Cybersecurity Salary: Job Outlook and Salary Statistics

With the increase in remote work and the rise of cloud computing, there are more cybersecurity threats than ever before. To address these threats, organizations need to hire cybersecurity professionals to test and secure systems. Unfortunately, according to the World Economic Forum, there's currently a shortage of three million cybersecurity workers worldwide.

Because of this shortage, cybersecurity professionals are in high demand and are highly compensated. In this article, we'll give you an overview of the cybersecurity field and current cybersecurity salaries. We'll also let you know how you can choose the best career path to maximize your earnings in cybersecurity and what certifications are most valuable. 

Table of Contents

Average Salary of Cybersecurity Professionals

According to data from Payscale, the average salary for all cybersecurity professionals is $92,000 per year. Cybersecurity is a broad field, so this includes salaries at the low and high end as well as from entry-level to expert positions. As with most fields, salary increases with experience and skill acquisition. There are so many possible roles in cybersecurity that it's hard to narrow down to one average salary. 

Some roles within the cybersecurity field include networking, software development, systems engineering, and more. Cybersecurity analyst is one of the most common roles. Payscale reports that the average salary for a cybersecurity analyst is $77,144. Entry-level cybersecurity analysts earn less, starting at an average of $64,732. Midlevel cybersecurity analysts who have five to nine years of experience earn an average of $89,441. Senior-level cybersecurity analysts with 10 to 19 years of experience earn an average salary of $101,901 yearly.

What Is the Highest Paying Job in Cybersecurity?

Cybersecurity architect is one of the highest paying jobs in cybersecurity. The average salary for a cybersecurity architect is $146,144 per year. Cybersecurity architects are senior-level professionals who plan, design, test, implement, and maintain an organization's network and computer security. To become a cybersecurity architect, you need skills in the following areas: 

  • Information security

  • Network security

  • Linus

  • Authentication

  • Information systems 

  • Cryptography

  • Information systems

  • Software development


IT auditor is one of the highest-paying entry-level cybersecurity careers, with an average salary of $105,600. An IT auditor analyzes and assesses a company's internal processes and performances to strengthen its cybersecurity. This role can be either internal or external. An internal IT auditor works to improve the control environment of their company, while an external IT auditor evaluates a company's control environment as part of an independent firm. IT auditors need skills such as: 

  • Internal auditing

  • Audit planning

  • Risk assessment

  • Information security


  • Accounting

  • Sarbanes-Oxley (SOX) compliance

  • Information systems

  • Business processes

Penetration and vulnerability testing is one of the highest-paid, mid-level cybersecurity roles. These are "ethical hackers'' who test security systems for vulnerabilities and find weaknesses before actual bad actors can take advantage of them. Penetration and vulnerability testers must be skilled in the following: 

  • Penetration testing

  • Information systems

  • Linux

  • Vulnerability assessment

  • Python

  • Java

  • Information security

  • Project management

  • Software development

How To Boost a Cybersecurity Salary

The best way to boost your salary in the cybersecurity field is through certifications, which you can often obtain from bootcamps. Depending on your current level and role, there are several directions you can take to advance your career.


An entry-level cybersecurity specialist can move up to the midlevel role of cybersecurity analyst with some of the following certifications: 

  • Certified Information Systems Security Professional (CISSP)

  • SANS certification

  • GIAC certification

  • Certified Information Systems Auditor (CISA)

  • CompTIA Security+

  • Certified Information Security Manager (CISM)

Midlevel cybersecurity analysts can take the next step to become cybersecurity managers by certifications such as: 

  • Certified Information Systems Security Professional (CISSP)

  • Certified Information Security Manager (CISM)

  • CompTIA Security+

  • Certified Information Systems Auditor (CISA)

  • SANS certification

  • GIAC certification 

IT Support

An entry-level IT auditor can advance to a cybersecurity architect with certifications such as:

  • Certified Information Systems Security Professional (CISSP)

  • Certified Information Systems Auditor (CISA)

  • IT Infrastructure Library (ITIL) Certification

Financial and Risk Analysis

After starting as an entry-level incident and intrusion analyst, the next step up in career advancement could be cybersecurity analyst and then cybersecurity engineer with certifications like: 

  • Certified Information Systems Security Professional (CISSP)

  • GIAC Certification 

  • Certified Information Security Manager (CISM)

  • Certified Information Systems Auditor (CISA) 

Systems Engineering

An entry-level cybersecurity specialist may choose to make cybersecurity analyst the next step on their career path by obtaining the following certifications: 

  • Certified Information Systems Security Professional (CISSP)

  • SANS certification

  • GIAC certification

  • Certified Information Systems Auditor (CISA)

  • Certified Information Security Manager (CISM)

What Cybersecurity Certifications Have the Highest Income Potential?

If you're looking to maximize your income potential, you'll need a combination of experience and certifications. Some of the highest-paying certifications include:

Certified Information Systems Security Professional (CISSP)

CISSP certification prepares you for planning and maintaining the security aspects of an organization's IT architecture, controls, and management. You'll need at least five years of experience to qualify, and you must have continuing education credits each year to maintain your certification. Once you have your certificate, you can expect to earn an average of $151,853 per year in jobs such as:

  • Chief information security officer

  • Security systems administrator

  • Information security assurance analyst

  • Chief information security consultant

  • Principal cybersecurity manager

  • Senior IT security operations specialist

  • Senior information security risk officer

  • Information assurance analyst

  • IT security engineer

  • Senior IT security consultant

Certified Information Security Manager (CISM)

CISM certification verifies your skills in designing and engineering security protocols and managing a company's overall IT security. As with the CISSP, you'll need five years of relevant work experience and continuing education credits to maintain your certification. However, with an average income of $149,246 per year, it's worth it. CISM certification qualifies you for jobs such as: 

  • Information system security officer

  • Information/privacy risk consultant

  • Information security manager

  • Security auditor

  • Systems and infrastructure manager 

CompTIA Security+ 

CompTIA Security+ is one of the most versatile and well-paying entry-level certifications for those just starting a cybersecurity career. It's also the ideal starting place if you plan to advance your career later. With a broad foundation of cybersecurity knowledge, you can earn an average of $81,100 with a CompTIA Security+ certification. Relevant positions include:

  • Systems administrator

  • Security administrator

  • Security specialist

  • Security engineer

  • Network administrator

  • Junior IT auditor

  • Junior penetration tester

  • Security consultant

The UMass Global Cyber Security Bootcamp prepares students to sit for the CompTIA Security+ exam, and provides a free voucher for the exam. 

Cybersecurity is one of the most rapidly growing professions, with many different career paths and entry points available. Whether you're interested in networking, penetration testing, or risk analysis, starting with a CompTIA Security+ certification can help launch your career. Enrolling in a bootcamp such as the UMass Global Cyber Security Bootcamp can give you the skills you need to pass your certification. 

In this bootcamp, you'll learn the six fundamentals of cybersecurity, including: 

  • Network security

  • Host-based security

  • Identity and access management

  • Security assessment and testing

  • Security operations

  • Application security

UMass Global's 100% online Cyber Security Bootcamp lets you learn when it's convenient for you, but you're never alone. You'll benefit from one-on-one support from a mentor, student advisor, and personalized career coaching to help you stay on track to finish your coursework in six months or less. Learn more about the full curriculum and find out how you can get started in the rewarding field of cybersecurity.