Salary and compensation can be valuable tools for employee retention and satisfaction, but aside from polling peers and colleagues on their salaries, it can be difficult to know, “What’s the average salary of a chief security officer?”
The Foushée Group, a compensation research company, has produced the Security & Compliance Compensation Survey annually for the last 21 years. The survey is designed to provide accurate and timely compensation information on 78 security and compliance positions to companies that seek to market price their positions to the national market.
The survey is sent to human resources (HR) professionals who review the provided job descriptions and match their jobs to the survey position descriptions. All data reported is aligned with the Department of Justice safe harbor guidelines for reporting compensation information. No individual company data is identifiable; the data is reported in weighted averages, median, percentile distributions and other pertinent data. Participating companies range in revenue, from under $500 million to over $250 billion.
Compensation surveys are a snapshot in time, reflecting the data at the effective date of the information. For the 2022 survey, it’s important to keep in mind that the Foushée Group requested data at the end of January 2022.
Looking back at the state of the country at the beginning of 2022, there were significant challenges. Inflation was creeping up and accelerating to heights not seen since the 1970s. Employees were still working from home, and companies were formulating policies to determine whether to let employees continue to work from home or come back to the office.
Many employed people decided not to return to work, and the “Great Resignation” gained steam. Merit increases were significantly higher than at any other time since the 80s, averaging 5% or more. Bonuses were being calculated and paid for 2021 performance, and long-term incentives were also calculated for the calendar year 2021. As such, the 2022 Security & Compliance Compensation Survey reflects a challenging time for companies and their employees that is not yet fully vetted as of today.
Security magazine asked the Foushée Group to provide some trend data from the 2017 survey and compare data points to the 2022 survey for the same jobs. All data points (weighted average and aggregate) included base salary, total compensation (base plus bonus) and annual long-term incentive target. Five jobs from the survey are highlighted here:
- Top Global Security Executive (Chief Security Officer)
- Director, Computer, Network & Information Security
- Manager, Corporate Investigations
- Senior Regional Manager, Domestic Security
- Manager, Protective Forces, Armed
Top global security executive (Chief Security Officer)
When comparing reported data from the 2017 survey to the 2022 survey, the Chief Security Officer (CSO) position’s base pay weighted average in the aggregate increased by 3.3% over the reporting period to $348,153 annually.
Base salary plus bonus increased by 10.4% to $489,966 annually. Bonuses are pay-at-risk and tend to vary based on company goals, profitability and employee performance and recognize company and employee performance for the past year.
Most CSO positions are eligible for a long-term incentive (LTI), usually paid in company stock over a set number of years, typically a rolling plan of three to five years. The LTI annual target increased by 47% over the reporting period to $209,460 annually.
In this comparison, companies have awarded a moderate base pay increase for the CSO and significantly increased pay-at-risk, including LTI, focusing the executive on long-term company goals with the possibility of a significantly greater upside in LTI compensation spread over the number of years in the plan.
Director, Computer, Network & Information Security
Comparing data from the 2017 survey to the 2022 survey, the Director, Computer, Network & Information Security base pay weighted average in the aggregate increased by approximately 1.5% to $204,073 annually.
Base salary plus bonus increased by 3% to $245,593, while, for those positions eligible for LTI, the target increased by 10.4% to $57,781.
Information, network and cybersecurity continue to significantly impact company operations, and it is likely these positions will continue to be in short supply and high demand. Compensation for these positions is expected to increase at a higher-than-normal rate well into the future.
Manager, Corporate Investigations
Comparing data from the 2017 survey to the 2022 survey, the Manager, Corporate Investigations position’s base pay weighted average in the aggregate increased by approximately 11.6% to $157,599 annually.
Base salary plus bonus increased by 14.5% to $185,383, while, for those positions eligible for LTI, the target increased by 39.4% to $25,841 when comparing the 2017 survey numbers to the 2022 reported numbers.
Senior Regional Manager, Domestic Security
When comparing data from the 2017 survey to the 2022 survey, the Senior Regional Manager, Domestic Security position’s base pay weighted average in the aggregate increased by approximately 16.5% to $187,365 annually.
Base salary plus bonus increased significantly by 20% to $225,825, while for those positions eligible for LTI, the target increased significantly by 68.6% to $44,295. This position manages an organization’s largest geographic/profit regions’ security function reflected by the company’s operations in a particular area.
Manager, Protective Forces, Armed
The Manager, Protective Forces, Armed base pay weighted average in the aggregate when comparing data from the 2017 survey to the 2022 survey increased by 6.4% to $127,376 annually. Base salary plus bonus increased by 9.2% to $143,826, while most of those surveyed reported the positions ineligible for an LTI Grant.
Based on the data reported during the reporting period of 2017 compared to 2022, many security positions have increased base pay, bonus and long-term incentives as companies try to maintain a competitive market position.
Historical and current market compensation trends show that many companies are shifting to “pay-at-risk,” offering the employee significant upside potential with bonus and LTI programs. These programs are designed to align the employees to company and personal goals, while maintaining competitive base pay. Pay-at-risk is very attractive to employers because the company can keep fixed costs, such as base pay, manageable while incentivizing employees to align with company and personal goals.
As with last year’s trend, many companies are allowing their employees to work from home, which can present significant challenges to traditional models of pay delivery. Some companies have implemented a hybrid work schedule, where an employee comes into the office a certain number of days per week and works remotely for a portion of the week. There are more and more employees resigning, retiring or pursuing personal goals not driven by corporate employment, shrinking the talent pool in some areas.
Many factors influence the reporting numbers of this data, such as company participation, market timing, the company’s ability to pay, compensation philosophy and the value of the position to the company.
Security leaders are wise to participate in a compensation survey typically housed in their HR group. The first question leaders should ask human resources is, “Are my jobs market priced annually, and if not, why not?” In today’s market, a company that does not have mechanisms to gauge position value in this competitive human capital market may find it difficult to attract and retain excellent talent and maintain its competitive position.