Is Cybersecurity well paid?

Home / Career / Is Cybersecurity well paid?

Source @TheDigitalArtist

Cybersecurity is one of the fastest growing STEM fields of the 21st century. Cybercrime is predicted to be worth well over $6 trillion dollars in 2021 and companies globally are investing billions of dollars to protect their businesses, which in turn creates a big demand for skilled cybersecurity professionals. The average salary for a cybersecurity professional in the US is around $116,000 (85,000 – 120,000 depending on the source) while the average US salary was about 40,000 in 2019. A difference of 45-80K, which makes it one of the highest paying industries. The demand for cybersecurity is growing 12 times faster than the US job market, which suggests that not only will unemployment remain at zero but due to basic supply and demand there’s a good chance that salaries will increase as the demand for cybersecurity professionals grows.


Cybersecurity Venture predicts that by 2021 there will be 3.5 million new cybersecurity jobs, with a shortage of about 1.5 million. Many people have either experienced or known someone that has gone to college, paid thousands of dollars for a degree and is unable to find a job in that field years after they graduated. It’s important to pick a career that will not only pay well once you’re in the field but is easy to get into, that way you can avoid being unemployed like so many other people that graduate university/college and start making money sooner.

Top Jobs and Salaries

Penetration Tester: This is the professional name for a full time computer hacker. Penetration Testers are paid to try to hack into infrastructure, websites, web apps etc. They are in demand as a means for companies to test their security and see where they need to improve, also many compliance regulations mandate that companies have these tests performed on a regular basis which increases the overall demand. While Penetration Testers can make a good salary, they can make a lot of money from freelance work (bug bounty programs) using platforms like Bugcrowd and Hackerone, which makes it more flexible than most other career paths. 

Cybersecurity Lawyers: Everyone knows that lawyers are one of the most well paid and prestigious career choices. But one thing that is better than a lawyer, is a lawyer with a unique and in demand speciality. Cybersecurity is all about protecting confidential information, which in many cases is governed by privacy laws, industry regulations, questions of ownerships and responsibility etc. There’s a big demand for lawyers that understand cybersecurity issues, privacy laws and can even go to court to provide expert testimony if needed. 

Cybersecurity Sales Engineer: Sales is the driving force of all businesses, businesses make money whenever they sell their products or services. For many companies cybersecurity is no different, many companies sell cybersecurity software or services and they need people that are knowledgeable about the field to sell those products. If you have a solid understanding of cybersecurity issues that your potential customers are experiencing and the sales skills to demonstrate to the customers why your company’s product is the right solution, you can make a lot of money being a sales engineer. Not only can you have a high salary, but most sales roles include some type of commission, which greatly increases the total amount of money you can make as a sales engineer. Sales engineers make between 180,000 to $220,000.

Security Architect: A computer architect designs and builds computer networks so that the business can function. It’s important that security is integrated into the design of the network rather than trying to add it on after the fact, so having a good understanding of architecture and security practices is a good speciality to have. Computer architects have a median salary of about $110,000. 

How to maximize your salary in security

All indications suggest that cybersecurity will continue to be a well paying field well into the future. However, just because the field is high paying doesn’t necessarily mean that everyone in the field will enjoy a high paying salary and career. It’s going to depend on what you do and how well you can stand out within the field. Here are some tips on how to make the most of the security field:

Specialization: Specialization allows you to command a better salary than being a generalist, especially in a field like cybersecurity where you don’t need to be concerned of a lack of opportunity. I would suggest picking a niche and focusing on learning the ins and outs of that area, this will make you more unique, harder to replace and ultimately allow you to command a better salary because of the specialized knowledge you possess.

Market Yourself: The more you market yourself as an expert in an area, the more opportunity you will receive. It’s also good to have portfolios that demonstrate your knowledge in an area, this can be a website, a blog, a Github portfolio, youtube channel etc. You want to get to the point that you have inbound marketing, meaning that rather than you having to go out and apply to jobs or for work from clients, people are finding you and soliciting you for work. Inbound marketing will allow you to negotiate for higher salaries and bill out higher rates than if you go out and apply for work.

Learn to Negotiate: 84% of people that negotiate their salary during the job interview process get a higher pay. It’s important to get comfortable with negotiating your salary in order to maximize your profit throughout your career.

Location: Geographic location can play a huge part in how much money you can make. Some areas have higher demand, higher cost of living and other factors that cause them to pay higher salaries for certain professions. Some cybersecurity in particular some areas you want to look at are Washington DC, Texas, New York, Colorado, California and San Francisco.