Whether you’re looking to launch a cybersecurity career or take your existing expertise to the next level, it can be inspiring — perhaps even a source of motivation — to get a clearer sense of some of the most lucrative cybersecurity jobs in this fast-growing field. In this guide, we’ll explore some of the top-paying jobs in the field, including the skills, education and experience needed to obtain them.
Professionals who possess advanced cybersecurity skills are in a “seller’s market” — one with zero percent unemployment as well as companies and government agencies competing for top talent.
“At the very highest levels, the right person can command over $400,000,” Paul Smith, vice president at PEAK Technical Staffing, told CSO. “The commercial industries are stealing people out of the NSA and CIA like crazy because corporations are having such a problem with foreign espionage. The demand for people who understand these threats has skyrocketed.”
That’s the result of a well-documented cybersecurity talent shortage with nearly 600,000 unfulfilled jobs in the United States annually. Some require very specific experience, while an industry certification or related master’s degree may help put others in reach.
10 Top-Paying Cybersecurity Jobs
Note: Salary estimates vary and are often adjusted in real-time based on changing data. In addition, these jobs are not ranked in any particular way.
This is the executive chiefly responsible for an organization’s information and data security, and in most cases, the bigger the organization, the bigger the paycheck. Salary.com lists the median salary as $233,507 with some making close to $300,000 or more.
While a few CISOs may earn a total compensation package close to half a million dollars, many start at a base salary around $275,000, according to Hunt Scanlon Media. But keep in mind that the salary range is broad and will depend on a number of factors, including the specific position, how much experience is required and the company itself.
CSO lists the CISO salary range at $105,000 to $264,000 with an average salary of $118,260. According to CSO, “a bachelor’s degree in computer science or a related field is typical for this role, at least 5 years in a management role, and familiarity with a host of security technology and practices, and knowledge of regulations that affect your industry and business.”
- Lead Software Security Engineer
ZipRecruiter cites the annual average pay for a Lead Software Security Engineer at $128,682, with top earners making as much as $179,000.
According to Infosec, almost 94% of businesses are on the cloud, which puts the global market at nearly $372 billion. Because of this, cloud security engineer careers are on the rise. Talent.com cites the annual average salary as $138,946, with higher-level cloud software security engineers earning around $177,000.
Cybersecurity is not just about tech wizards minimizing attacks and fending off hackers; there is also a constant flow of new and innovative technology solutions on the market. Most programmers enjoy coding, but higher pay prompts some to switch to sales. ZipRecruiter reports that the national average salary for cybersecurity sales engineers is around $115,000.
Noting that 22% of employers hiring for this position request a master’s degree, CyberSeek lists an average salary of $163,121. Top skills requested for this position include information and network security, cryptography, information systems and authentication. Senior cybersecurity architects make an average salary of $172,267, and salaries can range from $105,000 to $253,500, according to ZipRecruiter.
- Cybersecurity Manager/Administrator
Also known as information security managers and information systems security managers, professionals in this role earn salaries of between $150,00 and $225,000, according to Mondo. Key responsibilities typically include identifying potential areas of vulnerability, beefing up security to safeguard valuable company data and managing the information systems team.
The professionals performing this critical job are often called “ethical hackers.” More and more large organizations are hiring full-time employees or third-party contractors to infiltrate their computer systems to detect and address vulnerabilities that could be exploited by cybercriminals. CyberSeek lists the average salary for penetration and vulnerability testers at $101,662 and reports that 24% of those hiring seek an advanced degree.
This job is listed near the top of U.S. News & World Report’s lists of 100 Best Jobs, Best STEM Jobs and Best Technology Jobs, which cites a median salary of $102,600. It describes information security analysts as “the gatekeepers or security guards of information systems” due to their wide scope of responsibilities related to preventing, monitoring and responding to data breaches and cyberattacks. The U.S. Bureau of Labor Statistics reports that employment for this position is growing expected to grow 35% between 2021 and 2031.
- Application Security Engineer
Mondo puts an application security engineer’s salary range at $130,000 to $200,000. An application security engineer will secure all software and business applications and make sure that privacy and security constraints are built into software.
According to Mondo, “this role is crucial for any business looking to integrate software, like AWS or Azure into their day-to-day operations … Application Security Engineers have the experience and skill sets needed to ensure the security and stability of your internal and external applications, which helps prevent hackers or malicious systems from attempting to disrupt the integrity of your infrastructure.”
- Network Security Engineer
A network security engineer is responsible for network and security-related hardware and software, including firewalls, routers, virtual private networks and more. ZipRecruiter lists the national annual salary as $115,949 and the salary range from $58,000 to $168,000.
- Director of Information Security (IT)
According to Mondo, “directors need strong security skills, the ability to manage and mentor security staff, and a good understanding of the organizations in which they work. They need to know how the organization assesses risk so that they can allocate effort and resources accordingly.” Mondo lists the average salary of a director of IT security salary as $170,981 and the range at $123,000 to $237,000.
[RELATED] The Cybersecurity Jobs Report >>
Skills Needed to Succeed
There are a large variety of skills needed to succeed in a cybersecurity position, including:
- Computer programming and coding experience
- Network and security configuration knowledge
- Coursework in cloud computing infrastructure and services, computer programming in Java, network and security foundations and network and security applications
- Knowledge of encryption technologies
- Security incident handling and response
- Understanding of the latest threats, processes and strategies
- Effective communication skills
- Strong work ethic
Education requirements will vary by experience level and position, but most jobs will require a bachelor’s or associate degree in an IT or security-related field at a minimum. Businesses may prefer or even require a master’s degree or certifications, especially for top-paying cybersecurity jobs.
There are numerous cybersecurity certifications that can expand your knowledge and skills — and set you apart from other candidates. While some certifications are more specific and high-level, others are recommended for entry-level applicants. Some may even be required for certain positions. Here is a list of the most common:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Privacy Professional (CIPP)
- SANS/Global Information Assurance Certification (GISC)
- CompTIA Security+
- Certified Ethical Packer (CEH)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Cloud Security Professional
- GIAC Security Essentials (GSEC)
As we mentioned earlier, many top-paying cybersecurity positions typically earn anywhere from $100,000 to $200,000 — with some senior-level jobs paying as much as $400,000 or more. It’s important to note that your salary will depend on a number of factors, including the position itself, the company, where the job is located, associated responsibilities and how much experience is required.
Best Job Locations
According to ExoticCareers, the 10 best cities for cybersecurity jobs include:
- Huntsville, Alabama
- Washington, D.C
- Augusta, Georgia
- Des Moines, Iowa
- Raleigh, North Carolina
- Utica, New York
- Silicon Valley Cities
- Santa Barbara, California
- Denver, Colorado
- Austin, Texas
The criterion for this list is the geographic concentration of jobs in a city, not by size of the city. Washington, D.C. has the most cybersecurity job openings, and the states with the highest salaries are D.C, New Jersey, Maryland, Maine and New York.
The top 10 paying states for cybersecurity jobs are:
- Washington, D.C.
- New Jersey
- New York
- New Hampshire
It’s no secret that there is a major hiring push underway among organizations of all sizes now that the cybercrime epidemic is everybody’s business. As a result, information technology professionals and others who aspire to position themselves for success in this essential and fast-growing field are upgrading their skills by earning industry certifications and enrolling in advanced degree programs.
All in all, the world of cybersecurity offers significant opportunities to perform important and meaningful work, and to get paid well for doing it.
Additional Cybersecurity Careers You Might Be Interested In
Interested in a cybersecurity career? Here are some other popular options:
This report brought to you by the University of San Diego’s Master of Science in Cybersecurity Operations and Leadership, which is offered 100% online, and the online and on-campus Master of Science in Cybersecurity Engineering, which has been designated as a Center of Academic Excellence (CAE) program by the federal government. Colleges and universities that receive this designation have met rigorous requirements and are recognized for a robust curriculum that is aligned with the NICE Cybersecurity Workforce Framework.