Companies often look for a range of skills, including malware, threat mitigation, cryptography, and forensics, as well as industry-specific knowledge, cloud and mobile security, advanced analytics, and network virtualization. That’s a lot to ask of any single expert. Add to that list the soft skills needed to do the job (communication, management, reporting, etc.), and you might as well be searching for the Loch Ness Monster.
The shortage of these positions has caused their salaries to skyrocket. So even if you do find this elusive Nessie, it’ll cost you. Adding up the cost of salary, benefits and overhead, and training to make sure your new security expert is up to speed, you’ll see it’s quite an investment for a very specific skill set.