How to hire an information security officer

Information security officer hiring summary. Here are some key points about hiring information security officers in the United States:

There are a total of 11,669 information security officers in the US, and there are currently 145,907 job openings in this field.
The median cost to hire an information security officer is $1,633.
Small businesses spend $1,105 per information security officer on training each year, while large companies spend $658.
It takes between 36 and 42 days to fill the average role in the US.
It takes approximately 12 weeks for a new employee to reach full productivity levels.
HR departments typically allocate 15% of their budget towards recruitment efforts.
Washington, DC, has the highest demand for information security officers, with 14 job openings.

How to hire an information security officer, step by step

To hire an information security officer, you should clearly understand the skills and experience you are looking for in a candidate, and allocate a budget for the position. You will also need to post and promote the job opening to reach potential candidates. Here's a step-by-step guide on how to hire an information security officer:

Here's a step-by-step information security officer hiring guide:

Step 1: Identify your hiring needs
Step 2: Create an ideal candidate profile
Step 3: Make a budget
Step 4: Write an information security officer job description
Step 5: Post your job
Step 6: Interview candidates
Step 7: Send a job offer and onboard your new information security officer
Step 8: Go through the hiring process checklist

What does an information security officer do?

Information security officers are responsible for planning and implementing policies to safeguard an organization's computer network and data from different types of security breaches. Their duties typically include identifying computer network vulnerabilities, developing and executing a plan to secure and protect the network, and tracking computer network usage to ensure adherence to security policies. In addition, information security officers are also expected to conduct penetration tests to look for flaws and work closely with the IT and management departments to improve security.

Learn more about the specifics of what an information security officer does

Post an information security officer job for free, promote it for a fee

Identify your hiring needs

Before you post your information security officer job, you should take the time to determine what type of worker your business needs. While certain jobs definitely require a full-time employee, it's sometimes better to find an information security officer for hire on a part-time basis or as a contractor.

Determine employee vs contractor status

Is the person you're thinking of hiring a US citizen or green card holder?

Hiring the perfect information security officer also involves considering the ideal background you'd like them to have. Depending on what industry or field they have experience in, they'll bring different skills to the job. It's also important to consider what levels of seniority and education the job requires and what kind of salary such a candidate would likely demand.

The following list breaks down different types of information security officers and their corresponding salaries.

Type of Information Security Officer	Description	Hourly rate
Information Security Officer	Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases.	$45-91
Securities Consultant	A securities consultant is responsible for maintaining the safety and security of the company's premises, including enforcing protection for all the employees and company assets. Securities consultants also handle the confidentiality and stability of data network systems to prevent potential breaches and unauthorized access to information... Show more	$34-55
Securities Analyst	Securities analysts, also known as financial analysts, are responsible for collecting and interpreting data on securities, economies, corporate strategies, and financial markets. They provide clients with recommendations on investments based on in-depth research... Show more	$28-56

Create an ideal candidate profile
Common skills:
- Risk Management
- Risk Assessments
- Incident Response
- Infrastructure
- Governance
- ISO
- Architecture
- HIPAA
- Windows
- Security Incidents
- Vulnerability Testing
- Security Management
- Cloud Security
- Security Awareness
Check all skills
Responsibilities:
- Lead vulnerability scanning and penetration testing for PCI-DSS compliance.
- Manage client relationships in conjunction with moving production environment to AWS.
- Manage all printers, switches, routers, and data archiving.
- Manage and ensure all AIS systems are operated in accordance with applicable DoD directives.
- Avoid fines and penalties by achieving and maintaining PCI, HIPAA, and SOX compliance.
- Engage to design and implement an enterprise-wide information security program to achieve SOX and HIPPA compliance.
More information security officer duties

Make a budget

Including a salary range in your information security officer job description is a great way to entice the best and brightest candidates. An information security officer salary can vary based on several factors:

Location. For example, information security officers' average salary in indiana is 36% less than in california.
Seniority. Entry-level information security officers earn 50% less than senior-level information security officers.
Certifications. An information security officer with a few certifications under their belt will likely demand a higher salary.
Company. Working for a prestigious company or an exciting start-up can make a huge difference in an information security officer's salary.

Average information security officer salary

$135,040yearly

$64.92 hourly rate

Entry-level information security officer salary

$95,000 yearly salary

Updated December 17, 2025

Average information security officer salary by state

Rank	State	Avg. salary	Hourly rate
1	California	$172,609	$83
2	New Jersey	$151,383	$73
3	District of Columbia	$148,267	$71
4	Massachusetts	$142,221	$68
5	New York	$133,874	$64
6	Washington	$132,987	$64
7	Arizona	$131,922	$63
8	Virginia	$129,377	$62
9	Texas	$125,963	$61
10	Maryland	$125,630	$60
11	Pennsylvania	$121,951	$59
12	Illinois	$121,154	$58
13	Georgia	$120,451	$58
14	Colorado	$118,541	$57
15	New Mexico	$116,736	$56
16	Ohio	$116,551	$56
17	Iowa	$115,725	$56
18	Florida	$115,681	$56
19	North Carolina	$110,344	$53
20	South Carolina	$107,114	$52

Average information security officer salary by company

Rank	Company	Average salary	Hourly rate	Job openings
1	Twilio	$160,173	$77.01	2
2	Apptio	$158,921	$76.40
3	Bain & Company	$156,651	$75.31
4	Erlanger Health System	$152,840	$73.48	5
5	Cohen & Steers	$150,695	$72.45
6	Pacific Investment Management Company LLC	$149,149	$71.71
7	CBS Sports Network	$149,064	$71.67
8	Dayton Physicians Network	$148,428	$71.36
9	Salesforce	$146,759	$70.56	27
10	Bridgewater Associates	$145,298	$69.85	1
11	Essentia Health	$144,742	$69.59	16
12	BitPay	$144,702	$69.57
13	Sony Pictures	$143,199	$68.85	6
14	PNMAC Holdings, Inc.	$142,579	$68.55	12
15	Citi	$142,504	$68.51	56
16	Vista Equity Partners	$142,378	$68.45
17	Metrolink	$141,501	$68.03
18	Koch Industries	$141,174	$67.87	2
19	BNY Mellon	$140,388	$67.49	19
20	MUFG EMEA	$140,368	$67.48

Writing an information security officer job description
An information security officer job description should include a summary of the role, required skills, and a list of responsibilities. It's also good to include a salary range and the first name of the hiring manager. To help get you started, here's an example of an information security officer job description:
Information security officer job description example
- United States Citizenship
- Willingness to be onsite (up to 2 days per week); exceptions will be considered.
- Possession of and the ability to maintain a minimum of a Department of Defense (DoD) Secret Level Security Clearance
- Demonstrated, recent, and relevant experience working with senior government managers of IA issues
- Excellent communication skills demonstrating an ability to communicate on both a technical and project management level
- Experience preparing formal written technical content for the development, implementation, and management of projects
- The ability to attend multiple scheduled meetings on a regular basis
- The ability to multi-task and balance multiple goals and priorities.
- A strong work ethic and commitment to quality
- The ability to express ideas clearly and diplomatically
- The ability to work efficiently and proactively without constant supervision
Education/Experience:
- 10+ years' progressive experience as an Information Assurance Technician/Manager
- Bachelor's degree in Science, Technology, Engineering, or Mathematics is preferred, but experience may be substituted for degree
- Certified IAM III and/or IAT III, with recent and relevant DoD experience in IA preferred
What is Atlas, you ask?

Atlas is a fast-growing information technology services company servicing a range of DoD customers. Our core values directly contribute to our success and growth. Atlas enjoys success by combining nimble management, a top-notch technical team, and unequaled customer service. We are extremely passionate about our platform, as well as our relationships among our team and with our customers.

Life at Atlas

Our focus can be summed up succinctly – To create a positive impact for our clients, community, and country, we integrate reliable, intuitive IT solutions for the warfighter.

Atlas offers you:

Growth potential and ability to lead change

Company leadership that believes in learning, teaching, passion, and flexibility

Challenging, motivating, and fun work environment

Company culture that is guided by our core values

Agile product management methodologies with minimal process overhead
Post your job
To find the right information security officer for your business, consider trying out a few different recruiting strategies:
- Consider internal talent. One of the most important sources of talent for any company is its existing workforce.
- Ask for referrals. Reach out to friends, family members, and current employees and ask if they know or have worked with information security officers they would recommend.
- Recruit at local colleges. Attend job fairs at local colleges to recruit information security officers who meet your education requirements.
- Social media platforms. LinkedIn, Facebook and Twitter now have more than 3.5 billion users, and you can use social media to reach potential job candidates.
Post your job online:
- Post your information security officer job on Zippia to find and recruit information security officer candidates who meet your exact specifications.
- Use field-specific websites such as dice, engineering.com, stack overflow, it job pro.
- Post a job on free websites.
Interview candidates
During your first interview to recruit information security officers, engage with candidates to learn about their interest in the role and experience in the field. During the following interview, you'll be able to go into more detail about the company, the position, and the responsibilities.
Remember to include a few questions that allow candidates to expand on their strengths in their own words. Asking about their unique skills might reveal things you'd miss otherwise. At this point, good candidates can move on to the technical interview.
Sometimes, it's not enough to interview information security officer candidates, so you can ask them to do a test project. If you are not a technical person and don't know what a test project should be, you can use these websites:
- TestDome
- CodeSignal
- Testlify
- BarRaiser
- Coderbyte
The right interview questions can help you assess a candidate's hard skills, behavioral intelligence, and soft skills.
Send a job offer and onboard your new information security officer
Once you have selected a candidate for the information security officer position, it is time to create an offer letter. In addition to salary, the offer letter should include details about benefits and perks that are available to the employee. Ensuring your offer is competitive is vital, as qualified candidates may be considering other job opportunities. The candidate may wish to negotiate the terms of the offer, and it is important to be open to discussion and reach a mutually beneficial agreement. After the offer has been accepted, it is a good idea to formalize the agreement with a contract.
You should also follow up with applicants who don't get the job with an email letting them know that you've filled the position.
To prepare for the new employee's start date, you can create an onboarding schedule and complete any necessary paperwork, such as employee action forms and onboarding documents like I-9 forms, benefits enrollment, and federal and state tax forms. Human Resources should also ensure that a new employee file is created.
Go through the hiring process checklist
- Determine employee type (full-time, part-time, contractor, etc.)
- Submit a job requisition form to the HR department
- Define job responsibilities and requirements
- Establish budget and timeline
- Determine hiring decision makers for the role
- Write job description
- Post job on job boards, company website, etc.
- Promote the job internally
- Process applications through applicant tracking system
- Review resumes and cover letters
- Shortlist candidates for screening
- Hold phone/virtual interview screening with first round of candidates
- Conduct in-person interviews with top candidates from first round
- Score candidates based on weighted criteria (e.g., experience, education, background, cultural fit, skill set, etc.)
- Conduct background checks on top candidates
- Check references of top candidates
- Consult with HR and hiring decision makers on job offer specifics
- Extend offer to top candidate(s)
- Receive formal job offer acceptance and signed employment contract
- Inform other candidates that the position has been filled
- Set and communicate onboarding schedule to new hire(s)
- Complete new hire paperwork (i9, benefits enrollment, tax forms, etc.)
Sign up to download full list

How much does it cost to hire an information security officer?

There are different types of costs for hiring information security officers. One-time cost per hire for the recruitment process. Ongoing costs include employee salary, training, onboarding, benefits, insurance, and equipment. It is essential to consider all of these costs when evaluating hiring a new information security officer employee.

You can expect to pay around $135,040 per year for an information security officer, as this is the median yearly salary nationally. This can vary depending on what state or city you're hiring in. If you're hiring for contract work or on a per-project basis, hourly rates for information security officers in the US typically range between $45 and $91 an hour.

Find better information security officers in less time

Post a job on Zippia and hire the best from over 7 million monthly job seekers.

Hiring information security officers FAQs

How much does a good information security officer cost?

What are the duties of an information security officer?

Should I hire an information security officer with no experience?

Search for information security officer jobs

Ready to start hiring?

Zippia Careers
Computer and Mathematical Industry
Information Security Officer
How to hire an Information Security Officer

Updated December 17, 2025

Browse computer and mathematical jobs

How to hire an information security officer