Private companies are starting to hire security staff again, following the downturn in 2009 that saw both a large-scale job loss and a similarly large drop in pay rates.
According to the 2010 market report from Barclay Simpson Associates Ltd., a London-based recruitment agency with a strong involvement in the security market, private sector companies have begun recruiting for many of the vacancies that they were prevented from filling last year because of the recession.
Much of the new activity is in the financial-services sector, said Mark Ampleford, who heads the information security practice at Barclay Simpson. "The banking sector was the worst hit in 2009, and it is therefore the one with the most vacancies now. So the banks are now leading demand again, and some are looking to fill multiple roles," he said.
The big management consultancies, which shed many staff members last year and put many more on reduced hours, are taking a more cautious approach, Ampleford said, although he expects them to begin recruiting for infosec jobs in greater numbers later in the year. Some of that caution may be a result of the predicted cuts in public spending which could hit large IT projects.
Contractors are still finding work, but they now have to accept much lower rates than they would have expected in 2007. "Pay rates have dropped by as much as £200 a day for some contractors," Ampleford said. "Those that have adjusted and taken account of the fall in demand are mainly in work."
CLAS consultants -- those listed under the CESG Listed Adviser Scheme, enabling them to work on sensitive government and defence projects -- are in demand for permanent posts provided they have the relevant experience, Ampleford said, but these freelance consultants also have to accept lower rates.
He added that many consultants had achieved CLAS accreditation in 2009, primarily to avoid the downturn in the private sector, but he said they are still struggling to get work because many do not have relevant experience in the public sector.
In the banking sector, Ampleford said, a lot of the new roles are geared toward reporting on standards, compliance and writing policies. "There is a lot of post-merger work going on to overhaul policies. Policy writers and those who understand standards are in demand. During the recovery stage, the banks look very different from when they started the downturn. Information security policies are having to be upgraded and amended."
Some staff members are also being recruited to undertake third-party assurance -- checking that business partners comply with regulations, especially the Payment Card Industry Data Security Standard (PCI DSS).
"I'm optimistic about the year ahead. We have some interesting projects and more coming up. I think it will be a very good year for recruitment," Ampleford said. " I think the private sector has recovered well enough to soak up the effects from any cuts in public sector funding; January has been very good."