Outside of the entry-level market, it's not all gloom and doom for 2012; in fact, Brennan and colleague Steve Walker, who is co-author of Security Careers and a partner in compensation consulting and research firm Foushee Group Inc., actually see compensation on the rise for high-level corporate security executives, and they are predicting a similar rise in 2012. Here are some interesting numbers from the 2011 Security & Compliance Compensation Survey performed by the Foushee Group:
- When comparing all surveyed positions base salaries in the 2011 Survey to the 2010 Survey, the total weighted average market movement for all positions base salaries increased 2.4%.
- When comparing all surveyed positions total cash compensation (base plus cash bonus paid) in the 2011 Survey to the 2010 Survey, the total weighted average market movement for all positions total cash compensation increased 5.6%.
- When comparing the Chief Security Officers (CSO) base salaries in the 2011 Survey to the 2010 Survey, the total weighted average market movement for the Chief Security Officers base salaries increased 3.4% and total cash compensation increased 10.4%.
- When comparing the Top Security Executive Domestic, base salaries in the 2011 Survey to the 2010 Survey, the total weighted average market movement for the Top Security Executive Domestic base salaries increased 3.3% and cash compensation increased 12.0%.
"It is my belief that companies are putting more pay at risk, such as a defined bonus plan, and allowing more positions within the company to become eligible, as opposed to building into base pay and increasing the company's annual financial liability," Walker says. "We see this trend continuing, simply based on the fact that if the bonus plan is designed appropriately, the company is not as risk of higher costs unless revenue or some other financial and personal performance measurement is met by both the company and employee. If the company does not meet or exceed its financial goals, or the employee does not meet personal performance goals, or a combination of both, then the bonus is not paid."
So, what is the key characteristic for a security executive looking to advance or get a raise? According to Jeff Snyder, president of securityrecruiter.com, the most important thing a security executive can do for advancement is contribute to the business' bottom line – that means understanding the business and the risk landscape – and being able to communicate with the C-level executives in the organization.
"Companies are asking me for business people," Snyder says. "When a company calls me (looking for a recruit), they are looking for someone who has 5-10 years business experience at least, and they frequently ask for an MBA — not necessarily for a CPP.
"Those who want to advance need to do some remedial work on their communications skills," Snyder continues. "You can't do it all with a bucket of just technical skills — security has evolved and the people who get the good jobs are enterprise risk management experts, not technology experts."