Covid-19 turned the world of work on its ear and forced many companies to create remote workforces and operate from cloud-based platforms. This swift shift to WFH (work from home) also opened the door to many information and privacy breaches. Cybersecurity departments have had their work cut out for them; according to research by Varonis: 

• In the first half of 2020, 36 billion records were exposed during data breaches with smaller organizations (1-250 employees) being targeted most frequently
• Data breaches cost enterprises an average of $3.92M and remote work has increased the average cost of a data breach by $137,000 

While economies and tech sectors peak and valley regularly, based on our research and work placing cybersecurity professionals, we expect this war-for-cybersecurity-talent to continue into the indefinite future. Our research shows that an estimated 3.5 million cybersecurity jobs will be available but unfilled in 2021 and the worldwide information security market is forecasted to reach $170.4 billion in 2022.

We’ve been engaged in an increasing number of targeted search assignments within the cybersecurity space over the last two years. This has allowed us to meet and speak with a large cross-section of candidates across North America.

Over this time, four things have become clear: 

• Covid-19 made a talent shortage issue even more pressing 
• It’s a candidate’s market
• Both software vendors and service providers are struggling to attract and hire top talent
• Experience in cybersecurity is going to cost you 

What Does This Mean for Product Hires?

Software vendors and service providers need to get competitive, be in a position of readiness, and be prepared to pay if they want to land Product talent with cybersecurity experience. 

Software Vendors:

• This community of candidates is often highly technical. Even a senior-level product candidate can speak to the subject matter with detail about the underlying technology that makes their software secure.
• Product talent who are also market-facing and engaging with prospects or customers are the most sought after and command the highest salaries.
• Our research has shown us that the base salaries of Senior Product Managers who work for a cybersecurity software company expect a base salary range that starts at $180K.
• The highest-paid candidates are in the Bay area where the salary for these roles start at $200K with many candidates earning closer to a $250K base. 
• The next community in that top tier of salaries are cybersecurity Product Managers who work on software sold specifically to the US federal government. 

Service Providers: 

• These candidates are often market-facing Product Managers who take a “solution” approach. 
• The service provider Product Manager is identifying opportunities to partner and create programs or bundled offerings.
• While this profile of product talent is also launching products into the market, they do so from a partnership perspective.
• They are highly engaging, have great communication skills, and seek to build bridges and relationships.
• Often with an MBA, they may or may not have an engineering degree.
• These candidates may have at one time worked for a SOC or in-house. They may also come from a consulting firm or a telco.
• Their path into product is broader and their salaries too are broader.
• The salary range of individual contributor product talent coming from a service provider can range from $120K base - $150K base. In some cases, the salaries can be higher, but what determines that is the volume of business the service provider generates and the level of career experience the talent has.

If you have realized your passive website posting is not attracting the cybersecurity subject matter expert your Product Management team requires, our team of experts can help. 

Looking for more information on cybersecurity salaries? See our latest Salary Insights from a Strategic Services Consultant search.