British government mocked for advertising head of cyber role with £57K salary

With cybersecurity talent in high demand, information security professionals can have an easy time landing a comfortable salary. But a job advertisement for the new head of cybersecurity at His Majesty’s Treasury (HM Treasury) in Britain has provoked derision because of its stated pay of £57,000 (about $70,000) per year.

The job listing — for a role leading a team of two cyber analysts “protecting HM Treasury from a wide range of cyber and technical threats” — has provoked hundreds of critical tweets in recent days.

Although the roles are not direct comparisons, an infosec supervisor position is currently being advertised at the U.S. Department of the Treasury with a salary of up to $183,000 (£147,000) per year.

If you left a job as Head of Cyber Security for HM Treasury in London to manage a car wash in Alabama you would nearly double your income https://t.co/kw1qAdcxZ6 pic.twitter.com/KCmVse7fPt

— Peter Donaghy (@peterdonaghy) March 30, 2023

A spokesperson for HM Treasury told The Record: “Pay must be affordable and fair so that it delivers value for the taxpayer while recognising the importance of talent.

“The wider remuneration package for this role contains a generous public sector pension entitlement, a substantial potential allowance and access to other benefits.”

They added that the Treasury was one of the government's smaller departments with a smaller IT estate, and that the pay grading for the role was in line with similar government roles.

The British government has published a ‘Government Security Profession career framework’ which ranks the “Head of Cyber Security” job as a Grade 6 or Grade 7 role, the latter of which the civil service describes as one filled by a candidate who is “expected to know all there is to know about their policy area, and to know all the key players, pressure groups and so on.”

The spokesperson for HM Treasury said that the role carried a potential IT allowance that could bump up the pay by an additional £10,000, and said that the public sector on average offered a better remuneration package, including a more generous pension.

Joe Honey, a talent manager at the U.K.-based security company Searchlight Cyber, said: “The salary for this role matches neither the job title nor the listed responsibilities for the role, and is between £50-70k per year light of what an experienced candidate would expect.

“For example, an experienced SOC Analyst, with no management or leadership experience, is likely to be earning £40-60k or more, which demonstrates how much this role is in need of a review,” added Honey.