The cybersecurity analyst (CSA) talent shortage is being felt around the world, with thousands of positions going unfilled. Many organizations need to find, hire and retain such professionals and are even training members of the staff to fulfill these all-important roles. 

CSAs have a knack for vulnerability discovery and exploits. They are able to analyze security logs and gather info to decide if a particular security event or incident needs further investigation and are able to advise on planning and prepare against attacks, breaches and any malicious attempts at compromising the company’s data. To be in such a role, one must have proven skills and abilities as an analytical problem-solver and even some creativity — in addition, of course, to information systems and network knowledge.

CSA positions are currently so enticing that many professionals with computer science degrees are retraining and pursuing professional certifications that can take their career (and income) to the next level. The CySA+ cert offered by CompTIA is a way to be certified in the field and become proficient in the required duties. Becoming a qualified CSA can open a number of doors both professionally and financially.

Salary info for a cybersecurity analyst (aka information security analyst)

Today, as a cybersecurity or information security analyst, you will enjoy a respectable salary and a particularly rapid job growth. In fact, employment projections by the U.S. Bureau of Labor Statistics (BLS) Occupational Outlook Handbook for the period between 2016-2026 show that this is amongst the top occupations, with the highest percent change (28.5%). Professionals are also earning one of the highest median annual incomes ($98,350 per year or approximately $47.28 per hour, as of May 2018). They can also enjoy an above-average rate of upward mobility for this occupation, as recently shown by U.S. News & World Report ranking this profession high on its list of the 100 Best Jobs.

An entry-level cyber security analyst could make $67,000 per year, while a mid-career professional might earn as much as $82,000. With 15 years of experience, a professional may be paid a salary up to $98,000. Though projections vary: according to PayScale, “an experienced Cyber Security Analyst with 10-19 years of experience earns an average total compensation of $100,261 based on 354 salaries. In their late career (20 years and higher), employees earn an average total compensation of $111,590.”

The pay obviously varies greatly based on a worker’s expertise and qualifications, as well as location and sector of employment.

Salaries by state (and best-paying cities)

The salary potential for a security analyst and number of employment opportunities will vary depending on geographic location.

As stated by PayScale, those who look for a job in New York as a cybersecurity analyst can earn an average of 18.4% more than the national average; in Tampa, Florida, they can look at 12.6% more, and in Huntsville, Alabama, they can look at 10.5% more). The lowest salaries can be found in Dallas, Texas (12.0% less than the national average) and San Antonio, Texas (8.2% less).

The Occupational Employment Statistics (OES) data include New York, where those in this occupation can earn $58.65 as an hourly mean wage and $122,000 for an annual mean salary. In Florida, it’s possible to make $44.21 per hour and $91,950 a year. As for the states with the highest concentration of jobs, there is the District of Columbia with a $56.77 hourly wage and $118,080 annual salary, or Virginia that has professionals earning $53.74 per hour and $111,780 annually. Those in California could earn $53.05 as an hourly mean wage and $110,340 for an annual mean salary. 

Note: You will find the OES data a useful source, as it maps employment and wages by state and area.

Salary by skills and certification options to boost your salary 

To earn a higher salary, one must have an array of skills relevant to the job. Proven abilities and appropriate certifications are viewed favorably by employers who are interested in candidates that not only have the proper education to fill their positions but somehow prove their specific competencies and experience. CSAs need to demonstrate their knowledge and expertise in one or more of the following tasks:

  • Employing advanced problem-solving analytical skills to troubleshoot alerts and provide post-incident analysis
  • Performing vulnerability testing on systems to look for suspicious or anomalous activities that could lead to lost or stolen data
  • Carrying out an audit on system vulnerabilities to expose and resolve any weaknesses in altering security controls for future prevention of cyberthreats or attacks

Gaining professional qualifications is essential for some jobs, and certifications such as the CompTIA CySA+ credential set the benchmark for what a cybersecurity analyst needs to know. Certs like these are an excellent way to acquire specialized knowledge and improve your understanding of all topics that such a professional in the field should master and, most importantly, prove employers that they have current, up-to-date skills and education. The certification can validate professionals’ foundation-level knowledge and skills necessary for a successful career in the field. This might help them earn a higher salary in addition to securing a position.

IT practitioners looking to gain security analyst skills might find the CompTIA CySA+ is the right certification to achieve cybersecurity mastery and to grow in a career. What’s more, certifications like the CySA+ make cyber-professionals more attractive to employers: those who are certified could earn up to $119,588 per year, according to 2018 figures.

This “IT workforce certification applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats,” according to CompTIA, and it is appropriate for professionals who are just getting started or that are ready to expand their skills and knowledge. The CompTIA CySA+ certification can help them display their capabilities and abilities to detect threat-relevant patterns of events; this is key, as no organization can ever be fully protected by cyberattacks (malware, denial-of-service attacks and hacks).

Average salary of a CSA job compared to other related occupations 

Let’s now look at the 2018 CSA pay compared to the average salaries in this line of work, or a related field according to BLS:

  • An information security analyst (average salary = $98,350) has duties that include planning and implementing security strategies to protect a company’s network and systems. This entry-level job typically also requires the investigation of security breaches. This occupation has a 28% (much faster than average) prospective increase in the 2016-2026 decade and normally requires less than five years of related experience.
  • A computer systems analysts (average salary = $88,784) is sometimes called systems architects and is responsible for analyzing an organization’s current computer systems and procedures. They’ll also propose solutions for better and more efficient operations. This sector has a 9% (as fast as average) prospective increase in the 2016-2026 period and might not require IT experience, as candidates sometimes come from the business world
  • A computer network architect (average salary = $109,020) designs and builds data communication networks, from smaller LANs to cloud infrastructures. This occupation has a 6% (as fast as average) prospective increase in the 2016-2026 timeframe and five years or more of experience


While the cybersecurity job market continues to increase its size, the industry is facing a massive skills shortage. Nowadays, certain skills will pay more because they are more valuable to employers.

As a subdomain of IT, cybersecurity ensures some of the highest returns, with the median base salary of a cybersecurity professional in the U.S. of over $90,000. It has tremendous growth potential, especially in positions of analysts. 

So do you have what it takes to become an entry-level cybersecurity analyst and earn the credentials that will allow you to earn a good salary while working in one of the fastest-growing industries in the U.S.?

As pay is commonly based on competence, experience and other factors such as level or education, qualification and everyday duties, it is important for professionals to consider all credentialing opportunities to increase their employability and salary potentials. With a faster-than-average growth potential, the cybersecurity or information security analyst field is definitely a good choice today for newer recruits or professionals aspiring to a career change.



  1. Cybersecurity Jobs and Salaries,
  2. Cyber Security Salaries in the United States,
  3. Average Cyber Security Analyst Salary, PayScale
  4. How To Become A Cybersecurity Analyst,
  5. CompTIA CySA+, CompTIA, Inc.
  6. Cyber Security Analyst: Salary, Job Description & Duties,
  7. The Average Salary of Cyber Security, Chron
  8. Information Security Analyst Overview, U.S. News & World Report
  9. Information Security Analysts, U.S. Bureau of Labor Statistics
  10. Information Security Analyst II Salary in the United States,
  11. Is the CompTIA CySA+ Worth It? Cost, Comparison, Benefits,

Be Safe

Section Guide


View more articles from Daniel

Earn your CySA+ the first time with Infosec and pass your exam, GUARANTEED!

Section Guide


View more articles from Daniel