Cyber Security Salary in US: [Average to Highest]

Cybersecurity is one of the most trending career domains right now. Stats from the New York Times show that the cybersecurity industry would have 3.5 million unfilled jobs globally by 2021. 

Many chief information insecurity officers across the globe are worried about the skills gap in cybersecurity. Around 58% of CISOs participating in a study believed that the issue of not having enough expert cybersecurity professionals would worsen in the coming years.

While this is an imminent challenge for companies and organizations in the cybersecurity domain, it is also a fantastic opportunity for aspirants. Why, you ask? 

When there’s so much demand for a specific skill, companies pay generously for qualified skills and talent. Cybersecurity is one such skill. With high market demand and a low supply of the right talent, cybersecurity candidates can bag well-paying job roles across different sectors. 

Top Jobs with the Highest Cyber Security Salary in the US 

As we stated, most cybersecurity roles are accompanied by hefty annual salaries. Here are some of the top positions in the field that you should look out for:

1. Cybersecurity Analyst 

The average salary of a cybersecurity analyst in the US is $76,603 per year. Pay in this field starts from $53,000 per annum and goes up to $117,000. Shared profits for this role can go as high as $15,000. 

Experience matters a lot here. Entry-level cybersecurity analysts earn 17% below the median, whereas early-career cybersecurity analysts 6% below the average. On the other hand, late-career professionals in this role earn 32% more than the average, while experienced professionals earn 48% more. 

A cybersecurity analyst with less than a year’s experience earns $63,000 per annum on average. Similarly, those with one to four years of experience earn $72,000 per annum on average. Experts with five to nine years of experience earn $88,000 per year on average, while those with 20+ years of experience make around $114,000 per annum. 

What does a Cybersecurity Analyst Do? 

A cybersecurity analyst is responsible for protecting their organization’s systems and network from cyber threats. Thus, they must stay updated with all the industry trends and design contingency plans for different situations. 

Cybersecurity analysts review suspicious activities, report security breaches, and train the organization’s staff members on best security practices to safeguard the company’s networks, servers, and systems. 

2. Cybersecurity Engineer

Cybersecurity engineers earn an average pay of $96,947 per annum. Their salaries start from $67,000 per year and go up to $138,000 per year. Shared profits for this role go up to $12,000, while bonuses may go up to $16,000, depending on various factors. 

Entry-level cybersecurity engineers earn 22% less than the average, while late-career ones earn 22% more than the average. Experienced cybersecurity engineers earn 30% more than the average. 

Popular skills for this role are security testing & auditing and security risk management. 

What does a Cybersecurity Engineer do? 

A cybersecurity engineer is responsible for designing and implementing secure network systems for their organization. They have to design solutions that match the company’s unique requirements and protect sensitive data/systems from cyber-attacks and threats. Cybersecurity engineers also have to test and monitor their implemented systems to ensure they operate optimally and protect the network from all the latest threats. 

Due to the unique nature of their profession, cybersecurity engineers must continually upskill in their domain and get familiar with the latest developments in the industry. 

3. Information Security Officer

An information security officer earns an average pay of $92,573 per annum on average. Their salary starts from $59,000 per annum and goes up to $136,000 per annum. Bonuses in this field go up to $21,000 and shared profits go up to $9,000. 

A fresher in this field with less than a year’s experience makes $67,000 per annum while those with one to four years of experience $77,000 per annum on average. Similarly, information security officers with five to nine years of experience make $92,000 per annum on average and those with 20+ years of experience make $116,000 per annum on average. 

What does an information security officer do?

An information security officer is responsible for implementing and monitoring the organization’s security policies, requirements, and compliance. They also oversee the training, policies, practices, and audits to make sure all the systems operate safely and securely. They identify risks by software, role, and information type to define the optimal mitigation strategies. 

Information security officers must ensure that the organization’s data remains secure. Thus, they employ effective solutions that prevent hackers or any other malicious technologies from compromising the organization’s data integrity. 

Information security officers have to create update schedules and configure the necessary scripts to make the deployment processes faster. They create security checks to help deter malware, spyware, and hackers. 

4. Information Security Manager

An information security manager earns an average salary of $117,217 per annum on average in the US. Their pay starts from $79,000 per annum and goes up to $152,000 per annum. Bonuses in this field go up to $24,000 while the shared profits can go up to $15,000. 

Information security managers with less than a year’s experience earn $84,000 per annum on average while those with one to four years of experience make $94.000 per annum on average. Moreover, professionals in this field with 10 to 19 years of experience earn $122,000 per annum on average. 

What does an Information Security Manager do? 

An information security manager has to maintain security protocols in their organization. They have to create different strategies for their organization to increase their internet security. They might also have to handle the different cybersecurity implements of their organization’s various projects. 

Information security managers are responsible for creating and executing policy, auditing plans, and identifying the security risks their organization faces. They lead the security training procedures at their company and are responsible for communicating the cybersecurity policies. 

Information security managers have to help migrate information assets into secure and compliant systems. They also oversee the company’s security testing platforms. 

5. Chief Information Security Officer

The most revered career in the cybersecurity industry is CISO, also known as a chief information security officer. It is a dream role for many. 

The average pay of a CISO in the US is $165,391 per annum. Their pay starts from $105,000 per annum and goes up to $229,000 per annum.

CISOs with less than a year’s experience in the field earn $106,000 per annum on average. On the other hand, a chief information security officer with one to four years of experience earns an average salary of $123,000 per year. Those with five to nine years of experience in this role earn $130,000 per year while those with 20+ years of experience make $180,000 per year on average. 

What does a Chief Information Security Officer do? 

A chief information security officer oversees and monitors the complete cybersecurity infrastructure of their company. They maintain standards, policies, and procedures to protect the integrity and privacy of the organization’s data. CISOs are also responsible for evaluating, reporting on, and suggesting new ideas for safeguarding the company from any potential security threats. 

CISOs usually work with a team of cybersecurity professionals to develop the necessary solutions to protect the organization. They also create contingency plans for managing any data or security breaches. In addition, CISOs supervise the development and implementation of security protocols and procedures. 

How to Start a Career in Cybersecurity? 

If you’re interested in earning a cybersecurity salary, it would be best to enrol in a cybersecurity course. Since cybersecurity roles are highly specialized ones, each with its unique job description and skills, a professional certification program will help you become a job-ready cybersecurity expert. Plus, completing a cybersecurity course will give you the upper hand over your non-certified peers. 

The course lasts for 7.5 months and, in the final four weeks, includes a capstone project so you can understand the applications of the skills you learn during the program. You’ll learn the fundamental and advanced concepts of cybersecurity implementations during this program directly from industry experts. This course provides you with 250+ hours of study material and offers 1:1 mentorship sessions with experts. 

At upGrad, we offer the Advanced Certificate Program in Cybersecurity in partnership with the International Institute of Information Technology Bangalore. We take pride in the fact that our learner base includes over 40,000 paid learners hailing from 85+ countries. Hence, if you opt for this global course, you will enjoy the experience of peer-to-peer. Not to forget, the course will make you ready to explore job opportunities in the international market. 


The global demand for cybersecurity professionals is rising because companies are migrating to the cloud and are using more digital technologies to optimize their operations. If you’re interested in pursuing a career in this field, be sure to check out the course we mentioned above. 

Although it may seem daunting, bagging a lucrative role in cybersecurity isn’t rocket science. All you need is a passion for upskilling and a little professional guidance from industry experts and mentors. Once you master the fundamentals of the domain and gain the requisite skills, you will have a much better chance of becoming a cybersecurity expert at a reputed organization. 

Lead the Technological Revolution With upGrad

0 replies on “Cyber Security Salary in US: [Average to Highest]”