How Much Money Does a Cyber Security Specialist Make?


It is well known that people in the information technology industry earn far more than those in most other professions. The median wage in the IT business is twice as high as the overall average wage in the US, according to the CompTIA Cyberstates guide to the tech economy. This is true across the board in the IT industry, including cybersecurity. But how much money does a cybersecurity expert make?

Cybersecurity is a broad phrase that encompasses a wide range of job titles in the technology industry. Each role has a separate compensation range, from pentester to information security analyst to security engineer to chief information security officer. Your personal earnings will be determined by a variety of criteria, including your degree of education and experience, the type of industry your company is in, its size, geographical location, and more.

All of the salary averages in this post come from Glassdoor, a popular site for comparing and contrasting companies and employers, Payscale, a startup that helps manage employee remuneration, and the US Bureau of Labor Statistics (BLS), which provides accurate wage records.

Salary Factors

Education and experience are both important.

Education is an important aspect of a cybersecurity specialist’s résumé that will influence how much money they make.

A cybersecurity specialist’s work is critical to a business since they deal with data loss prevention and data protection in general, security incidents, risk assessment, and fending off digital attacks. Employers prefer to have proof that their experts know what they’re doing, such as a bachelor’s degree in computer security or a similar discipline. Computer science, data administration, network administration, and other related fields are examples of related fields.

While a bachelor’s degree may be required for entry-level positions in the IT security sector, a master’s degree is not required. Only 23% of tech workers with a master’s degree or higher felt that their advanced degrees helped them earn more money.

In comparison, even if you are just starting your cybersecurity job, having experience is always beneficial. Your beginning wage will be lower if you don’t have much experience. Your superiors will be more inclined to give you a raise if you improve your abilities and get more knowledge (both theoretical and practical).

Job titles in the IT business are typically classified as ‘junior’ or’senior’ based on experience. Even if their job descriptions are similar, a junior security analyst will be paid less than a senior security analyst.

Type of business

Despite the fact that this article focuses on the IT industry, a person can work in IT in a variety of other businesses. No matter what type of business a company undertakes, computer security is critical.

The aerospace and defence, communications, public relations, advertising, pharmaceutical, medical, biotech, government (military and homeland security), and system and VAR integration industries pay the highest average salaries for IT experts and, as a result, cybersecurity specialists. In these businesses, the identical IT job position is likely to pay more than in other areas.

Size and revenue of the company

Average salary estimations are also influenced by the organization’s size and profitability. At principle, finding a position in a relatively small firm with significant income (less than 100 or, even better, less than 50 employees) would be a terrific option. Most certainly, your cybersecurity compensation would be greater than the industry average.

However, no matter how successful a small business is, it will never be able to generate the same amount of profit as a large organisation.

The problem with large corporations is that they employ hundreds of thousands, if not tens of thousands, of people all over the world. As a result, they are more likely to provide lower starting pay than their smaller counterparts. The beginning compensation for a cybersecurity professional at companies like Google, CISCO, Amazon, and others is not outstanding.

Your yearly compensation at one of these conglomerates will be higher than at other organisations once you have enough experience and reach senior position. Not to mention that some of them, like Google, give their employees stock in the firm that they may sell at any time.

The location of the company

The IT business has a distinct advantage in this era of working from home and social isolation. As long as they have a strong internet connection, most computer workers can work from home without trouble. Remote IT work is slowly but steadily becoming the norm in the IT industry.

While where you work as an employee is unimportant, the magnitude of your salary will be determined by where your firm is located. A tech career in Washington, DC does not pay the same as a similar job in San Francisco, CA. In fact, because Silicon Valley is arguably the worldwide heart of technology, typical tech incomes are highest in the San Francisco area.

In 2019, the typical income for a tech worker in San Francisco was $145k per year, $138k in Seattle, WA, $133k in New York, NY, $117k in Denver, CO, and ‘just’ $113k in San Diego, CA.

IT Security Salaries on the Average

Finally, the income you earn will be determined by the cybersecurity position you occupy. Here are the median cybersecurity wages for some of the most common job titles, which will help you understand how much a cyber security professional, as well as other cyber security roles, would earn:

Analyst in Computer Forensics

Despite the fact that this job looks interesting and represents a dynamic work environment, it is one of the lowest-paid positions on our list. According to Glassdoor, a computer forensics analyst earns an average of $57,755 per year, and $73,892 per year according to Payscale.

Specialist in Cyber Security

The post of cybersecurity specialist is considered entry-level. This occupation is also known as a computer security specialist or an information security specialist. In the United States, average incomes for this career range from $69,123 to $76,336 per year.

Analyst for Information Security

Information security analysts typically make more money than cybersecurity specialists. An information security analyst earns an average of $99,730 per year, or $47.95 per hour, according to the US Bureau of Labor Statistics. Based on 4.595 anonymous salary submissions from information security analysts across the United States, Glassdoor lists an average yearly income of $76,410 for the same position.

According to the Penetration Tester (Pentester) Payscale, a pentester’s compensation ranges from $52k to 137k. This aligns with Glassdoor’s results, which show that the typical pentester earns $69,123 per year.

Security Engineer According to Glassdoor, cybersecurity and data security engineers earn an average of $99,834 per year. These figures match those found on Payscale, where the average yearly security engineer pay is $91,598.

Keep in mind that a network security engineer earns less than the positions listed above – on average, $79,686 per year.

Security Architect

Security architects earn six-figure salaries thanks to their highly specialised skills and broad list of responsibilities. The typical base compensation for a security architect is $106,362, according to Glassdoor, and $124,051 according to Payscale.

Officer in Charge of Information Security (CISO)

Given that the chief information security officer is a senior executive-level role, the average base compensation is $179,763.


So, how much does a cyber security expert earn? This is a difficult question to answer. The typical compensation for this difficult work is determined by a number of factors. It is directly related to an employee’s level of education and years of experience. If you’re interested in working for a huge, well-known corporation, keep in mind that your beginning wage will be low at first.

Not every part of the United States has the same average income, which should be included into your decision. (Don’t forget to account for the cost of living in various parts of the country.)

Finally, a cyber security specialist’s position is just the beginning. You can then construct out your own professional path based on your preferences and skillsets. There’s no reason why you shouldn’t command a six-figure income in the future if you work hard, get computer security training, interact well with your team, and demonstrate that you’re a benefit to your company.

Jennifer Thomas
Jennifer Thomas is the Co-founder and Chief Business Development Officer at Cybers Guards. Prior to that, She was responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services.