The Foushée Security & Compliance Compensation Survey has been produced annually for the last 24 years by the Foushée Group. In 2024, ScottMadden, Inc., a management consulting firm that has been in business since 1983, purchased the survey and produced the 2024 and 2025 Security & Compliance surveys. In 2025, ScottMadden added 12 position titles to the survey, including GSOC and Intelligence Analyst positions, bringing the number of positions in the survey to 90.

ScottMadden, with a thriving survey and benchmarking business dating back more than 25 years, serves clients across North America and globally. ScottMadden regularly consults with clients regarding their security functions and practices and has deep expertise in human resources, among many other areas.

The survey is designed to provide accurate and timely compensation benchmarks on 90 security and compliance positions to companies seeking to market price their positions to the national market. Survey input is not based on self-reporting; rather, the survey questionnaire is sent to human resources and compensation professionals who review the job descriptions and match their company jobs to the survey position descriptions. All data reported is aligned with the antitrust guidelines for reporting compensation information. No individual company data is identifiable; the data is reported in aggregate weighted averages, medians, percentile distributions, and other pertinent data. Participating companies range in annual revenue from less than $500 million to more than $250 billion.

Compensation surveys typically survey the market at a defined point in time, reflecting the effective date of the information. For the 2025 survey, participants were instructed to submit data with an effective date of February 1, 2025. This means that all the company data submitted was accurate as of February 1, 2025, and the data has not been trended to reflect the current date of this article.

Entering 2025, the economic landscape reflects a cautious transition toward stability. Inflation has moderated from its prior peaks, and monetary policy has eased slightly, though organizations continue to navigate cost discipline and profitability pressures. Labor markets remain uneven - many industries are streamlining through restructuring, while others, particularly those dependent on digital infrastructure and regulated operations, are competing vigorously for specialized security and compliance talent. Merit increases have generally plateaued, averaging just under four percent, as employers balance retention imperatives with margin constraints. However, compensation for security and risk management roles continues to outpace the general labor market, underscoring both the critical nature of these functions and the persistent scarcity of qualified professionals.

The security labor market has become increasingly differentiated. Compensation levels are now heavily influenced by technical depth, sector specialization, and proficiency with emerging technologies such as artificial intelligence, cloud security, and data governance. Organizations are offering premium pay for roles tied to data protection, threat intelligence, and AI security assurance - positions that have grown sharply in demand as digital ecosystems expand and attack surfaces multiply. The competitive market for these roles has led to a rise in variable compensation opportunities, long-term incentive eligibility, and differentiated total rewards strategies aimed at retaining top talent.

At the same time, organizations are reevaluating their workforce structures and skill pipelines to manage persistent capacity gaps. The convergence of cybersecurity, compliance, and data privacy responsibilities has created cross-functional expectations for many professionals, elevating the importance of strategic and analytical skill sets. Remote and hybrid work models have further expanded the available talent pool, but they have also intensified pay competition across geographies as employers recruit nationally and globally for high-demand expertise.

From a market perspective, security compensation in 2025 reflects more than pay growth - it signals the strategic repositioning of the function itself. Security has evolved from an operational safeguard to a business enabler, integral to digital transformation, regulatory compliance, and enterprise resilience. The resulting compensation dynamics mirror this elevation: pay structures increasingly reward business acumen, adaptability, and the ability to manage complex digital ecosystems alongside technical mastery. As organizations confront rising cyber risks and the growing economic cost of data compromise, investment in human capital - particularly in advanced security roles - remains one of the most visible indicators of corporate commitment to long-term stability and trust.

Cybersecurity remains a critical and evolving challenge for security organizations in maintaining a robust, secure information technology environment.

Security magazine has again asked ScottMadden to provide trend data from the 2020 to 2025 surveys, highlighting five jobs:

• Top Global Security Executive (Chief Security Officer)
• Director, Computer, Network & Information Security
• Manager Corporate Investigations
• Senior Regional Manager Domestic Security
• Manager, Protective Forces Armed

ScottMadden analyzed data from 2020 and 2025 and all data points (weighted average, aggregate), including base salary, total compensation (base plus bonus), and annual long-term incentive target.

Top Global Security Executive (Chief Security Officer)

When comparing reported data from the 2020 survey to the 2025 survey, the CSO positions' base pay weighted average in the aggregate increasedby 6.9% over the reporting period to $364,826 annually. Base salary plus bonus decreased by 2.9% to $473,309 annually. Bonuses are pay at risk and tend to vary based on company goals, profitability, and employee performance, and are designed to recognize company and employee performance for the past year. Most CSO positions are eligible for a Long-Term Incentive (LTI), usually paid in company stock over a set number of years, typically a rolling plan of three to five years. The LTI annual target increased significantly by 38.7% over the reporting period to $426,028 annually. In this comparison, companies have awarded a fairly moderate base pay increase for the CSO and significantly increased pay at risk, or LTI, focusing the executive on long-term company goals with the possibility of a significantly greater upside spread across future years. The CSO’s skillset has increased significantly — cybersecurity, global operations, threat management, crisis management, and talent acquisition have all become critical skills required for the top job.

Director, Computer, Network and Information Security

Cybersecurity remains a critical and evolving challenge for security organizations in maintaining a robust, secure information technology environment. The information security role must provide cloud security, network monitoring, third-party security, and threat response to name a few objectives. Providing a secure environment is one of the most challenging objectives for the company and information security specialists. Comparing data from the 2020 survey to the 2025 survey, the Director, Computer, Network & Information Security base pay weighted average in the aggregate increased by approximately 12.4% to $245,944 annually. Base salary plus bonus increased by 10.2% to $287,833. For those positions eligible for LTI, the target increased by 60.5% to $99,825. Information, network, and cybersecurity continue to have a significant impact on company operations and risk, and these positions will continue to be in short supply and high demand. Position requirements are constantly changing due to expanding technological complexities and increased global threats to companies’ infrastructure and business operations. Compensation for these positions continues to increase at a higher-than-normal market rate, and that trend is expected to continue into the future.

Manager Corporate Investigations

Comparing data from the 2020 survey to the 2025 survey, the Manager Corporate Investigations' base pay weighted average in the aggregate increased by approximately 21.7% to $179,211 annually. Base salary plus bonus increased by 24.0% to $205,835. For those positions eligible for LTI, the target decreasedby 32.0% to $22,413 when comparing the 2020 survey numbers to the 2025 reported numbers. Of the positions highlighted in this article, this is the only one showing a decreasing trend with the target LTI. The corporate investigations team serves as a specialized security operations unit responsible for conducting sophisticated internal investigations. This group’s critical mandate encompasses addressing complex organizational risks, including potential corporate espionage, fraud, asset protection, ethical compliance, and highly sensitive investigative matters.

Many factors influence the reporting numbers, such as company participation, market timing, the company’s ability to pay, compensation philosophy, and value of the position to the company.

Senior Regional Manager Domestic Security

The Senior Regional Manager Domestic Security base pay weighted average in the aggregate increased by approximately 18.7% to $209,238 annually. Base salary plus bonus increased by 9.2% to $245,049, while those positions eligible for LTI had targets that increased significantly by 58.3% to $59,409. This position manages the organization’s largest geographic security function, reflected by the company’s operations in a particular area. The position must manage and implement the company’s security posture at the regional level as it pertains to the company's manufacturing, data center, offices, or any company-related facility. Security domains — including data, human resources, cybersecurity, threat intelligence, crisis management, incident response, and physical security — must be strategically integrated and aligned with regional operational requirements.

Manager, Protective Forces Armed

The Manager, Protective Forces Armed base pay weighted average in the aggregate increased 10.9% to $141,163 from 2020 to 2025. Base salary plus bonus increased by 10.3% to $154,183, while most of those surveyed reported the positions were ineligible for LTI. Some of the challenges for this position are increasing technology integration, threat assessment and emergency response protocols, and global operation center technology.

Based on the data reported from 2020 to 2025, many security positions have increased base pay, bonuses, and LTIs as companies try to maintain a competitive market position. While market conditions changed over the reporting period, current market compensation trends show that many companies continue to emphasize “pay at risk,” offering the employee significant upside potential with bonus and LTI programs.

Many factors influence the reporting numbers, such as company participation, market timing, the company’s ability to pay, compensation philosophy, and value of the position to the company. Security leaders are wise to participate in a compensation survey typically managed by their human resources group. Questions leadership should ask human resources are “are my jobs market priced annually?” and if not, why? In today’s market, a company that does not have mechanisms to gauge position value in this competitive human capital market may find it difficult to attract and retain excellent talent and maintain its competitive position.

The ScottMadden Foushée Security & Compliance Survey

The survey solicits data and the competitive practices of 90 management, professional, and technical positions in the security and compliance field. Current security and compliance job families include:

The survey launches each year in early February, with participant data due back the first week in April. The results of the survey are published in June.

ScottMadden also conducts and publishes annually an Environmental, Health, & Safety compensation survey, currently in the 39th edition, with 119 position titles.

If you would like further information about participating in or purchasing the survey, please email foushee@scottmadden.com or visit the website at www.fousheesurvey.com.