Can IT auditors earn salary of Rs 6-10 lakhs?

In the cybersecurity space, IT auditors with upto 3 years of experience can earn as much as Rs 10 lakhs, while those with over 12 years of experience can earn over Rs 30 lakhs, says a report


With cyber threats becoming more frequent and complex with each passing day, it doesn’t come as a surprise that cybersecurity is amongst the most sought-after skills. Employees should look to upskill and specialise in data privacy, cloud security, AI security, network security and other related areas as suggested by a recent report.

What exactly are the cybersecurity skills most in demand?

Networking and system administration, blockchain security, threat intelligence skills, cloud security, intrusion detection, penetration-testing skills, ethical hacking, DevOps skills, risk identification and management, and computer forensics skills appear to be the skills in high demand.

Of course, additional skills including soft skills such as problem-solving abilities, communication skills, team work and collaboration can be greatly advantageous. With artificial intelligence (AI) technologies being relied on to automate various tasks in the cybersecurity domain, professionals in this area are now required to focus on threat analysis, proactive security measures, responses based on AI-generated insights and other strategic tasks.

About 40,000 jobs were available in the cybersecurity domain as on May 2023.

That should not be surprising because most organisations — a good 73 per cent in fact — feel that cybersecurity is extremely important. About seven per cent feel it is not important at all, while about 16 per cent think it is very important and four per cent think it is slightly important. Also, most organisations are of the opinion that targeted cyber attacks are a major security risk.

How much can cybersecurity professionals earn?

Depending on experience levels, the salaries for various cybersecurity professionals will vary.

For instance, IT auditors with up to three years of experience may be paid Rs 6 lakhs to Rs 10 lakhs. For upto five years of experience, their salary can be in the range of Rs 12 to 17 lakhs. For those with five to eight years of experience, the salary can go up to Rs 25 lakhs. More than 12 years of experience means the salary can be over Rs 30 lakhs.

For information security analysts with up to three years of experience, the minimum salary is around Rs 3 lakhs, while the maximum is Rs 6 lakhs. For those with eight to 12 years of experience, the salary is in the range of Rs 17 to 20 lakhs. For those with over 12 years of experience, the salary can be anywhere between Rs 20 to 25 lakhs.

Engineers or specialists can draw upto Rs 6 lakhs if they have upto three years of experience. With over 12 years of experience, their salary will be in the range of Rs 23 to 26 lakhs.

Security managers with three to five years of experience can command Rs 15 to 18 lakhs a year while those with over 12 years of experience can earn in the range of Rs 22 to 25 lakhs.

The role of security testers or penetration testers draws a salary in the range of Rs 3 to 9 lakhs for 0 to 3 years of experience. For over 12 years of experience, the salary is in the range of Rs 23 to 25 lakhs.

Another popular role is that of computer forensics analyst where the minimum salary can be Rs 6 lakhs for those with 0 to 3 years of experience. The maximum salary can go up to Rs 30 lakhs for those with more than 12 years of experience.

In case of cyber or cloud security architects, those with five to eight years of experience can be paid in the range of Rs 30 to 40 lakhs, while those with over 12 years of experience can earn anywhere between Rs 50 to 70 lakhs.

About 12 years of experience is needed to be general manger or director of information security. And this role can draw a salary of at least Rs 40 to Rs 55 lakhs. Vice president – information security or chief information security officers generally come with over 12 years of experience and earn anywhere between Rs 55 to 80 lakhs.

Since cybersecurity is amongst the fastest-developing industries in the information technology space, those with knowledge of the latest trends and tools in the domain are preferred.

When asked about the most important security risk to an organisation, 21 per cent of the respondents of the survey said it was hacking of cloud-based services, while 26 per cent felt it was leakage of personal information. About 11 per cent said third-party security flaws were a security risk, and 42 per cent said targeted cyber attacks were the biggest security risk to an organization.

Why is a career in cybersecurity sought after?

Most employees say it is their interest in new trends that inspired them to pursue a career in cybersecurity. About 18 per cent feel it is a popular career option, while a significant 41 per cent were drawn by new technologies. About 18 per cent admit their passion for problem solving drew them to cybersecurity, while 23 per cent feel it is an area with high growth potential and that is why they were drawn to it.

The cybersecurity space in India is growing rapidly thanks to the increased usage of technology and the growing threat of cyber risks.

However, the shortage of skilled professionals and inadequate knowledge of cyber threats are challenges that need to be overcome. The good news is that the industry is full of potential for innovation and has a lot of prospects,

What are the skills required for a career in cybersecurity?

It is advisable for those looking to make a career in cybersecurity to master Python, HTML, C++, Java, along with coding languages. Several short term courses are available for upskilling, both on online and offline platforms.

Freshers with a bachelor’s degree and at least three years of experience can hope to enter this sphere. Those with a master’s degree and at least one year of experience can also find entry-level jobs. For those who have passed class 12, at least four to seven years of experience is a must, followed by a graduation.

Top institutes such as IIT Delhi, IIT Kanpur and IIT Bangalore offer many certification and executive programmes. MTech or postgraduate programmes are also available from similar institutes.

Most employees are of the opinion that on-the job experience is the best way to enhance cybersecurity skills. About 23 per cent would rely on online courses from universities to acquire the same, while 54 per cent would make do with on-the-job experience, and 23 per cent with professional guidance from experts.

About 16 per cent respondents feel that the most important area of cybersecurity in an organization is cyber insurance, while 37 per cent feel it is firewall and network protection. Only five per cent feel it is antivirus protection, while 52 per cent feel it is IT security training.

A majority of the employees are of the opinion that network security is the mostimportant area of cybersecurity. Five per cent feel penetration testing is important, while 22 per cent feel risk assessment is essential. A significant 68 per cent think network security is most important.

Comment on the Article

Please enter your comment!
Please enter your name here

4 × three =