Wednesday, September 07, 2005
2005 SALARY SURVEY
Good News for Application Developers…
 Overall, there is a cautious optimism about new and ongoing opportunities in IT which may translate into increased compensation. "The market is starting to heat up again," says an IT executive with a southeastern government agency. "The highest demand is for Web developers with some mainframe knowledge to know how to link the two up." |
The IT job market has been strengthening over the past year, but many organizations have been aggressively cost cutting, keeping their IT departments lean and mean, according to a new salary survey of 1,170 enterprise IT sites conducted by Enterprise Systems [Editor’s note: ADT and Enterprise Systems are owned by 101communications].
Among seven key IT staff positions covering responsibilities for applications and systems, four saw increases in average base salaries over the past year while three suffered downturns. The worst positions to suffer, and slowest to recover from the downturn earlier in the decade, are systems related jobs.
“In the past two years, the size of our IT staff has dropped from 150 to 95, leaving a user-to-staff ratio of 158-to-1,” laments one respondent, a manager with a government agency based in the Midwest. “Salary increases for this year barely top at 1.5 percent. The most sought-after skill is the ability to do everything with nothing.”
Application development and administration jobs, on the other hand, saw raises in recent years.
There are some other bright spots driving the latest salary increases for developers and administrators, according to survey respondents. “We are giving good raises to our employees—Microsoft certifications are drawing the best compensation,” says a manager with an IT development firm based in the Southeast. Another survey participant, a manager with a telecom development firm, speculates “security is going to be a big boom in the next few years.” He also identifies “larger-scale management of network services and capabilities for VoIP, video conferencing and more” as a career and salary growth area for IT professionals.
APPLICATION DEVELOPMENT MANAGERS
With all the hype and excitement around SOA and Web services, these should be heady times for application development managers. However, accelerated development may be tempered by outsourcing as well as IT budgets that continue to be tight. AD manager salaries have plateaued in recent years, and bonuses have slipped. AD managers—who plan, direct and control all day-to-day application development functions—are earning base salaries of about $86,500, roughly a 1-percent dip from last year’s survey.
AD managers are projected to earn bonuses of about $6,900, down slightly from last year.
Typical AD managers in the survey will see salary growth up to 24 percent throughout their careers. Salaries range between $74,000 at entry level to $98,400 for more than two decades of experience.
AD manager salaries are strongest within the high-tech and software sector, averaging $102,000. Financial services follow at $98,300, and AD managers in the services sector follow at $93,000.
Executives leading development for business-to-consumer systems average about $98,000, giving them the highest pay. Those overseeing development in organizations supporting supply chain management systems average about $93,200, which is also higher than average.
APPLICATION PROGRAMMERS
This is a good year for application programmers. Those who write and text code saw the largest jump in salaries across the IT staff positions covered in the survey for the second year in a row, and now average about $56,500—a rise of 6.6 percent over last year’s survey. Average base salaries for this position have risen by almost 15 percent since the beginning of the decade.
Bonuses have been healthy for application programmers too. Programmers are seeing bonuses averaging $2,665, up 11 percent over last year. However, app programmers have yet to recapture the bonuses they saw at the beginning of the decade.
Because many programmer jobs tend to be entry level, these salaries are the lowest in the survey, and long-term career and salary growth in this category is limited. App programmers who have remained in these positions for 10 years or more make about 37 percent more than their entry-level counterparts. The typical programmer in the survey has about six years of industry experience.
Programmers in mainframe and Unix shops make the most, topping $59,000 a year in base salary. By development language environment, programmers in CICS and COBOL shops fare best, drawing average salaries of almost $62,000 for CICS-based development and $59,000 for COBOL.
Companies deploying and managing supply chain management and business-to-consumer systems have the most generous compensation for programmers, paying annual base salaries of about $61,000 and $60,000, respectively. ERP skills also command close to $60,000 in base compensation for application programmers. “Rates are staying down but opportunities are picking up,” says one respondent, a manager with a southeastern IT service company. “ERP programmer skills are in high demand and in somewhat low supply.”
Application programming salaries are strongest within the high-tech and manufacturing sectors, averaging about $67,000 and $61,000, respectively.
SYSTEM PROGRAMMERS
Systems programmers are having the toughest year in terms of salary and bonuses. Overall, salaries for this category slipped from last year’s survey. Systems programmers—workers supporting the corporate infrastructure and networks—are earning base salaries of about $67,150, down almost 5 percent from $70,400 since last year’s survey. Salaries for this position have remained relatively stagnant since the survey first covered this position in 2002.
Systems programmers project they will earn bonuses of nearly $2,665, lower than last year. Typical systems programmers in the survey may see tremendous salary growth throughout their careers, however. Salaries range between $49,000 at entry level to $77,000 for more than a decade of experience.
Mainframe skills continue to be a strong suit for systems programmers, who earn an average of $71,100, outpacing their Unix counterparts by about $2,000. By development language environment, systems programmers in CICS and COBOLshops fare best, drawing average salaries of $72,100 and $70,200, respectively.
By application area, systems programmers in ERP shops receive the highest base compensation, averaging $68,700 in annual base compensation. Those in business-to-business shops follow with $68,000. Systems programmer salaries are strongest within the retail and distribution sector, averaging $81,200 annually.
PROGRAMMER/ANALYSTS
Application programmer/analysts—who develop applications and environments—saw modest salary growth since last year’s survey, rising about 2 percent, an average of $63,800 to $65,200. Over the long term, P/As have seen their compensation climb by 13 percent since the beginning of the decade. P/As expect to earn bonuses of about $3,400 this year—about the same as last year, but substantially higher than earlier in the decade.
The typical P/A in the survey has about six years of experience. Long-term salary growth prospects appear solid for professionals remaining in these positions. P/As with 10 or more years of experience make 26 percent more than their less-seasoned counterparts. An entry-level P/A can expect to make an average of $57,500 a year, a figure that climbs to almost $73,000 for those with 10 or more years of experience.
P/As working in companies with e-business initiatives under way saw the highest payoffs. Those with companies with business-to-consumer implementations earn average base salaries of $66,700, while employees at business-to- business sites make $66,100.
By development language environment, programmer/analysts in CICS shops fare best with average salaries of $67,100, followed by those with C/C++ shops, with average salaries of $66,000.
P/A salaries are strongest within the healthcare sector, averaging $74,000 in annual base compensation. P/As in the high-tech and software sectors follow with $70,800, and those in the financial services sector receive $68,500.
SYSTEMS ANALYSTS
App systems analysts working in mainframe and Unix shops earn the highest salaries for this position. Overall, however, systems analysts—who typically work with corporate management, end users and clients to plan and design systems—saw no growth in annual base salaries over the past year.
Currently, these IT professionals earn about $67,900, down slightly from $70,900 in last year’s survey. This is nearly 3 percent higher than average salaries in the first survey of this series, conducted in 2001. Although average annual bonuses for system analysts are the highest of the IT line positions measured in this survey, bonuses have fallen by more than 2 percent from last year (bonuses are down more than 4 percent from the beginning of the decade). System analysts look to earn $4,100 on top of their base salaries for this year.
The typical systems analyst in the survey has about nine years of industry experience. On average, system analysts with 10 or more years of experience make up to 39 percent more than their less experienced or entry-level counterparts. Systems analysts working with enterprise resource planning infrastructures fare best with $70,700 in annual pay. Salaries are strong at ERP sites across the positions covered in the survey. “Implementation of our new ERP is driving our salaries these days,” says an IT manager with a Midwest-based retailer.
Unlike last year, salaries at ERP sites are higher than business-to-business implementation sites. The survey reveals salaries at ERP sites average $69,700.
By operating system environment, systems analysts in Unix shops fare best, drawing an average salary of $69,100. However, this is only about 2 percent above the overall average. Those systems analysts working in Linux shops (distributed systems only) saw the lowest compensation, averaging just over $65,000 a year.
System analyst salaries are strongest within the services sector, averaging about $75,000, followed by retail and distribution and high-tech and software, both at $73,000.
Chart: Programmer/Analyst, System Analyst Salaries
Chart: Applications Programmer, Systems Programmer Salaries
Chart: Application Development Manager Salaries, Regional IT Salaries, IT Salaries by Industry, IT Salaries by Company Size
source:http://www.adtmag.com/print.asp?id=11708
Money motive drove virus suspects
The arrest of two men suspected of being behind the Zotob virus has give a rare insight into the lifestyle and motivations of criminal hackers.
On 25 August Farid Essebar was arrested in Morocco and Atilla Ekici was detained by police in Turkey following an international investigation into the Zotob outbreak earlier in the month.
More than 100 companies, including the Financial Times, ABCNews and CNN, were hit by the Zotob Windows 2000 worm.
For many one of the oddities of the case was the fact that one of the alleged virus writers was based in Morocco.
Although Turkey has long been a hotspot for virus writers that specialise in making malicious programs that take over PCs and turn them into so-called zombie machines, Morocco is a real surprise.
"It's the first time I've heard of any activity coming from there," said Mikko Hypponen, chief research officer at Finnish security firm F-Secure.
Significantly, said Mr Hypponen, Mr Essebar was originally from Russia where much malicious code is generated and many hi-tech crime groups operate.
According to anti-virus firm Sophos, the Zotob worm is a variant of the Mytob virus which had plugged in to it exploit code written by a Russian hacker called houseofdabus.
Exploit code produced by houseofdabus was also used by German teenager Sven Jaschan to create the Sasser worm which struck on 1 May 2004.
Code farm
Pete Simpson from mail-filtering firm Clearswift doubted that the pair were technically skilled because they used code snippets generated by others to make the variants.
| | A CHAT WITH DIABL0 [DiablO] that worm spread only for money [Taylor] you should think about joining the other side of this...lots of fun fighting hackers...the thrill is even better [DiablO] we dont care if user removed worm [Taylor] oh, ok...that malware...toolbar thing!! i understand now [DiablO] :) [Taylor] so, do you get paid for the 'click'? [DiablO] no [Taylor] how you make money then? i am confused...curious [DiablO] it low setting of ie [DiablO] ratio of install is 1:1 [DiablO] :) [Taylor] but you get paid for someone visiting a site [Taylor] that is a good ratio |
"There was a lot of source code around for Mytob which produced a lot of variations," said Mr Simpson.
It is not just the how of the Zotob worm that anti-virus firms have a handle on, they also know why malicious hackers do it: money.
"This has changed who is our enemy," said Mr Hypponen. "We used to be fighting kids and teenagers writing viruses just for kicks."
Despite the change in motive, about 50% of all viruses still contain the names of hackers or the groups that are supposedly behind viruses.
"Now most of the big outbreaks are professional operations," he said. "They are done in an organised manner from start to finish."
Money was reportedly one motive for Mr Essebar who was allegedly paid by Mr Ekici to put the Zotob worm together.
Money talks
What the pair were probably taken aback by was the response that the worm generated.
Few virus writers now want to hit the front pages, said Mr Hypponen, most prefer to have their creations sneak under the radar, rack up a few thousand unwitting victims who are then milked for money or saleable data.
It appears that Mr Essebar was intending to make money several different ways from the people caught out by the Mytob and Zotob viruses he is alleged to have created.
Almost by accident David Taylor, a senior information security specialist at the University of Pennsylvania struck up an online conversation with a malicious hacker that went by the name of Diabl0.
When he had compromised a dummy computer with the malicious e-mail he noticed that the machine contacted an IRC chat server making him suspect that it was about to be turned into a zombie.
Once he had extracted the name of the chat server and the channel from the captured network traffic he logged in to try and spot if other university machines had fallen victim.
Mr Taylor noticed someone else in the channel and after a couple of tries had a short conversation with the administrator who went by the name Diabl0.
Although there is no direct evidence that this Diabl0 is the person arrested, Mr Taylor said whoever he talked to connected from a computer based in Morocco.
Mr Taylor has passed all the information he gathered to the FBI.
During the chat, Diabl0 revealed that the Mytob worm had a very sneaky purpose. One of its intentions was to lower security settings on Microsoft's Internet Explorer browser so certain pop-up adverts would not be blocked.
Diabl0 said he would be paid by the pop-up ad makers for every user hit. Even if the compromised users managed to remove the virus, bragged Diabl0, the settings would likely go unchanged and the stream of unwanted adverts would continue.
Every time an ad was sent to a user, Diabl0 would get credited with a click. With Zotob being one of the worst outbreaks of 2005, Diabl0 could have expected a bumper payday.
