Maybe you’ve heard there’s an interplanetary-sized gap in the amount of cybersecurity professionals available and the roles needed to be filled. 

According to the recent Cybersecurity Workforce Study by the non-profit ISC2, the cybersecurity workforce shortage has hit a record high of nearly 4 million.

The disparity between the number of workers needed and those available is up 12.6% year over year, with cutbacks, economic uncertainty, artificial intelligence (AI), and a challenging threat landscape as key driving forces, all cited by the report. 

If you’re interested in a career in cybersecurity, it’s a good time to get onboard. Before you do, however, you may be wondering about the paycheck. 

In this article, we examine some of the common roles and responsibilities in the industry, and then talk about how your bank account could look depending on what position you’re seeking. Keep in mind, too, there are lots of different ways to break into the industry that don’t always include being on the technical side of things. For the purposes of this post (and because technical jobs are the highest in demand), we’re going to explore those who are looking to join cybersecurity teams. Let’s get started.

So… what is exactly cybersecurity?

Alright, so we hope you already know the gist of cybersecurity if you’re thinking of getting into the field. If not though, cybersecurity is the practice of defending computers, servers, networks, systems, and data from malicious attacks. There are several aspects of it, but the goal is the same: To preserve the integrity and confidentiality of stored sensitive information. This involves implementing multiple layers of protection across computers, networks, and programs, as well as having frameworks for identifying, detecting, responding to, and recovering from cyber threats.

To do this, cybersecurity professionals may specialize in network security, endpoint security, and protection from cybercrime, cyber-attacks, and cyberterrorism—all of which play a vital role in safeguarding digital information and infrastructure from a wide range of cyber threats.

What is the average annual salary for cybersecurity professionals?

In the United States, the average annual salary for cybersecurity professionals varies but is generally in the range of $57,000 to $186,000, depending on factors such as experience, location, and specific job roles.

Are there additional benefits or perks in cybersecurity roles?

Definitely, and it all depends on the company. Many cybersecurity positions come with additional benefits, such as health insurance, retirement plans, bonuses, and professional development.

What’s a common, entry-level job in cybersecurity? 

Information security analysts, often referred to as cybersecurity analysts, are fairly typical entry-level roles in cybersecurity. They are instrumental in designing, implementing, monitoring, and evaluating security measures to protect an organization’s digital assets from cyberattacks.

Some of the typical duties and tasks performed by information security analysts include:

• Monitoring computer networks: Analysts use various tools and technologies to monitor computer networks for security issues and potential threats continuously.
• Investigating security breaches: When breaches or other cybersecurity incidents occur, analysts investigate the root causes and impact and take necessary actions to mitigate the risks (and prevent similar ones in the future).
• Installing security measures: Analysts are responsible for installing and maintaining security software and tools that can protect an organization’s networks from online vulnerabilities.
• Risk assessment and audits: Information security analysts perform risk assessments, audits, and tests to ensure the proper functioning of data processing activities and security measures.
• Communication and reporting: Analysts also need to communicate trends and findings to internal and external staff, furnish assessment reports, and document security issues or breaches for appropriate handling.
• Collaboration and training: Lastly, they collaborate with colleagues to install security software, provide guidance on information security management, and stay up-to-date on information technology trends and security standards.

Degrees and experience required for cybersecurity careers

To excel in a cybersecurity role, a bachelor’s degree in computer science or a related field is typically (but not always) required, along with experience in the information security field. Additionally, professional certifications and advanced degrees (more on that below), such as an MBA in information systems, can enhance these qualifications.

Cybersecurity engineers and cybersecurity employees also require knowledge of various security concepts, tools, and techniques, including firewalls, proxies, SIEM, antivirus, IDPS, and network penetration testing.

Cybersecurity salaries

We have covered a few handy definitions and responsibilities for cybersecurity professionals. Now, let’s talk about salaries.

Firstly, we should point out that the average salaries for cybersecurity careers can vary based on factors such as experience, education, certifications, and specific job roles. However, here’s a breakdown of the average annual salaries for various cybersecurity positions:

• Cybersecurity Analyst:
  • Median salary in the US in 2022: $112,000 (source)
  • Average annual salary: $137,000 (source)
• Cybersecurity Engineer:
  • Average annual salary ranging from $120,000 to $133,000 (source)
• Entry-Level Cybersecurity Professional:
  • Average annual salary with less than one year of experience: $63,235 (source)
  • Average annual salary with one to four years of experience: $71,942 (source)
• Mid-Level Cybersecurity Professional:
  • Average annual salary with five to nine years of experience: $88,596 (source)
• Senior-Level Cybersecurity Professional:
  • Average annual salary with over ten years of experience: $102,002 or more (source)

Now, as we mentioned, there are several factors that can affect these numbers. For example, a bachelor’s degree in cybersecurity provides a strong foundation, while advanced degrees such as a Master of Science or Master of Business Administration (MBA) can further enhance earning potential. Obtaining industry-recognized certifications, additional education, and professional growth can also lead to higher salaries.

Top paying cybersecurity certifications

If we look at the top-paying IT certifications (all of which include exams and varying fees to complete) for 2022 as listed here, we can see that four of the top ten ones belong to cybersecurity positions (and therefore cybersecurity salaries!). These are:

1. Certified Information Security Manager (CISM)
   This certification affirms your ability to assess risks, implement effective governance, and proactively respond to incidents. If you want to take this exam, you will also need to have five years of professional experience.
   Estimated salary: $100K-$162K
2. Certified Information Systems Security Professional (CISSP)
   This certification encompasses eight domains (security operations, security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, software development security, asset security, and security and risk management).
   Estimated salary: $95K-$147K
3. AWS Certified Security – Specialty
   This certification validates your expertise in creating and implementing security solutions in the AWS Cloud. This certification also validates your understanding of specialized data classifications and AWS data protection mechanisms; data-encryption methods and AWS mechanisms to implement them; and secure internet protocols and AWS mechanisms to implement them. AWS also suggests having a minimum of five years of experience in an IT security position, including two years of practical experience in securing AWS workloads.
   Estimated salary: $53K-$115K
4. Certified Information Systems Auditor (CISA)
   Professionals with CISA certification can act as the bridge connecting technical, legal, and compliance teams, ensuring that organizations efficiently safeguard privacy and manage risk in a cost-effective manner.
   Estimated salary: Salary: $62K-$150K  

Cybersecurity salary differences by location

As with most jobs, the average cybersecurity salary in the US varies significantly by location, with factors such as the cost of living, demand for professionals, and industry standards influencing the differences.

Here’s a smattering of averages in different US locations.

• West Virginia: $148,500 (source)
• New York: $124,933
• Texas: $116,850
• Washington: $117,500
• North Carolina: $110,000
• New Mexico: $100,213
• Minnesota: $98,300
• Ohio: $97,500
• California: $99,400 (source)

Labor statistics for cybersecurity professionals

As we mentioned earlier, the demand for cybersecurity professionals is expected to continue growing. In fact, the US Bureau of Labor Statistics is projecting a 32% expansion in employment for cybersecurity analysts between 2022 and 2032.

Currently, the majority of information security analysts are employed by computer companies, consulting firms, or business and financial enterprises. The distribution is as follows:

• Computer systems design and related service: 25%
• Finance and insurance: 16%
• Information: 10%
• Management of companies and enterprises: 9%
• Management, scientific, and technical consulting services: 6%

About 16,800 job openings are projected for the next decade. A significant portion of these changes is anticipated to arise due to the necessity to replace individuals who either transition to other professions or leave the workforce, such as for retirement.

The majority of information security analysts are employed on a full-time basis, with some exceeding a 40-hour workweek. Additionally, these professionals may be required to be on call beyond regular business hours to address emergencies when necessary.

Looking ahead

As of 2024, there are roughly half a million cybersecurity job openings in the United States. The field no doubt offers lucrative career opportunities with competitive salaries, not to mention the ability to significantly enhance your earning potential through continuous education, certifications, and relevant experience.

And if you’re looking to jumpstart your career in cybersecurity, Coro is hiring.