If you’re looking to launch a career in cybersecurity or enhance your skills, exploring the highest-paying jobs in this fast-growing field can be both inspiring and motivating. In this guide, we’ll explore some of the top-paying jobs in the field and take a closer look at the average cybersecurity salary for each role, including the skills, education and experience needed to achieve them.
[RELATED] 10 Reasons to Join a Cyber Security Master’s Degree Program >>
Career Outlook
The cybersecurity job market remains highly competitive, with professionals possessing advanced skills experiencing strong demand. According to the 2024 ISC2 Cybersecurity Workforce Study, the global cybersecurity workforce is estimated at approximately 5.5 million individuals. However, there is still a major shortage of talent, with nearly 4.8 million additional professionals needed to adequately secure organizations worldwide.
This shortage has led to increased competition among companies and government agencies to attract top talent. Compensation for cybersecurity roles reflects this demand, with average salaries for Chief Information Security Officers (CISOs) reaching $565,000 in 2024, up from $550,000 in 2023.
The shortage of qualified cybersecurity professionals highlights the importance of advanced education and certifications. Pursuing industry-recognized certifications or advanced degrees can enhance career prospects and help bridge the existing skills gap in this critical field.
[RELATED] How to Land the 9 Best Jobs in Cybersecurity >>
10 Top-Paying Cybersecurity Jobs
This list is compiled from multiple industry sources, including CSO, Mondo, CyberSeek, ZipRecruiter, Indeed and Salary.com.
Note: Average cybersecurity salary estimates vary and are often adjusted in real-time based on changing data. In addition, these jobs are not ranked in any particular way.
- Chief Information Security Officer (CISO)
This is the executive chiefly responsible for an organization’s information and data security, and in most cases, the bigger the organization, the bigger the paycheck. Salary.com reports the average annual pay for a Chief Information Security Officer in the United States is $337,692, with most earning between $289,412 and $397,671. The highest salaries can reach up to $452,280, while the lowest are around $245,456.
While a few CISOs may earn a total compensation package close to half a million dollars, many start at a base salary around $275,000, according to Hunt Scanlon Media. But keep in mind that the salary range is broad and will depend on a number of factors, including the specific position, how much experience is required and the company itself.
Meanwhile, CSO places the CISO salary range between $105,000 and $264,000, with an average salary of $118,260. According to CSO, “a bachelor’s degree in computer science or a related field is typical for this role, at least 5 years in a management role, and familiarity with a host of security technology and practices, and knowledge of regulations that affect your industry and business.” - Lead Software Security Engineer
ZipRecruiter cites the annual average pay for a lead software security engineer at $145,890, with top earners making around $200,000.
As of 2024, about 94% of businesses use cloud computing. The global cloud computing market is now valued at around $676 billion and is expected to grow to over $2.2 trillion by 2032. Because of this, cloud security engineer careers are on the rise. According to Glassdoor, the estimated total pay for a cloud security engineer is $205,211 per year, with an average base salary of $141,574 and additional pay averaging $63,637 annually. Higher-level engineers can earn total compensation of up to $266,000 per year. - Cybersecurity Sales Engineer
Cybersecurity is not just about tech wizards minimizing attacks and fending off hackers; there is also a constant flow of new and innovative technology solutions on the market. Most programmers enjoy coding, but higher pay may prompt some to switch to sales. ZipRecruiter reports that the national average salary for cybersecurity sales engineers is around $122,890. - Cybersecurity Architect
With 28% of employers seeking candidates with a master’s degree, CyberSeek reports an average salary of $147,142 for this position.Top skills requested include IT security architecture, computer science, identity and access management, Amazon Web Services, Microsoft Azure and authentication. Salaries for cybersecurity architects average around $144,461 with some positions making more than $200,000. - Cybersecurity Manager/Administrator
Also known as information security managers and information systems security managers, professionals in this role earn salaries ranging between $150,000 and $225,000, according to Mondo. Key responsibilities typically include identifying potential areas of vulnerability, enhancing security to safeguard valuable company data and managing the information systems team. - Penetration Tester
The professionals performing this critical job are often called “ethical hackers.” An increasing number of large organizations are employing full-time staff or third-party contractors to test their computer systems for vulnerabilities, identifying and addressing weaknesses before cybercriminals can exploit them. Glassdoor reports that penetration and vulnerability testers earn an average salary of $139,000, with top earners making over $189,000 annually. - Information Security Analyst
This role ranks high on U.S. News & World Report’s lists of 100 Best Jobs, Best STEM Jobs and Best Technology Jobs, with a median salary of $102,600. Information security analysts are described as “the gatekeepers or security guards of information systems” due to their wide scope of responsibilities related to preventing, monitoring and responding to data breaches and cyberattacks. The U.S. Bureau of Labor Statistics reports that employment for this position is expected to grow 33% between 2023 and 2033. - Application Security Engineer
ZipRecruiter reports that the average annual salary for an application security engineer is $152,773, with the highest earners making up to $205,500 per year. An application security engineer will secure all software and business applications and make sure that privacy and security constraints are built into software.
According to Mondo, “this role is crucial for any business looking to integrate software, like AWS or Azure into their day-to-day operations … Application Security Engineers have the experience and skill sets needed to ensure the security and stability of your internal and external applications, which helps prevent hackers or malicious systems from attempting to disrupt the integrity of your infrastructure.” - Network Security Engineer
A network security engineer is responsible for network and security-related hardware and software, including firewalls, routers, virtual private networks and more. ZipRecruiter lists the national annual salary as $124,948 with a wide range between $21,000 to $167,000. - Director of Information Security (IT)
According to Mondo, “directors need strong security skills, the ability to manage and mentor security staff, and a good understanding of the organizations in which they work. They need to know how the organization assesses risk so that they can allocate effort and resources accordingly.” Glassdoor lists the annual average salary as $343,000, with compensation typically ranging from $276,000 to $436,000.
[RELATED] The Cybersecurity Jobs Report >>
Skills Needed to Succeed in Cybersecurity Jobs
There are a wide range of skills needed to succeed in a cybersecurity position, including:
- Computer programming and coding experience
- Network and security configuration knowledge
- Coursework in cloud computing infrastructure and services, computer programming in Java, network and security foundations and network and security applications
- Knowledge of encryption technologies
- Security incident handling and response
- Understanding of the latest threats, processes and strategies
- Problem-solving
- Effective communication skills
- Self-direction
- Drive
- Adaptability
- Teamwork
- Leadership
- Creativity
- Strong work ethic
Education Needed
Education requirements will vary by experience level and position, but most jobs will require a bachelor’s or associate degree in an IT or security-related field at a minimum. Businesses may prefer or even require a master’s degree or certain certifications, especially for top-paying cybersecurity jobs.
[RELATED] 10 Reasons to Get Your Master’s Degree in Cybersecurity >>
Recommended Certifications
There are numerous cybersecurity certifications that can expand your knowledge and skills — and set you apart from other candidates. While some certifications are more specific and high-level, others are recommended for entry-level applicants, and some may even be required for certain positions. Here is a list of the most common:
GIAC Security Essentials (GSEC)
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified Information Privacy Professional (CIPP)
SANS/Global Information Assurance Certification (GISC)
Certified Ethical Packer (CEH)
Certified in Risk and Information Systems Control (CRISC)
Certified Cloud Security Professional
See What a Cyber Security Masters Program Looks Like for Working Professionals
Salary Outlook
Many top-paying cybersecurity positions typically offer salaries ranging from $100,000 to $200,000, with some senior-level roles exceeding $400,000 or more. It’s important to note that your salary will depend on a number of factors, including the position itself, the company, where the job is located, associated responsibilities and how much experience is required.
Best Job Locations
According to PCMag, the 25 best cities for cybersecurity jobs include:
- Miami, FL
- Orlando, FL
- Atlanta, GA
- Tampa, FL
- Minneapolis, MN
- Las Vegas, NV
- St. Louis, MO
- Seattle, WA
- St. Paul, MN
- Scottsdale, AZ
- Pittsburgh, PA
- Denver, CO
- Cincinnati, OH
- Cleveland, OH
- Portland, OR
- Buffalo, NY
- Arlington, VA
- St. Petersburg, FL
- Austin, TX
- Irvine, CA
- Plano, TX
- Madison, WI
- Baltimore, MD
- Washington, D.C.
- Houston, TX
The criterion for this list is the geographic concentration of jobs in a city, not by size of the city. Washington, D.C. has the most cybersecurity job openings, and the states with the highest salaries are D.C, New Jersey, Maryland, Maine and New York.
The 25 highest-paying states for cybersecurity jobs are:
- Montana
- Washington
- Oregon
- Colorado
- Florida
- Arizona
- New York
- California
- Nevada
- Virginia
- Texas
- Maryland
- Georgia
- Rhode Island
- Hawaii
- Kansas
- Delaware
- New Jersey
- Massachusetts
- North Carolina
- Vermont
- Illinois
- Minnesota
- Idaho
- Wyoming
It’s no secret that there is a major hiring push underway among organizations of all sizes now that the cybercrime epidemic is everybody’s business. As a result, information technology professionals and others who aspire to position themselves for success in this essential and fast-growing field are upgrading their skills by earning industry certifications and enrolling in advanced degree programs.
Overall, the cybersecurity field offers incredible opportunities to engage in meaningful, impactful work while earning a competitive salary.
[RELATED] Which Cyber Security Program is Right For You? Download our free infographic to help decide >>
Additional Cybersecurity Careers You Might Be Interested In
While many aspire to secure high-paying roles in cybersecurity, starting with positions that require less experience can be an excellent way to break into the field. Here are some other popular career options to consider:
This report brought to you by the University of San Diego’s Master of Science in Cybersecurity Operations and Leadership, which is offered 100% online, and the online and on-campus Master of Science in Cybersecurity Engineering, which has been designated as a Center of Academic Excellence (CAE) program by the federal government. Colleges and universities that receive this designation have met stringent academic and professional standards and are recognized for a comprehensive curriculum that is aligned with the NICE Cybersecurity Workforce Framework.
Citations
CSO, “Cybersecurity salaries: What 8 top security jobs pay.” https://www.csoonline.com/article/570997/cybersecurity-salary-what-8-top-security-jobs-pay.html
Schneier on Security, “On the Cybersecurity Jobs Shortage.” https://www.schneier.com/blog/archives/2023/09/on-the-cybersecurity-jobs-shortage.html
Mondo, “6 Highest-Paid Cyber Security Jobs & Salaries.” https://mondo.com/insights/highest-paid-cyber-security-jobs-salaries/
CyberSeek, “Cybersecurity Career Pathway.” https://www.cyberseek.org/pathway.html
ZipRecruiter. https://www.ziprecruiter.com/
Indeed. https://www.indeed.com/
Salary.com. https://www.salary.com/
University of San Diego,”What is a Chief Security Officer? — High Demand, ‘Skyrocketing’ Pay for CSO.” https://onlinedegrees.sandiego.edu/what-is-a-chief-security-officer-high-demand-skyrocketing-pay-for-csos/
Hunt Scanlon Media, “Demand for Cybersecurity Talent Sets Salaries Soaring.” https://huntscanlon.com/demand-for-cybersecurity-talent-sets-salaries-soaring/
ZipRecruiter, “Lead Software Security Engineer Salary.” https://www.ziprecruiter.com/Salaries/Lead-Software-Security-Engineer-Salary
Glassdoor, “How much does a Lead Security Engineer make?” https://www.glassdoor.com/Salaries/lead-security-engineer-salary-SRCH_KO0,22.htm
ZipRecruiter, “Cyber Security Sales Engineer Salary.” https://www.ziprecruiter.com/Salaries/Cyber-Security-Sales-Engineer-Salary
University of San Diego, “Cybersecurity Architect [Career Outlook, Job Duties, Salaries].” https://onlinedegrees.sandiego.edu/cyber-security-architect/
ZipRecruiter, “Cyber Security Architect Salary.” https://www.ziprecruiter.com/Salaries/Cyber-Security-Architect-Salary
University of San Diego, “Penetration Testers on the Front Lines of Cyber Security.” https://onlinedegrees.sandiego.edu/vulnerability-and-penetration-testing/
University of San Diego, “Ethical Hacking: Careers, Salary and Degree Questions Answered.” https://onlinedegrees.sandiego.edu/ethical-hacker-career-salary-guide/
U.S. News & World Report, “Information Security Analyst Overview.” https://money.usnews.com/careers/best-jobs/information-security-analyst
U.S. Bureau of Labor Statistics, “Information Security Analysts.” https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
University of San Diego, “Cybersecurity vs. Information Security vs. Network Security.” https://onlinedegrees.sandiego.edu/cyber-security-information-security-network-security
University of San Diego, “Top Cyber Security Certifications: Which Ones Are Right for You?” https://onlinedegrees.sandiego.edu/is-a-cyber-security-certification-right-for-you/
ISC2, “CISSP – Certified Information Systems Security Professional.” https://www.isc2.org/Certifications/CISSP
ISACA, “What is the CISA difference?” https://www.isaca.org/credentialing/cisa
ISACA, “What is the CISM difference?” https://www.isaca.org/credentialing/cism
IAPP, “CIPP Certification.” https://iapp.org/certify/cipp/
GIAC Certifications. https://www.giac.org/get-certified/
CompTIA, “CompTIA Security+.” https://www.comptia.org/certifications/security
EC-Council, “Certified Ethical Hacker.” https://www.eccouncil.org/train-certify/certified-ethical-hacker-ceh-practical/
ISACA, “What is the CRISC difference?” https://www.isaca.org/credentialing/crisc
ISC2, “CCSP – Certified Cloud Security Professional.” https://www.isc2.org/Certifications/CCSP
GIAC Certifications, “GIAC Security Essentials (GSEC).”
https://www.giac.org/certifications/security-essentials-gsec
Exotic Careers, “10 Best Cities for Cyber Security Jobs in 2023.” https://exoticcareers.com/best-cities-for-cyber-security-jobs/
Exotic Careers, “13 Highest-Paying States for Cybersecurity Jobs in 2023.” https://exoticcareers.com/highest-paying-states-for-cybersecurity-jobs/
University of San Diego, “How to Become a Security Consultant [Career Guide].” https://onlinedegrees.sandiego.edu/how-to-become-a-security-consultant-career-guide/
University of San Diego, “How to Become a Network Administrator [Career & Salary Guide].” https://onlinedegrees.sandiego.edu/network-administrator-career-salary-guide/
University of San Diego, “Cybersecurity Holds Opportunity for Systems Administrators.” https://onlinedegrees.sandiego.edu/systems-administrator/
University of San Diego, “Cybersecurity Analyst Career Guide.” https://onlinedegrees.sandiego.edu/cybersecurity-analyst-career-guide/
University of San Diego, “How to Become a Security Auditor
[+ Career & Salary Guide].” https://onlinedegrees.sandiego.edu/cyber-security-auditor-career-guide/
University of San Diego, “How to Become a Cybersecurity Specialist
[+ Career & Salary Guide].” https://onlinedegrees.sandiego.edu/cyber-security-specialist-career-guide/
University of San Diego, “Is a Career as a Highly Paid Cybersecurity Consultant Right for You?” https://onlinedegrees.sandiego.edu/how-to-become-cybersecurity-consultant/
