It is common knowledge that employees in the information technology industry command much higher average salaries than in most other career paths. According to the CompTIA Cyberstates guide to the tech economy, the IT industry’s median wage is twice as high as the national average wage in the US. This is true for all IT sectors, including the cybersecurity branch. But how much does a cybersecurity specialist actually make?
Cybersecurity is a broad term – one can find a wide range of job titles within this tech sector. From a pentester to an information security analyst to a security engineer to a chief information security officer – each of these positions has a different salary range. How much you personally will earn also depends on various factors, such as your education and experience levels, the type of business your company is in, its size, geographical location, and more.
All of the salary averages you will see in this post are taken from Glassdoor, a leading website for reviewing different organizations and employers, Payscale, a company that helps manage employee compensation, and the US Bureau of Labor Statistics (BLS) for accurate salary reports.
- Education and experience
Education is an essential part of a cybersecurity specialist’s resume.
Since they deal with data loss prevention and data protection in general, security incidents, risk assessment, and fending off digital threats, a cybersecurity specialist’s role is crucial to an organization. Employers like to have a guarantee that their specialists know what they’re doing in the form of at least a bachelor’s degree in computer security or a related field. This related field can be computer science, data administration, network administration, or similar.
While you may require a bachelor’s degree to apply for an entry-level position in the IT security sector, you shouldn’t worry too much about obtaining a master’s degree. Only 23% of tech employees with a master’s degree or higher believe their advanced degrees helped them reach higher salaries.
In comparison, experience is always good to have, even if you are just starting your cybersecurity career. If you don’t have much experience, your starting salary will be low. The more you sharpen your skills and the more knowledge you gain (both theoretical and practical), the more inclined your supervisors will be to give you a raise.
Based on experience, the IT industry’s job titles are usually categorized as ‘junior’ or ‘senior.’ A junior security analyst will have a lower salary than a senior security analyst, even if their job description isn’t all that different.
- Industry type
Even though the IT industry is the main focus of this article, the truth is that an employee can work in IT in a wide range of other industries. Computer security is important, no matter what type of work a company does.
The top average salaries for IT professionals and, consequently, cybersecurity professionals are in aerospace and defense, communications, PR, advertising, pharmaceutical, medical, biotech, government (military and homeland security), and system and VAR integration industries. The chances are that the same IT job position will have a higher income in these industries than others.
- Business size and revenue
Average salary estimates also depend on the size of the organization and how profitable it is. In theory, a great option would be to find a job in a relatively small company (less than 100 or, even better, less than 50 employees) that has considerable revenue. Your cybersecurity salary would most likely be higher than the industry average.
However, a small company can never accumulate as much profit as a global corporation, no matter how well it is doing.
The problem with big corporations is that they have hundreds, if not thousands, or even tens of thousands of employees worldwide. As a result, they tend to offer lower starting salaries than their smaller competitors. At organizations like Google, CISCO, Amazon, or similar, the starting cybersecurity specialist salary is not impressive.
Once you gather enough experience and reach senior status at one of these conglomerates, your yearly salary will be higher than in other companies. Not to mention that some of them, such as Google, also offer their employees shares of the company that you can cash in whenever you want.
- Business location
In this era of working from home and socially distancing, the IT industry has a clear advantage. Most tech workers can operate from home without any issues, as long as they have a stable internet connection. Remote IT work is slowly but surely becoming the norm.
While it is not of great importance where you as an employee are, the size of your income will depend on where your company is located. A tech job in Washington, DC, will not earn the same wage as the same type of job in San Francisco, CA. In fact, average tech salaries are the highest in the San Francisco area because of Silicon Valley, arguably the global center of technology.
In 2019, the average tech worker’s salary was $145k per year in San Francisco, $138k in Seattle, WA, $133k in New York, NY, $117k in Denver, CO, and ‘only’ $113k in San Diego, CA.
Average IT Security Salaries
Finally, your salary will also depend on what cybersecurity position you hold. Here are the median cybersecurity salaries for some of the most common job titles:
- Computer Forensics Analyst
Even though this job position sounds cool and represents a dynamic work environment, it is one of the lowest-paid on our list. A computer forensics analyst earns a yearly average salary of $57,755, according to Glassdoor, and $73,892, according to Payscale.
- Cyber Security Specialist
The cybersecurity specialist’s position is considered entry-level. This position may also be called an information security specialist or a computer security specialist. For this job, average salaries in the United States range from $69,123 to $76,336 per year.
- Information Security Analyst
Information security analysts tend to earn more than a cybersecurity specialist’s salary. The US Bureau of Labor Statistics states that an information security analyst makes an annual average of $99,730 per year or $47.95 per hour. For the same position, Glassdoor lists an average yearly salary of $76,410, based on 4.595 anonymous salary submissions by information security analysts all over the United States.
- Penetration Tester (Pentester)
- Security Engineer
Cybersecurity and data security engineers earn an average of $99,834 per year, according to Glassdoor. These numbers are similar to those at Payscale, which lists the average annual security engineer salary as $91,598.
Keep in mind that a network security engineer title seems to be earning less than the ones mentioned above – $79,686 per year on average.
- Security Architect
With their highly specialized skills and a long list of responsibilities, security architects are raking in six-figure salaries. Glassdoor lists the average base pay for a security architect as $106,362, while Payscale adds a bit more: $124,051.
- Chief Information Security Officer (CISO)
Given that the chief information security officer is a senior executive-level position, it is no surprise that its average base salary comes in at $179,763.
The question of how much a cybersecurity specialist earns is a complex one. The average salary for this demanding job depends on a variety of factors. It is directly proportional to the level of education and amount of experience an employee has. If you’re eyeing large, famous companies, keep in mind that your starting salary will be comparatively low before you rise through the ranks.
Not every corner of the US provides the same average income, which should also be in your consideration. (Don’t forget to factor in the cost of living in different areas of the country as well.)
Finally, the position of a cybersecurity specialist is only a starting point. From there, you will carve your own career path, depending on your preferences and skillsets. If you work hard, undergo computer security training, collaborate well with your team, and prove that you are an asset to your organization, there is no reason why you shouldn’t command a six-figure salary further down the line.
If you have any questions about the income you could potentially earn as a cybersecurity specialist, don’t hesitate to reach out to My Computer Career.