Information Security Specialist's Annual Salary Disclosure!!!

Hello, I'm security defender PR.
Many companies in Korea need information protection specialists.
Just search the job site as 'Information Protection' and you'll see how many information protection professionals companies need.

About 10,000 people are working as information protection experts in Korea, but the reality is that they are still lacking a lot.

So, what is the most curious annual salary?

First of all, the annual salary varies depending on the work and experience of the information security document, and the starting salary is lower, but the higher the experience, the higher the JUMP system.

As far as I know, the head of the security department at a large domestic company was responsible for security/network design and prevention of infringement.
I know that the annual salary is about 70 million won as of 2018.
I think it's not much or little average. Those who work for game companies or financial companies earn more than 100 million won per year from 7.000 million won.

For those of you who are dreaming of becoming an information security expert and wondering what you're doing, I'm going to start posting to help a little bit.

 

The starting salary standard is a security control specialist, ranging from the minimum wage (24.21 million won as of 2019) to 30 million won.
Prepare 4 years of college graduation, IT related department, information processing technician certificate, related portfolio etc.

※ Document screening → Practitioner interview → Manager interview

You will enter the company after negotiating the annual salary by applying the salary rules of the company that is joining the course.

What is the dictionary definition of 'expert'?
a person who has considerable knowledge and experience in a field by studying or engaging in it.

 

What is Information Security Literature?
A job that analyzes security vulnerabilities and designs optimal security systems to solve security problems through mock hacking tests, etc.

 

It means that you need to have a good knowledge of security and be able to solve your security problems to increase your salary.

I will explain the security professional's work by dividing it into offense and defense.
If you go into more detail, there are also attackers and defenders in the group of information security experts.
I'm close to the defense.
If you look at the professions in the Defender Army, there are security controls, security consulting, security solution developers, security solution engineers, security management operations, forensics, virus analysis, etc.
Attackers include simulated hacking of white hackers, Computer Emergency Response Team (CERT), vulnerability diagnosis, cyber investigation, and secure coding.
I'm a security officer, starting with → CERT → Security Consulting → Security officer in charge of security.

 

[Security control]
Major tasks: Detect and analyze various invasive attempts or hacking attempts in real time through monitoring, detection, and analysis, and report the results.
▶ Annual leave: 1st to 3rd year
▶ Annual salary: 24 million won~
▶ Personal opinion: When an attack event occurs, it requires quick judgment and quick hands, sends the history of the attack to CERT after blocking the IP of each attack, informs the person in charge of the analysis, and applies the security policy while a large number of attacks occur or is distracted by working 24 hours a day, which can cause human error. Even if I'm good at it nine times, if I make a mistake, I have to be called here and there and fix it.

[CERT]
Major tasks: collecting attack logs, analyzing intrusion attempts, security solutions and server vulnerability measures (creating new security policies or patching operations), recommending follow-up measures, and reporting results
▶ Annual leave: 4th to 5th year
▶ Annual salary: 35 million won~
▶ Personal opinion: It is necessary to analyze patterns by type of attack and to prevent attacks and prepare future measures through optimal security policy application. You need to analyze exactly why the attacker attempted the attack and what damage it caused. Healthy eye and health care are important as a labor-management task that requires analyzing server logs, firewalls, IPS, WAF, and SIEM large amounts of logs.

[Security Consulting]
Major tasks: Analyzing the risks of a company, presenting countermeasures, and presenting a diagnosis/design plan through the analysis of security/network architecture.
▶ Annual leave: 5th to 8th year
▶ Annual salary: 55 million won~
▶ Personal Opinion: Accurately diagnoses risk factors and provides solutions or solutions that fit customer needs and budgets to help sales representatives connect with revenue.

[Security officer]
Major tasks: IT security managers across the enterprise, who are responsible for and manage IT security-related tasks, including governance, security strategy, business continuity planning/management, security risk management, and security incident response.
▶ Annual leave: 8 years or more
▶ Annual salary: 60 million won~

 

Conclusion

Not everyone gets the same salary depending on the size and career of the company.
In fact, there are many seniors from financial companies and game companies who have an average of 70 million won to 100 million won for information protection professionals with 10 years of experience.
Think of it as learning work for one to two years, and when it's about three years, it's most important to know your aptitude and choose what you can do well while enjoying it.
Salary is important, but money comes only when the organization recognizes and likes it.