: 881
You may want to get a hold of the SPH CareerGuide 2006.

It has salary surveys in the front section and also has a IT & Telco section which tells you what educational & training requirements companies are looking at for various IT positions.

Saw it in Times Bookshop today at $6.90.
hj is offline   Reply With Quote
Old 26-01-2006, 10:48 AM   #44
Banned
 
Join Date: Aug 2000
Posts: 2,099
Well, Im not saying that I am applying for deployment jobs. Its just that I keep getting calls from agencies asking if I know these skills. Obviously, none of them read my resume thoroughly.

Csy: The sad truth is recruiters don't have a clue what security operations mean?? Their perception of Security ops is again deploying, maintaining and installing FW/IDS

u cannot blame these recruiter lah, from wat u explain i will just take u as doing security operation and monitoring, u shall not focus to detail on wat u do when u present to these pple, but seem u mention tat u not interested in e field of deployment n installation, i suppose u noe wat u r looking for, but y u wan to go n apply for role tat u r not interested?

i will not say tat your field if not so popular if u will to noe wat company require tis type of skill set in SG, but maybe in different type of enviroment n nature only. The job market is a supply n demand tin n everytin is biz related @ e end of e day.

if u r really good dun need to bother so much one lah, sooner or later sure hv good offer come to u
Xiaosa is offline   Reply With Quote
Old 26-01-2006, 10:53 AM   #45
Banned
 
Join Date: Aug 2000
Posts: 2,099
I think these compaines in SG, 10 fingers/ 10 toes can count finish.. Overall, not many people doing it..

That is not entirely true that ur speciality is very unique in SG

I have work with a few vendors before, and there are many whose scope covers yours as well.

Network General, E-COP, Bluecoat, Proventia etc

Just lately, we bought a 40K sniffer solution from Network Generals. Trainings were provided on TCP analysis and packet sniffing.
Xiaosa is offline   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On