30% pay rises, big hiring: Singapore cyber security staff cash in

The market for cyber security talent in Singapore banking will be hot next year, powered by a shift to the cloud and the continued trend of remote work. Other factors contributing to sustained demand include an increasing number of digital banks and travel restrictions on talent sourcing, say three recruiters. But banks are finding it hard to hire candidates amid talent shortages, leading to big pay rises.

“We expect more vulnerability, and banks to strengthen their cyber defence across the industry and in various functions such as identity access management and incident management,” says Tan Jin Han, vice president of Selby Jennings Singapore. She adds that while banks are prioritising local talent, there is a skill gap for the mid to senior level roles. 

Quess country manager for Singapore, Vikas Srivastava, says the growth of digital banks and cryptocurrency has put cyber security “at the front and centre of management discussions”.

Adam Davies, Singapore country director at Sanderson-iKas, says ever-changing tech and increasingly sophisticated cyber attacks require banks to keep investing in talent to stay one step ahead. As regulatory frameworks are continuously updated banks “always need to stay on top of things by hiring new staff for key projects”, he adds.

The volume of openings is also a factor, says Davies. “There are loads of new companies – fintechs, tech firms – springing up that need cyber tech talent. Companies with so many of their services online need specialist cyber security professionals to enable their businesses to operate safely.”

Meanwhile, big banks – in particular Citi, Standard Chartered, DBS, OCBC and UOB – continue to hire in cyber security.

Travel restrictions over the past two years have decreased the supply of cyber security professionals in Singapore by 40% compared with pre-pandemic, says Srivastava. A delegate at a recent eFinancialCareers recruiter round table said cyber security experts were among tech professionals regularly able to command pay rises of 30% or more when moving firms.

Cybersecurity experts with 5-8 years on the job can earn S$96k-S$120k, according to the 2022 salary guide from Selby Jennings. Those with 9-15 years can net between S$120k and S$200k, while those with over 15 years’ experience can command annual salaries of over S$210k.

With low unemployment in the IT sector and Singapore’s tendency to rely on foreign talent, the only sustainable solution is to upskill locals, says Srivastava. He cited internal schemes, such as those by OCBC and DBS, to train employees in cyber skills. Then there are upskilling programmes such as the SG Cyber Leaders Programme by the Cyber Security Agency of Singapore, and various cyber security literacy and certification courses offered by the NTUC LearningHub.

Srivastava says authentication management, network security protection and infrastructure protection are key skill areas, while Davies says employers are seeking blockchain security, artificial intelligence and machine learning skills.

Selby Jennings’ Tan says development, security, and operations (DevSecOps) is an up-and-coming role, as more banks’ business functions shift toward automation. She has also observed higher demand for hybrid roles, such as business information security officers (BISOs), and more hiring for “purple teams”, which both test and defend a company’s IT systems to increase security.

Photo by Alberto Rodríguez Santana on Unsplash