That's because companies view network security as a cost center, rather than a profit center, so they want to spend as little on it as possible. Being a network security specialist is a "reactionary" job - you do everything you can to make the network safe (on the usually meager budget you've given to do so), and then wait for ... something ... to happen, after which you'll be implicityly if not outright blamerd for it. You can also look forward to carrying a pager, possibly 24/7. In order to do the job well you'd probably need a skillset that intersects knowledge of IT, networking and programming. You could be a programmer, which is a profit center for software companies, which means you'd probably be treated and paid better, and not locked into IT, which is a dead end at many companies who see IT as something they begrudgingly have to pay for.
Still, network security sounds sexy, and it probably pays better than mainstream IT - I'm surprised they're having that much trouble finding people to do it.
I also can't help wondering if the world's black hats would pay better for someone with the skillset. After all, for them, network security is a profit center.