Penetration Testing mailing list archives

Re: Contract Rates??

From: ChromeSilver <chromesilver () gmx net>
Date: Sat, 03 Oct 2009 00:52:10 +0200


Hi all,

I have to agree on that's ridiculous low payment. I actually work for at
 least 100EUR/h, 'special skillz needed' may easily double the rate. I'd
 suggest telling those head hunters to go fishing elsewhere.

Regards,
ChromeSilver

Jon Kibler schrieb:

All,

Question: Is the market for SENIOR security architects and and penetration
testers fully saturated or is there a lot of unemployed senior level security
consultants?

The reason I ask, is, I am being inundated by head hunters and job shops looking
for senior level security consultants (10-15+ years of experience) at rates of
$35 to $45 per hour for architects and $25 to $35 per hour for penetration
testers. From the job descriptions, expected knowledge and skills, these appear
to really be senior level consulting contracts.

These rates seem to be absurdly low. In perspective, I was making $40/hr in the
early 1980s. One of my colleagues with only 5 years of experience, who works
full time for a software house, echoed my sentiments, "Dude, I was making more
than that while still in grad school in 2003 doing pen testing on the side!"

A year ago, both pen tester and architect contract rates were in the $75 to $150
per hour range, and some pen tester rates were even higher. Can anyone explain
what is going on here?

The one observation I will add is that most of the low rates seem to be coming
from either off-shore companies, or the on-shore face of an off-shore company.
Are they simply bidding on and winning a bunch of contracts by low-balling the
rate, and then struggling to find people to staff the jobs?

I would really like to get some other perspective on what is going on here.

Finally, I will add that there are still organizations looking for contractors
at reasonable rates, but they seem to have become a small minority.

TIA for all feedback!

Jon


==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.




------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Contract Rates?? Jon Kibler (Oct 02)
- Re: Contract Rates?? Robert Portvliet (Oct 04)
- Re: Contract Rates?? ChromeSilver (Oct 04)
- Re: Contract Rates?? Chris Brenton (Oct 04)
- Re: Contract Rates?? Eric Milam (Oct 04)
- Re: Contract Rates?? Richard Lee (Oct 04)
  - Re: Contract Rates?? Paul Melson (Oct 05)
- Re: Contract Rates?? craig . wilson (Oct 04)
  - Re: Contract Rates?? Terry M (Oct 05)
- Re: Contract Rates?? Stephen Mullins (Oct 05)
- Re: Contract Rates?? Ivan . (Oct 09)