Cybersecurity Salary: How Much You Can Earn as a Cybersecurity Analyst?

This cybersecurity salary guide will help you find out how much cybersecurity professionals earn. Learn about the factors that affect cybersecurity salary.

Cybersecurity Salary

Ever dream of hunting crime as a detective or solving cryptograms for a living? Cybersecurity may be your golden ticket.

As proven by a recent CNN article entitled “Wanted: Millions of cybersecurity pros. Salary: Whatever you want,” cybersecurity salaries are on the rise for a couple of reasons: 

One, there are 3.1 million unfilled positions globally, leading to a huge skills shortage. Companies can afford to pay a top wage for cybersecurity talent.

Second, cyber attacks are expensive, so preventing and stopping them offers enticing ROI. In 2020, governments, universities, and corporations spent hundreds of millions of dollars on ransomware attack payouts. When you include data breaches, email phishing, and malware, the estimated recovery and downtime costs reach a whopping $18.9 billion

Let’s explore how much you can earn in this lucrative career field. 

Average Cybersecurity Salary

It’s hard to calculate an average annual salary for cybersecurity professionals because there’s such a variety of roles and responsibilities. 

Cybersecurity Jobs

Source: Cyberseek

According to Cynet, employers pay more for the experience than for fancy degrees. Payscale ranks the median annual salary of a cybersecurity analyst as follows:

  • Entry level (<1 year of experience): $63k
  • Early career (1-4 years of experience): $72k
  • Mid-career (5-9 years of experience): $88k
  • Late career (10-19 years of experience): $102k
  • Experienced (20+ years of experience): $114k

But salaries can range from $56,000 for IT support analysts to over $420,000 for Chief Information Security Officers, with companies willing to pay a premium for engineering and managerial skills.

Top 5 Highest Paid Cybersecurity Jobs

For those looking for six-figure salaries, here are a few job titles that can put you ahead of the curve:

1. Cybersecurity Engineer/Network Security Engineer

Cybersecurity engineers build network systems that protect organizations from hackers, cyberattacks, and other threats. They often need to troubleshoot problems, run vulnerability tests, conduct computer systems design, respond to security breaches, and collaborate with other departments. 

Qualifications: Knowledge of technical languages and skills like C++, Java, Node, Python, Ruby, Go, or Power Shell is paramount to an engineering career path. You can often achieve this knowledge base through a bachelor’s degree or master’s degree in computer science or through self-study via online courses and bootcamps. Cybersecurity engineers should also be skilled in networking (encryption, VoIP, DNS, VPN, routing, etc.), database platforms, and operating systems. 

Median Salary (Talent.com): $131,942

2. Cybersecurity Architect

Cybersecurity architects are the brains and designers behind complex IT networks. They need an in-depth understanding of the company’s technology and systems, in order to conduct vulnerability and penetration testing, research security standards, define requirements, estimate costs, and approve the installation of new physical or digital infrastructure (public key infrastructure, firewalls, local area networks/LANS, virtual private networks / VPNs, etc.). 

Qualifications: Most people start out as a security administrator, cybersecurity specialist/technician, system administrator, or network administrator before becoming a security architect. Given that a cybersecurity architect is a more senior role, many organizations prefer candidates to possess at least 5-10 years of IT experience. Certifications, like Certified Information Systems Security Professional (CISSP), Project Management Professional (PMP), and Certified Information System Auditor (CISA) can help you stand out. Given the cross-functional nature of architectural work, you also need business skills and knowledge of frameworks such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

Median Salary (ZipRecruiter): $146,768 

3. Penetration Tester

Branded as “ethical hackers,” penetration testers detect system vulnerabilities open for exploitation by outsiders through rigorous testing procedures. They often work on top-secret, urgent projects for organizations to protect sensitive information. Penetration hunters are similar to bug bounty hunters, although bug bounty programs usually pay for results (rewards for finding vulnerabilities) instead of for time), giving bug bounty hunters more freelancing flexibility. 

Qualifications: Penetration testers should bring scripting or coding knowledge, including languages like Python, Bash, Ruby, Perl, and PHP; knowledge of OS concepts (Linux, Ubuntu, Mint, Kali, etc.); and skills in reporting writing, data analytics, and web communications/web applications. 

Average Salary (Indeed): $119,047

4. Information Security Analyst

One of the most popular career tracks in cybersecurity, ISAs take care of company electronic records. This varies by industry: in banking, ISAs deal with financial transactions, whereas in tech, they work to keep user data private and secure. ISAs implement firewalls and data encryption programs, conduct employee training, assess risks, and manage data access and user authentication.  

Qualifications: There is a wide range of hard and soft skills necessary to succeed as an ISA. These include firewall administration, patch management, network security management, incidence response, security risk management, written and verbal communication, and auditing. ISAs can benefit from certifications like Certified Information Systems Security Professional or CompTIA Security+, and need to constantly stay on top of security trends.

Median Salary (Bureau of Labor Statistics): $103,590

5. Chief Information Security Officer or Chief Information Officer

CIO or CISO are senior executives who oversee the company’s IT and security infrastructure and lead the overall strategy.

This involves making decisions around security operations, cyber risk and cyber intelligence, data loss and fraud prevention, security architecture, identity and access management, program management, investigations and forensics, and governance. 

According to the IDG 2020 Security Priorities study, 61% of organizations have a CISO position, particularly larger corporations. 

Qualifications: CISOs need strong people skills, at least 7-12 years of work experience, managerial experience, and top-end technical skills, with a bachelor’s or master’s in a computer-related field highly recommended (MBA is helpful, too!). CISOs need to deal well with stress, as 95% of survey respondents report working more hours than outlined in their job description and 90% would reduce their pay in order to achieve a superior work/life balance. The Certified Information Security Manager (CISM) certification is also recommended for those looking to progress in leadership.

Median Salary (Salary.com): $224,758. 

Factors That Influence Your Cybersecurity Salary

There are many other factors that can determine pay in the cybersecurity workforce.

1. Geography: In large cities, companies pay more to stay competitive with the market. The Bureau of Labor Statistics shows that California and New York command the highest salary for information security analysts.

Cybersecurity salary based on Geography

Source: bls.gov

2. Cost of living: Other factors that should influence where to live and work are jobs available and the cost of living. According to Exotic Careers, the best cities for cybersecurity in terms of the number of openings are Huntsville, Alabama; Washington DC; Augusta, Georgia; Des Moines, Iowa; and Raleigh, North Carolina.

With more jobs turning remote, it may be possible to work from anywhere in the future and balance high salaries with affordable housing and living conditions.

3. New skills: As you learn new skills, you can transition into more lucrative fields of cybersecurity. Cloud security skills are among the most valuable and were predicted to lead to a $15,000 salary increase in 2020.

Cybersecurity Skills

Source: Tech Republic

Those seeking to optimize a cybersecurity salary should gain a solid foundation in both cybersecurity and coding to improve their versatility, through courses like Springboard, Coursera, edX, Udemy, and more.

By continuing to upskill, cybersecurity professionals have a greater chance at a faster promotion cycle, and each title change usually comes with a respectable pay bump.

4. Certifications: Additional certifications give workers the ability to apply for more advanced roles. A CISM certificate can increase salaries by $25,000 and CISSP can boost income by $15,000. Here are 9 of the top cybersecurity certifications for those starting out. 

5. Type of company: By networking, you can often apply to more well-known companies and ask for intros or referrals. Pay differs depending on industry and private versus public sector work (the US government pays $129,646 on average, according to Glassdoor). Cybersecurity firm Palo Alto Networks was rated as the highest-paying company of 2019, with median salaries above $170,000. High-valued companies like Nvidia, Facebook, VMware, Google, Salesforce, and Microsoft similarly emerged on top, in terms of wages. 

6. Years of experience: Since a more experienced analyst can earn $8000 more than one at the entry-level, it is worth your time to invest in taking on projects and internships to hone your skillset, and to commit to an organization where you see long-term prospects. 

7. The entire package: When considering the compensation package, look at bonuses, equity/stock compensation, and benefits, as well as the company reporting structure, culture, and teamwork style. Benefits can include everything from free food to international rotations, more generous parental leave, and unlimited vacation.

8. Negotiation: When offered a job, do your research on the going market rate for a hire with your educational background and years of experience. Try to leverage competing offers for comparison and look up the expected compensation packages on sites like Glassdoor. Here are some tips and best practices for negotiating your first cybersecurity salary. 

To increase your compensation and chances of securing a high-paying cybersecurity gig, enroll in Springboard’s cybersecurity bootcamp to learn cybersecurity fundamentals with a dedicated mentor and real-world projects. It’s a great financial investment, with a 6-month money-back job guarantee and career placement services to ensure you can seamlessly and efficiently achieve your goals. 

Top jobs are competitive, but with 0% unemployment in cybersecurity professions, the timing to break into this fast-growing field has never been better. 


Is cybersecurity the right career for you?

According to Cybersecurity Ventures, the cybersecurity industry is expected to have 3.5 million high-paying, unfilled jobs this year. With Springboard’s comprehensive Cyber Security Career Track, you’ll work 1:1 with an industry-mentor to learn key aspects of information technology, security software, security auditing, and finding and fixing malicious code. Learning units include subject-expert approved resources, application-based mini-projects, hands-on labs, and career-search related coursework.

The course will culminate in a multi-part capstone project that you can highlight on your resume for prospective employers or use to demonstrate your technical knowledge in your job interview. The learning materials will also help prepare you to pass the globally-recognized CompTIA Security+  certification so you stand out when applying for cybersecurity roles.

Learn more about Springboard’s Cyber Security Career Track here.

Ready to learn more?

Browse our Career Tracks and find the perfect fit