Cybersecurity Analyst Salary Guide: Entry to CISO Pay Scale

2 minute read

Long read

Information security analysts earned a median salary of $120,360 in May 2024 (BLS), with projected 33% job growth through 2033 — the fastest of any major occupation. Senior and executive cybersecurity roles exceed $200,000.

What cybersecurity pay looks like by level and role

Salary Overview

Cybersecurity compensation scales steeply with experience and certification. Entry-level SOC analysts start at $65,000–$85,000, while senior security engineers earn $140,000–$180,000. CISOs at mid-to-large organizations earn $200,000–$400,000+.

Certifications (CISSP, CISM, CEH, CompTIA Security+) are often required for advancement and carry measurable salary premiums of $10,000–$30,000 above non-certified peers.

Salary by Role and Experience

RoleMedian SalaryTop 10% SalarySOC Analyst (entry)$65,000–$85,000$100,000+Security Engineer (mid)$110,000–$140,000$170,000+Senior Security Engineer$140,000–$180,000$220,000+Security Architect$150,000–$200,000$250,000+Penetration Tester$100,000–$140,000$180,000+CISO$200,000–$350,000$400,000+

Return on Investment Analysis

A CS or cybersecurity degree costs $40,000–$100,000. With a median salary of $120,360 and 33% projected growth, the payback period is typically 1–2 years — one of the fastest in any STEM field.

Certification-only paths (CompTIA Security+ → CySA+ → CISSP) cost $5,000–$15,000 in exam and study fees, offering even faster ROI for career changers with IT experience.

Factors That Affect Earnings

Certification — CISSP alone adds $20,000+ in average premium
Clearance — TS/SCI adds $15,000–$30,000 in government and defense
Specialty — cloud security and application security pay above average
Industry — finance and defense pay more than general corporate
Remote work — many cyber roles are fully remote with competitive pay

Career Growth Timeline

Years 0–2: SOC analyst or junior security engineer, $65,000–$90,000
Years 3–5: Security engineer + CISSP, $110,000–$150,000
Years 5–10: Senior engineer or architect, $150,000–$220,000
Years 10+: CISO or VP Security, $200,000–$400,000+

Geographic and Industry Variation

Washington DC metro (including Northern Virginia) leads cybersecurity pay due to federal and defense demand. San Francisco, New York, and Boston follow for private-sector roles.

Remote cybersecurity roles have expanded access to high-paying jobs from any location. Geographic pay adjustments are less common in cyber than in general SWE due to talent scarcity.

Key Takeaways

Cybersecurity analyst median: $120,360 with 33% projected growth
CISSP certification adds $20,000+ in average salary premium
CISO roles pay $200,000–$400,000+ at mid-to-large organizations

Sources

BLS May 2024 OES
Levels.fyi
Glassdoor

Find my College

Invalid First Name

Invalid Last Name

Invalid Email Address

Invalid Phone Number

Invalid Zip Code

By checking this box, I consent to representatives of Education Directory to contact me about educational opportunities via email, text, or phone, including my mobile phone number using an automatic dialer. Message and data rates may apply. I understand that my consent is not a requirement for enrollment, and I may withdraw my consent at any time.

🔒 Your information is secure and only used to match you with relevant programs.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Usually takes less that 5 minutes to get results

Conclusion

Cybersecurity offers the rare combination of high starting pay, rapid growth, and genuine talent scarcity. Certifications are the clearest path to salary advancement, and the field rewards both technical depth and leadership breadth.