HWZ Forums

Login Register FAQ Mark Forums Read

Expected salary of Security Professional

Like Tree8Likes
LinkBack Thread Tools
Old 08-03-2006, 08:49 PM   #61
Join Date: Aug 2000
Posts: 2,099
Looking at higher level security ops or Consultancy positions. Prefer end user positions as opposed to vendor env. Explained in this thread already.. Not really interested in full fledged audit (Big 4). But welcome positions with audit responsibilities (VA, PT, Assurrance, Risk Management etc)..

Just some updates. Been to a couple of interviews for the past 3 weeks. Profile much higher.. But no substantial news.. So I guess no hope liao....

My core job seeks concentrated on Jobsdb, Street, Monster and Saturday's Recruit... Sadly the month of Feb is a pretty dry period. Not much good jobs to apply. Mostly Engineers and administrators.. Hopefully March will be more optimistic with more jobs of a better fit of my current profile...

As mentioned in Malcom Gladwell's "Tipping Point". I guess I must wait for things to tip in my favour.. Now can only apply, wait for interview. Nothing much extra can be done.
Xiaosa is offline   Reply With Quote
Old 08-03-2006, 09:05 PM   #62
Join Date: Aug 2000
Posts: 2,099
Upzz for this thread. Anyone out there will a similar profile ? Will you be open to contract positions. I am pretty apprehensive about 1 year contract.. As around the 8-9 mths, must start "worrying" liao.. I got an agent contact last week about a Sec Ops position with 2 years contract with a major MNC. Doing around the same thing , IDR but a much higher.. (5 yrs exp, with CISSP). Leading to policies and audit responsibilities in a later stage. I gave the agent the green light to send my resume. Still waiting for a reply..

But the point of discussion is .. With cissp/cisa and a substantial amt of relevant exp. Will you be willing to take a contract position in view of your current perm position.. My reason for asking is at the age of 28. At the end of the contract will be at the unfavourable age of 30. At my MBA courses, there were many discussions regarding age and job seekers. It was mentioned 30++ is considered old in view of employers..

Just for the sake of discussion.. If one was offered a similar position (2 years contract). Will you consider taking it.. The talk with the agent set me thinking about all these points. I consdered the following scenarios

1. Take the job and fight for a perm position..
2. Take the job , by 1 year ++ . If nothing much. using the upgraded profile. Seek a better perm position.
3. Perform real hard and hope for a recontract.. (not for me)..

What do u all think... Lets discuss...
Xiaosa is offline   Reply With Quote
Old 08-03-2006, 09:52 PM   #63
Supremacy Member
Join Date: Jan 2004
Posts: 9,018
IMO I will take the job and fight for a perm, however i will still keep a look out for better prospect during the 2 yrs.
cslkelvin is offline   Reply With Quote
Old 09-03-2006, 01:10 AM   #64
Junior Member
Join Date: Dec 2005
Posts: 10
have you tried sending your resumes to HR companies like Hudsons?

based on your exp + qualification you should be earning > 50K/yr (my current salary)
my job experience is similar to yours. the difference is I do not have any qualification.
on top of my security duties. I'm also a firewall/win2003/sql admin
i have reached a flatline in my salary - due to my lack of qualifications.
CISSP/CISA - local companies do not value this certifications, neither do they know the importance. But they insist on security professionals having it. and they pay peanuts.

IMHO anyone with a CISSP + deg. + 3-4 yrs exp in security field should earn > 4.2/mth.
matt1976r is offline   Reply With Quote
Old 09-03-2006, 10:03 PM   #65
Join Date: Aug 2000
Posts: 2,099
Hi Matt.

I did send resumes to HR Coys. But as per mentioned in this thread. Some agencies just "do not have it la". Giving me some really UNDER jobs. Like 2 years, Not even needing CISA or CISSP. So I just have to "humbly" reject. I guess they are too anxious to fill the position and close the deal. They forgot to do proper job matching. See security exp. Then luan luan pom liao.. Forgive the Hokkien..

Well, the reason for the my current expected is mentioned in this thread. My scope is pretty limited. Not versed in system admin stuff or hw configurations.. I guess that's where I Lose out..

Anyway all I can do now is to continue looking . Nothing much else can be done.. Since I have been slogging the past 2.5 years completing my MBA, CISSP and CISA. Took the time to sleep more . Really have a real lack of sleep due to my studies + shift work. Took the effort to catch up on my gym sessions and leisure readings..

Actually If not for the problems with management, I would not have started looking for a job..
Xiaosa is offline   Reply With Quote
Old 15-04-2006, 03:54 PM   #66
Junior Member
Join Date: Jul 2002
Posts: 24
Hi Hi,

I think with CISSP and CISA, do try for Auditor's job or Information Security 's job

pay should be around S$ 3.5-4.5Kor more. dont let HR press u down , furthermore you have MBA with you
sswb is offline   Reply With Quote
Old 18-04-2006, 10:01 PM   #67
Join Date: Aug 2000
Posts: 2,099
meetup with a seemingly very established global recruiter for a chat regarding a position with a IB. Since when did password reset and basic sys admin become change management and logical access control. The story goes like this. Go a call from a ang moh pai recruiter regarding an IB Job. The job desc he sent me stated logical access control etc. I was a bit dubious of the position and further probed the sort of exp, certification the job required. He stated cissp with 3 security exp. Sounded like a good opp rite.. When I went for the meetup. Turned out to be password management (reset)- logical access control, plus ome sys admin (Change mgmt), with some familiarity with security processes. I had problems keeping straight face. Obviously he was "Fishing" for candidates. (Tua Bao xian). I guess learnt a lesson to be careful nex time. Seemed like regardless of local or ang moh recruiter. Non - professional who just too lazy to take the time to do job matching exists
Xiaosa is offline   Reply With Quote
Old 09-05-2006, 10:13 PM   #68
Master Member
Join Date: Feb 2005
Posts: 4,124
Hi all, currently i am taking a part time dip in engineering informatics..althought it engineering but IT consist of 90%. so i am wondering all those course tat been talking here. I am quite interested in Security professional and want to equip those course b4 i graduate but dont have the knowledge of the industry, so how is the road path to the cert....which one shld i take first.

kitaeshi is offline   Reply With Quote
Old 03-06-2006, 02:50 PM   #69
Join Date: Aug 2000
Posts: 2,099
Just some updates. Even though no offer yet. But from April to current, went for a number of interviews. Companies ranged from govt to mncs.. Got interview better then nothing......... Just gotta persist and not give up
Xiaosa is offline   Reply With Quote
Old 08-07-2006, 06:49 PM   #70
Junior Member
Join Date: Jan 2002
Posts: 29
Waiver of experience

Just wanted an opinion of the experience waiver i recently read in isc2.org.

Apparently, now to qualify of the CISSP, you need 4 instead of 3 years of relevant security experience which is a pain.
Like someone mentioned before, these recruiters nowadays are getting ridiculous. You're not even going to get an interview if you haven't got a cert .... & to top it off, you're applying for some unrelated underqualified work. Recently, my firm hired a masters + CCIE + CISSP guy from China to do system admin & logical access changes BAU work, not even project work. Tok about spoiling the market ?

Anyways, i read on the website that isc2.org recognizes Approved Credentials for Experience Waiver. It's a fairly limited list & i was surprised that Certified Ethical Hacking (CEH) from ECCouncil is not inside. Instead i see MCSA/MCSE which is kinda weird in terms of security. Looks like M/S bought their way in again.

What is everyone's thoughts on the it ? Do you think CEH should be included ?
Is there any other governing body that conducts CISSP that is not as strict as isc2.org ?
I'm coming up to 3 years of experience & i planned to sit of the exam this yr but somebody had a bright idea & decided to change the requirements.

xiaoboy is offline   Reply With Quote
Old 08-07-2006, 08:17 PM   #71
Senior Member
Join Date: Jun 2004
Posts: 691
CEH is a joke. A certified hacker? lol
You can grab any security in the library or the bookstore, read them, understand them is better that going for what CEH.
endure one more year, then go for the exam. If isc2.org not strict with CISSP requirement, then its value will drop..
good luck
ghostdog is offline   Reply With Quote
Old 08-07-2006, 10:44 PM   #72
Supremacy Member
Join Date: Jan 2000
Posts: 5,687
isnt it true that u can register n pass the exam without satisfying the experience requirements? Just that u will become an associate rather than a true CISSP.

Someone clarify this?
rAcEr is offline   Reply With Quote
Old 09-07-2006, 07:14 PM   #73
Join Date: Sep 2003
Posts: 1,529
yes, is true. Waiver of experience only fr 2yrs if u hav either a 4yr deg or ISec Master + those approved certifications listed in isc2 website.
rhul is offline   Reply With Quote
Old 26-07-2006, 02:28 PM   #74
Supremacy Member
bakasa2002's Avatar
Join Date: Jul 2006
Posts: 6,249
cissp is 4 yrs info sec experience right? confuse with cisa which is 5 yrs?
bakasa2002 is offline   Reply With Quote
Old 26-07-2006, 04:46 PM   #75
Join Date: Sep 2003
Posts: 1,529
2 yrs info sec exp can liao if u got the papers needed. to be more specific on the exp, ask isc2. exp may not necessary mean info sec alone, it can be others but somehow involve info sec work oso can.
rhul is offline   Reply With Quote
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.

Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On