Whether you’re looking to launch a cybersecurity career or take your existing expertise to the next level, it can be inspiring — perhaps even a source of motivation — to get a clearer sense of some of the most lucrative cybersecurity jobs in this fast-growing field. In this guide, we’ll explore some of the top-paying jobs in the field, including the skills, education and experience needed to obtain them.
[RELATED] 10 Reasons to Join a Cyber Security Master’s Degree Program >>
Career Outlook
Professionals who possess advanced cybersecurity skills are in a “seller’s market” — one with zero percent unemployment as well as companies and government agencies competing for top talent.
“At the very highest levels, the right person can command over $400,000,” Paul Smith, vice president at PEAK Technical Staffing, told CSO. “The commercial industries are stealing people out of the NSA and CIA like crazy because corporations are having such a problem with foreign espionage. The demand for people who understand these threats has skyrocketed.”
That’s the result of a well-documented cybersecurity talent shortage with nearly 3.5 million cybersecurity vacancies across the globe in 2023. Some require very specific experience, while an industry certification or related master’s degree may help put others in reach.
[RELATED] How to Land the 9 Best Jobs in Cybersecurity >>
10 Top-Paying Cybersecurity Jobs
This list is compiled from multiple industry sources, including CSO, Mondo, CyberSeek, ZipRecruiter, Indeed and Salary.com.
Note: Salary estimates vary and are often adjusted in real-time based on changing data. In addition, these jobs are not ranked in any particular way.
This is the executive chiefly responsible for an organization’s information and data security, and in most cases, the bigger the organization, the bigger the paycheck. Salary.com lists the median salary at $239,839 with some making close to $300,000 or more.
While a few CISOs may earn a total compensation package close to half a million dollars, many start at a base salary around $275,000, according to Hunt Scanlon Media. But keep in mind that the salary range is broad and will depend on a number of factors, including the specific position, how much experience is required and the company itself.
CSO lists the CISO salary range at $105,000 to $264,000 with an average salary of $118,260. According to CSO, “a bachelor’s degree in computer science or a related field is typical for this role, at least 5 years in a management role, and familiarity with a host of security technology and practices, and knowledge of regulations that affect your industry and business.
- Lead Software Security Engineer
ZipRecruiter cites the annual average pay for a Lead Software Security Engineer at $146,059, with top earners making around $200,000.
About 94% of businesses are on the cloud, which puts the global cloud computing industry at nearly $480.04 billion as of 2022. Because of this, cloud security engineer careers are on the rise. Glassdoor cites the average salary of $151,000 with higher-level engineers earning around $193,000.
Cybersecurity is not just about tech wizards minimizing attacks and fending off hackers; there is also a constant flow of new and innovative technology solutions on the market. Most programmers enjoy coding, but higher pay prompts some to switch to sales. ZipRecruiter reports that the national average salary for cybersecurity sales engineers is around $115,000.
Noting that 28% of employers hiring for this position request a master’s degree, CyberSeek lists an average salary of $147,142. Top skills requested for this position include IT security architecture, computer science, identity and access management, Amazon Web Services, Microsoft Azure and authentication. Salaries for cybersecurity architects average $141,799 with some positions making more than $200,000.
- Cybersecurity Manager/Administrator
Also known as information security managers and information systems security managers, professionals in this role earn salaries of between $150,00 and $225,000, according to Mondo. Key responsibilities typically include identifying potential areas of vulnerability, beefing up security to safeguard valuable company data and managing the information systems team.
The professionals performing this critical job are often called “ethical hackers.” More and more large organizations are hiring full-time employees or third-party contractors to infiltrate their computer systems to detect and address vulnerabilities that could be exploited by cybercriminals. CyberSeek lists the average salary for penetration and vulnerability testers at $124,424 and reports that 22% of those hiring seek an advanced degree.
This job is listed near the top of U.S. News & World Report’s lists of 100 Best Jobs, Best STEM Jobs and Best Technology Jobs, which cites a median salary of $102,600. It describes information security analysts as “the gatekeepers or security guards of information systems” due to their wide scope of responsibilities related to preventing, monitoring and responding to data breaches and cyberattacks. The U.S. Bureau of Labor Statistics reports that employment for this position is expected to grow 32% between 2022 and 2032.
- Application Security Engineer
Mondo puts an application security engineer’s salary range at $130,000 to $200,000. An application security engineer will secure all software and business applications and make sure that privacy and security constraints are built into software.
According to Mondo, “this role is crucial for any business looking to integrate software, like AWS or Azure into their day-to-day operations … Application Security Engineers have the experience and skill sets needed to ensure the security and stability of your internal and external applications, which helps prevent hackers or malicious systems from attempting to disrupt the integrity of your infrastructure.”
- Network Security Engineer
A network security engineer is responsible for network and security-related hardware and software, including firewalls, routers, virtual private networks and more. ZipRecruiter lists the national annual salary as $129,888 and the salary range from $39,500 to $158,500.
- Director of Information Security (IT)
According to Mondo, “directors need strong security skills, the ability to manage and mentor security staff, and a good understanding of the organizations in which they work. They need to know how the organization assesses risk so that they can allocate effort and resources accordingly.” Mondo lists the average salary of a director of IT security salary as $170,981 and the range at $123,000 to $237,000.
[RELATED] The Cybersecurity Jobs Report >>
Skills Needed to Succeed
There are a large variety of skills needed to succeed in a cybersecurity position, including:
- Computer programming and coding experience
- Network and security configuration knowledge
- Coursework in cloud computing infrastructure and services, computer programming in Java, network and security foundations and network and security applications
- Knowledge of encryption technologies
- Security incident handling and response
- Understanding of the latest threats, processes and strategies
- Problem-solving
- Effective communication skills
- Self-direction
- Drive
- Adaptability
- Teamwork
- Leadership
- Creativity
- Strong work ethic
Education Needed
Education requirements will vary by experience level and position, but most jobs will require a bachelor’s or associate degree in an IT or security-related field at a minimum. Businesses may prefer or even require a master’s degree or certifications, especially for top-paying cybersecurity jobs.
[RELATED] 10 Reasons to Get Your Master’s Degree in Cybersecurity >>
Recommended Certifications
There are numerous cybersecurity certifications that can expand your knowledge and skills — and set you apart from other candidates. While some certifications are more specific and high-level, others are recommended for entry-level applicants. Some may even be required for certain positions. Here is a list of the most common:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Privacy Professional (CIPP)
- SANS/Global Information Assurance Certification (GISC)
- CompTIA Security+
- Certified Ethical Packer (CEH)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Cloud Security Professional
- GIAC Security Essentials (GSEC)
See What a Cyber Security Masters Program Looks Like for Working Professionals
Salary Outlook
As we mentioned earlier, many top-paying cybersecurity positions typically earn anywhere from $100,000 to $200,000 — with some senior-level jobs paying as much as $400,000 or more. It’s important to note that your salary will depend on a number of factors, including the position itself, the company, where the job is located, associated responsibilities and how much experience is required.
Best Job Locations
According to ExoticCareers, the 10 best cities for cybersecurity jobs include:
- Huntsville, Alabama
- Washington, D.C
- Augusta, Georgia
- Des Moines, Iowa
- Raleigh, North Carolina
- Utica, New York
- Silicon Valley Cities
- Santa Barbara, California
- Denver, Colorado
- Austin, Texas
The criterion for this list is the geographic concentration of jobs in a city, not by size of the city. Washington, D.C. has the most cybersecurity job openings, and the states with the highest salaries are D.C, New Jersey, Maryland, Maine and New York.
The top 10 paying states for cybersecurity jobs are:
- Washington, D.C.
- New Jersey
- Maryland
- Maine
- New York
- Massachusetts
- Delaware
- Connecticut
- California
- New Hampshire
It’s no secret that there is a major hiring push underway among organizations of all sizes now that the cybercrime epidemic is everybody’s business. As a result, information technology professionals and others who aspire to position themselves for success in this essential and fast-growing field are upgrading their skills by earning industry certifications and enrolling in advanced degree programs.
All in all, the world of cybersecurity offers significant opportunities to perform important and meaningful work, and to get paid well for doing it.
[RELATED] Which Cyber Security Program is Right For You? Download our free infographic to help decide >>
Additional Cybersecurity Careers You Might Be Interested In
Interested in a cybersecurity career? Here are some other popular options:
This report brought to you by the University of San Diego’s Master of Science in Cybersecurity Operations and Leadership, which is offered 100% online, and the online and on-campus Master of Science in Cybersecurity Engineering, which has been designated as a Center of Academic Excellence (CAE) program by the federal government. Colleges and universities that receive this designation have met rigorous requirements and are recognized for a robust curriculum that is aligned with the NICE Cybersecurity Workforce Framework.
Citations
CSO, “Cybersecurity salaries: What 8 top security jobs pay.” https://www.csoonline.com/article/570997/cybersecurity-salary-what-8-top-security-jobs-pay.html
Schneier on Security, “On the Cybersecurity Jobs Shortage.” https://www.schneier.com/blog/archives/2023/09/on-the-cybersecurity-jobs-shortage.html
Mondo, “6 Highest-Paid Cyber Security Jobs & Salaries.” https://mondo.com/insights/highest-paid-cyber-security-jobs-salaries/
CyberSeek, “Cybersecurity Career Pathway.” https://www.cyberseek.org/pathway.html
ZipRecruiter. https://www.ziprecruiter.com/
Indeed. https://www.indeed.com/
Salary.com. https://www.salary.com/
University of San Diego,”What is a Chief Security Officer? — High Demand, ‘Skyrocketing’ Pay for CSO.” https://onlinedegrees.sandiego.edu/what-is-a-chief-security-officer-high-demand-skyrocketing-pay-for-csos/
Hunt Scanlon Media, “Demand for Cybersecurity Talent Sets Salaries Soaring.” https://huntscanlon.com/demand-for-cybersecurity-talent-sets-salaries-soaring/
ZipRecruiter, “Lead Software Security Engineer Salary.” https://www.ziprecruiter.com/Salaries/Lead-Software-Security-Engineer-Salary
Glassdoor, “How much does a Lead Security Engineer make?” https://www.glassdoor.com/Salaries/lead-security-engineer-salary-SRCH_KO0,22.htm
ZipRecruiter, “Cyber Security Sales Engineer Salary.” https://www.ziprecruiter.com/Salaries/Cyber-Security-Sales-Engineer-Salary
University of San Diego, “Cybersecurity Architect [Career Outlook, Job Duties, Salaries].” https://onlinedegrees.sandiego.edu/cyber-security-architect/
ZipRecruiter, “Cyber Security Architect Salary.” https://www.ziprecruiter.com/Salaries/Cyber-Security-Architect-Salary
University of San Diego, “Penetration Testers on the Front Lines of Cyber Security.” https://onlinedegrees.sandiego.edu/vulnerability-and-penetration-testing/
University of San Diego, “Ethical Hacking: Careers, Salary and Degree Questions Answered.” https://onlinedegrees.sandiego.edu/ethical-hacker-career-salary-guide/
U.S. News & World Report, “Information Security Analyst Overview.” https://money.usnews.com/careers/best-jobs/information-security-analyst
U.S. Bureau of Labor Statistics, “Information Security Analysts.” https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
University of San Diego, “Cybersecurity vs. Information Security vs. Network Security.” https://onlinedegrees.sandiego.edu/cyber-security-information-security-network-security
University of San Diego, “Top Cyber Security Certifications: Which Ones Are Right for You?” https://onlinedegrees.sandiego.edu/is-a-cyber-security-certification-right-for-you/
ISC2, “CISSP – Certified Information Systems Security Professional.” https://www.isc2.org/Certifications/CISSP
ISACA, “What is the CISA difference?” https://www.isaca.org/credentialing/cisa
ISACA, “What is the CISM difference?” https://www.isaca.org/credentialing/cism
IAPP, “CIPP Certification.” https://iapp.org/certify/cipp/
GIAC Certifications. https://www.giac.org/get-certified/
CompTIA, “CompTIA Security+.” https://www.comptia.org/certifications/security
EC-Council, “Certfied Ethical Hacker.” https://www.eccouncil.org/train-certify/certified-ethical-hacker-ceh-practical/
ISACA, “What is the CRISC difference?” https://www.isaca.org/credentialing/crisc
ISC2, “CCSP – Certified Cloud Security Professional.” https://www.isc2.org/Certifications/CCSP
GIAC Certifications, “GIAC Security Essentials (GSEC).”
https://www.giac.org/certifications/security-essentials-gsec/
Exotic Careers, “10 Best Cities for Cyber Security Jobs in 2023.” https://exoticcareers.com/best-cities-for-cyber-security-jobs/
Exotic Careers, “13 Highest-Paying States for Cybersecurity Jobs in 2023.” https://exoticcareers.com/highest-paying-states-for-cybersecurity-jobs/
University of San Diego, “How to Become a Security Consultant [Career Guide].” https://onlinedegrees.sandiego.edu/how-to-become-a-security-consultant-career-guide/
University of San Diego, “How to Become a Network Administrator [Career & Salary Guide].” https://onlinedegrees.sandiego.edu/network-administrator-career-salary-guide/
University of San Diego, “Cybersecurity Holds Opportunity for Systems Administrators.” https://onlinedegrees.sandiego.edu/systems-administrator/
University of San Diego, “Cybersecurity Analyst Career Guide.” https://onlinedegrees.sandiego.edu/cybersecurity-analyst-career-guide/
University of San Diego, “How to Become a Security Auditor
[+ Career & Salary Guide].” https://onlinedegrees.sandiego.edu/cyber-security-auditor-career-guide/
University of San Diego, “How to Become a Cybersecurity Specialist
[+ Career & Salary Guide].” https://onlinedegrees.sandiego.edu/cyber-security-specialist-career-guide/
University of San Diego, “Is a Career as a Highly Paid Cybersecurity Consultant Right for You?” https://onlinedegrees.sandiego.edu/how-to-become-cybersecurity-consultant/