IANS Research and Artico Search collaborated on a research study that offers first-hand information into employment data such as work expectations, compensation and retention. The study collected responses from more than 560 cybersecurity staff members, all belonging to various industries in the United States and Canada.

The survey found that 42% of respondents perform roles that cross several cybersecurity domains. Observed role combinations include architecture and engineering, product security and application security.  

  • 74% of application security staff are involved with product security, while 67% contribute to identity and access management (IAM).
  • 63% of product security members are included in IAM work.
  • 37% of governance, risk and compliance workers take on architecture and engineering responsibilities. 25% are involved in application security.

The report also details key insights regarding security staff compensation and how it is influenced by experience and gender.

  • Workers with a minimum of 12 years of experience may earn up to 22% more than the baseline.
  • Security staff with less than three years of experience may earn up to 40% less than the baseline.
  • A 7% gendered pay gap exists, increasing with experience. Women with 12 or more years of work experience may have a pay gap in the double digits. 

Another key insight from the report involves retention rates. The survey found that the opportunity for career advancement and a culture of support and appreciation were most strongly linked to higher retention rates.