As has been the trend, 2014 will usher in new U.S. government regulations, particularly surrounding compliance. Changes to existing acts, along with several new ones, will require certain types of data to be properly obtained, managed, and, most importantly, secured. With this influx of amended and new rules to follow, paired with the ever-present challenges organizations across all industries face to stay in front of threats to sensitive information, there is also an expected increase in the need for information assurance and security program management professionals.
What it takes
Subject matter expertise in the area of information security, including a minimum of 10 years of experience planning and executing successful information security strategies, programs, and processes in a highly-sophisticated environment, is required. Strong abilities to balance information security standards with their practical impact on the organization, as well as to lead and influence to develop broad commitment, are also necessary. In addition, these individuals are expected to have hands-on experience, working with and implementing ITIL and ISO 27001 standards, as well as with NISPOM protocols. Bachelor's degree, ideally in information security or information systems, along with a CISSP certification, is typically a must-have, and master's degree in an information security-related field is strongly preferred.
Information assurance/information security manager/program manager roles start around $98K. Director-level positions can pay up to $150 to $160K range. Depending on several factors, such as the industry or sector, the compensation for senior directors can exceed $200K to start.