Richard D. Stiennon wrote:
> I often build a case for Security Management and use salary figures from
> $45K to $90K for a Security Engineer. The type of person I have in mind is
> a UNIX guru, has extensive PC experience and has 2 to 3 years of firewall
The firewalls background and Unix experience seems very important, but I'm not
sure how extensive one's PC experience needs to be to be relevant here, unless
you're also including some reponsibility to evaluate networks and/or
architectures that are inclusive of PCs.
> Does anyone have any thoughts on these salary ranges?
These sound appropriate. I would expect that in the $45k-65k, you'll be looking
at very skilled Unix admins, who have understanding of security issues, etc.,
Beyond that, depending on where you are, etc., you'll be getting into more than
just Unix gurus, but someone who understands the guts of lots of your
applications, too, not just your OSes, and someone who is familiar with what's
going on in research, and hopefully be able to use that knowledge to help you
better accomplish your objectives, security or otherwise.
This has drifted (probably starting with my post :-) beyond the question of the
cost of maintaining Firewall-1 specifically, but it's probably appropriate,
since, regardless of what any of the trade rags or marketing drones say, if you
don't have an expert at the helm of your firewall, you are in a very bad
C Matthew Curtin Chief Hacker
Fahlgren, Inc. 655 Metro Pl S, Ste 700, Box 7159 Dublin OH 43017-7159
http://www.local.com/~cmcurtin/ cmcurtin @
com PGP Mail Preferred