Simply put, the world doesn’t have enough cybersecurity professionals—but what’s the truth about a cybersecurity salary? One survey shows salaries for security pros are about 16 percent higher than similar non-security IT jobs. In 2019 cybersecurity engineers were indeed the highest-paid and most-recruited IT role.

The pay is very competitive because the demand for skilled security workers is very high. Growth in security job postings is three times higher than in IT overall, according to Burning Glass Technologies. The Global Information Security Network Study predicts nearly 2 million open cybersecurity jobs by 2022. Cybersecurity Ventures predicts over 3 million unfilled jobs around the world by 2021.

But what is cybersecurity? It is the process of protecting internet-connected networks, software, and data from outside attacks that cause theft and damage. And it is a fast-growing market, expected to reach$170 billion by 2020. Why? Cybercrime will create $6 trillion in global losses by 2021, as estimated by CSO. Local governments, school districts, hospitals, and companies from Experian to Target have all suffered from high-profile—and extremely costly—cyber attacks resulting in massive security breaches and data theft.

PGP in Cyber Security With Modules From MIT SCC

Your Cyber Security Career Success Starts Here!View Course
PGP  in Cyber Security With Modules From MIT SCC

Jobs and Salaries in Cybersecurity

Professional Services, Finance, and Manufacturing and Defense are the leading business sectors for cybersecurity professionals. The most significant increases in demand for security workers are in Finance and Public Administration, which face the most sophisticated and ever-present threats, according to Burning Glass’s latest research.

Employers are moving from security as one role, among other responsibilities to security as an IT worker’s full-time focus. (And beyond compliance with best practices, risk management is becoming an in-demand skill as companies—especially in the Financial sector—respond to evolving cyberattacks.) They need to fill jobs ranging from security testers to analysts, developers to administrators.

  • Security Testers are often an entry-level role for skilled recent graduates and certified professionals, with starting pay around $80,000. Testers are not writing code but rather poking and prodding web apps, for example, to try to break into them.
  • Information Security Analyst has a median entry-level salary of about $90,000 (higher in California, New York, and Virginia), per the Bureau of Labor Statistics. An analyst could be poring over logs to find evidence of an intruder lurking on a network, and preventing attacks such as malware, viruses, denial-of-service, and website hacks.
  • Security Software Developers (or Application Security Engineers) must create new software to combat evolving threats. Today a particular focus is on apps that run in the cloud because more businesses are relying on distributed computing. Developers/Engineers have an average salary of $140,000 per data from Scout Exchange.
  • Security Systems Administrators protect networks and systems from the threat of unauthorized access. Ninety-two percent of malware is delivered via email, according to Verizon research, which leaves business networks constantly at-risk. The job averages $131,000 per year, according to Scout Exchange.
  • Information Security Manager ($120,000-180,000 annual salary) is a key position: securing all vulnerable data and managing the whole information security team.

FREE Course: Introduction to Cyber Security

Learn and master the basics of cybersecurityEnrol Now
FREE Course: Introduction to Cyber Security

Where is the Job Demand?

Of the cybersecurity positions expected in 2021, almost half a million will be in Europe, and nearly two million in the Asia-Pacific region–one million of those in India alone—according to Cybersecurity Ventures.

London is home to GCHQ, top universities, and the CyLon incubator, which itself has launched 83 cybersecurity startups since 2015. Yet the UK has a severe shortage of skilled IT security workers. There’s also strong demand in Canada, Ireland, Germany, Israel, and Nigeria.

In the United States, Virginia, Texas, Colorado, New York, and North Carolina are the top five states for IT security jobs. But the demand is nationwide: the New York Metro Area (20,000 openings), Maryland (15,000 unfilled jobs), Massachusetts (9,000 open jobs), Arizona (7,000 job openings).

Metro Philadelphia companies are looking to fill 10,000 jobs, and the market has a particular shortage of security skills in analysis, applications, and cloud computing.

San Diego alone has about 1,500 cybersecurity companies. San Antonio, with its combination of education and military institutions, is becoming known as Cyber City, USA. Texas is the state with the most potential for job growth in this industry.

Learn the types of attacks on a system, the techniques used, and more with the Certified Ethical Hacking Course. Enroll now!

Gaining the Needed Skills in Cybersecurity

Another reality is that today’s college graduates may not have what it takes to compete for these jobs. Not many colleges even offer dedicated programs in cybersecurity.

But almost six out of 10 cybersecurity positions ask for at least one certification (for IT jobs in general, it’s only two out of 10). Entry-level workers commonly need Security+ certification, while those with more experience can aim for CISSP, which requires five years’ experience in the field.

Simplilearn training gives IT professionals the certification they need to succeed in today’s job market.

  • CompTIA Security+ Certification enables you to install and configure systems to secure applications, devices, and networks; conduct threat analysis and execute the right mitigation techniques; participate in and support risk mitigation activities; execute all activities with a clear and accurate understanding of applicable laws, policies, and regulations.
  • Certified Ethical Hacking (CEH) Certification prepares you for a job as a computer network defense (CND) analyst, CND infrastructure support, CND incident responder, CND auditor, forensic analyst, intrusion analyst, or security manager.
  • CISSP Certification Training is designed in line with the (ISC)² CBK 2018 requirements. The training helps you learn how to define the architecture, and to design, build, and maintain a safe and secure business environment for your enterprise using globally approved Information Security standards.
  • CISA Certification Training, aligned with the latest 2019 edition of the CISA exam, will enhance your grasp of IS audit processes and also help you understand how to protect information systems.
  • The Cybersecurity Expert Master’s Program includes six courses and certificates; you will learn comprehensive approaches to protecting your infrastructure, including securing data and information, running risk analysis and mitigation, architecting cloud-based security, achieving compliance, and much more.

If you’re ready to give yourself a competitive edge on these high-paying cybersecurity jobs, sign up today to grow your career with professional-grade certification. To learn more about the latest in the cybersecurity world, check out our free resources here.

About the Author


Simplilearn is one of the world’s leading providers of online training for Digital Marketing, Cloud Computing, Project Management, Data Science, IT, Software Development, and many other emerging technologies.

View More
  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.