Sign in Subscribe
5 min read Career

Why Global Companies Should Pay Global Salaries

Let's talk about something that feels a little... off.

Security Certification Roadmap - https://pauljerimy.com/security-certification-roadmap/

Imagine this:
You spent years developing/building up your skills and profile. You may even earn a fundamental-level certifications such as CompTIA Security+, or go all-in to obtain advanced certifications offered by ISC2, ISACA, Offensive Security, SANS GIAC, and similar organizations.

These certifications aren't cheap! Most of them cost hundreds and even thousands of dollars because they come from organizations based in the US, priced in USD. Now, throw in cert renewals, week-long training sessions, and exam retakes for a couple of failed attempts. It adds up. Not just in money, but also in time, effort, and usually a lot of stress.

So when a global company comes knocking, you'd expect that your hard-earned credentials would be valued at a global standard, right?

The Local Salary Trap

Here's the issue: a lot of global companies tend to offer local salaries based purely on the cost of living in the candidate's country, region, or location. At first glance, it seemed reasonable, but dig a little deeper and you will see the unfairness.

You are being asked by the company to meet the global standards/requirements. The job description probably highlights internationally-recognized certifications, around-the-clock availability (common in the cybersecurity space), and familiarity with branded tools. Now comes the salary negotiation. Suddenly, they focus on your country's salary market rate after they validated that you met the global expectations.

Not only was it inconsistent, but it was also unfair.

Look at the job ad shown above, you will notice this company emphasize the requirement of certs like Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM). These certs demand years of experience, extensive study, and money (CISSP costs $749 whereas CISM costs $760).

Skills and Credentials are Global, So Why Isn't the Pay?

The Internet didn't just flatten communication, it also broadened the job market/landscape. If you're working remotely and provides the same quality of work as someone living in the US or UK or first world countries, then your location shouldn't be the main consideration in determining your salary. The quality of your work doesn't change with your IP address.

In fact, a cybersecurity professional in a developing country often has to work harder and exert more effort to stand out against hundreds of job applicants. They're jumping through the same hoops, sometimes with fewer resources and less support. They're spending/investing USD on certifications while earning a weaker currency.

Let's be blunt. It is frustrating when two employees, both working for the same global company, holding the same title, and doing the exact same responsibilities, yet paid drastically different amounts.

In a global company, say one employee is based in a North American country and the other one is in a Southeast Asian country, the employee based in North America is likely to earn three times more than their counterpart in the Southeast Asia. Not because they’re more qualified, not because they’re doing more work, but solely because of where they happen to live. And yes, that’s the workplace standard many companies have followed for decades. But in a globally connected world, it appears significantly outdated.

It fosters a sense of being undervalued. It sends a message, however unintended, that the company values some people more than others for reasons that have nothing to do with capabilities.

Okay, What About Cost of Living?

It is fair to acknowledge that companies often argue for localized pay using cost of living (COL) logic. The idea is that a salary which is considered low in the US might actually go a long way in, say, the Philippines or India.

Sure, that’s true to an extent. But let me offer a different take:

  • COL doesn't reduce the skill required
    Just because someone lives in a region with a lower COL doesn’t mean their job is any easier or their expertise any less valuable. Configuring a SIEM, performing malware analysis, or conducting large-scale pentests require the same technical depth, precision, and experience regardless of location.
  • Work is standardized, not localized
    Employees are held to the same standards: investing the same time, effort, and resources. Talented cybersecurity professionals in low-COL countries now have global options, where pay reflects output, not geography. Underpaying them based on location risks losing skilled talent. In a global workforce, compensation should match contribution not coordinates.
  • COL doesn’t reduce the credentials expected
    Employers expect both of their new hires and tenured employees to hold certifications like CISSP, CISM, OSCP regardless of their location. The cost of these certifications doesn't vary by region, and neither do the standards for being considered 'qualified', so the pay shouldn't either.

Ultimately, if you're expecting global-grade outcomes, you should offer global-grade compensation. COL might affect how people spend their income, but it shouldn’t decide how much their work is worth.

What Employers Can Do

Of course, companies must do their due diligence: verifying credentials, giving real-world tasks and structured assessments, and performing background checks.

But once a candidate has proven they meet the required standard and qualifications, the mindset should shift from "what's the cost of living based on candidate's location?" to "what's the global market rate for the candidate's skillset?"

If you’re hiring someone to defend your digital assets, do incident response, or handle pentesting things that directly impact your business risk and compliance posture, then the pay should reflect those responsibilities and not the country they're sitting in.

If you truly want top-tier talent, especially in fields like cybersecurity where the skill gap and talent scarcity is already huge, then consider:

  • Global Market Benchmarking
    Use tools like https://www.levels.fyi/ (Get Paid, Not Played) or industry reports to set baselines based on role, not region.
  • Transparent Pay Bands
    Share how you calculate compensation. It builds trust.
  • Location-Independent Role Structuring
    If the role is remote, pay for the work, not the location.
  • Skill Assessments
    Make your own fair judgments. Let candidates prove their worth with technical tasks or trial projects.
  • Credential Weighting
    If you're asking for expensive certifications, factor that into compensation.
  • Tax Consideration
    Factor in the complexity of international taxes. Offering gross pay without understanding net impact can unintentionally penalize the employee.
  • Competitive Benefits
    Match or adapt benefits packages to be globally equitable, even if delivered differently based on region.

A Thought on Fairness

Nathan Barry, founder of ConvertKit, once said:

"If we fail, everyone was paid fairly along the way. If we are a modest success, team members build wealth. If we hit our moonshot goals everyone wins in a huge way & we still control our destiny."

Source: https://x.com/nathanbarry/status/1528374609011060738

Final Thoughts

It’s not just about money. It’s about fairness, consistency, and respecting the global nature of modern work. Paying someone less because they happen to live in a different part of the world, even though they meet the same standards as someone in a high-income country, just doesn’t sit right anymore.

Global companies should start thinking and paying like truly global companies.

💡
Cal.com has a section in their blog post about global salaries and how "The future of work is async and nomadic-compatible".

Published by:

motoh4ck3r

Member discussion