CySA+ salary and job data [Updated 2021]

January 15, 2020 by Daniel Brecht

The cybersecurity analyst (CSA) talent shortage is felt around the world with positions going unfilled. Many organizations are in need to find, hire and retain such professionals and are even training members of the staff to fulfill these all-important roles, as mentioned in the (ISC)² 2020 Cybersecurity Workforce Study.

CSAs have a knack for vulnerability discovery and exploits. They are able to analyze security logs and gather info to decide if a particular security event or incident needs further investigation and are able to advise on planning and prepare against attacks, breaches and any malicious attempts at compromising the company’s data. To be in such a role, one must have proven skills and abilities as an analytical problem solver and even some creativity. This is in addition, of course, to information systems and network knowledge.

CSA positions are so enticing that many professionals with computer science degrees are retraining and pursuing professional certifications that can take their career (and income) to the next level. In a world where the protection of data is paramount for the wellbeing of any companies, competent CSAs can expect to receive the higher end of the average salary range especially when they can prove developed strategic thinking and in-depth cybersecurity analytics capabilities.

The CompTIA CySA+ is a way to be certified in the field and become proficient in the required duties. Employers usually prefer to hire analysts with experience, so becoming a qualified CSA can open a number of doors both professionally and financially.

Salary potential for cybersecurity analysts (aka information security analyst)

Today, as a cybersecurity analyst, you will enjoy a respectable salary and a particularly rapid job growth. In fact, the employment projections by the US Bureau of Labor Statistics (BLS) convey that information security analysts earn a median annual salary of $99,730 as of 2019 (with a range of $57,810 to $158,860), and this field is projected to grow 31 percent from 2019 to 2029. Between 2018 and 2028, an estimated 35,500 jobs should open up, per a U.S. News Money report, while actually, for the same period, CompTIA projects “an increase of 32 percent for information security analysts, with 112,300 net new jobs expected during that 10-year period.” And with the job demand for information security analysts expected to grow by 4% within the next year and by 16% by 2025, as the CompTIA Tech Town data also illustrates, salary offers might actually increase accordingly.

According to, “the average Entry Level Cyber Security Analyst salary in the United States is $69,884 as of November 25, 2020, but the salary range typically falls between $63,695 and $76,593.” Of course, the salary will depend on many important factors, including education, certifications, additional skills and the number of years spent in this profession. For example, a mid-career professional might earn as much as $88,047; those with 15 years of experience may be paid a salary up to $101,133; and a late-career CSA (20 years and higher) could make as much as $112,190, as per PayScale.

As per, the national average salary for a cybersecurity analyst is $86,951 per year and employment “is expected to grow 55% in computer systems design and related services in response to the increased adoption of cloud services by small- to medium-sized businesses.” In addition, the finance and banking industry is expected to have the greatest demand for such professionals.

Cybersecurity analyst salaries by state (and best-paying cities) 

The demand for a security analyst and number of employment opportunities will vary depending on geographic location.

Here’s some high-paying cities for Information Security Analysts in the United States, according to

  • Washington, DC: $119,481 per year
  • Boston, MA: $100,944 per year
  • Dallas, TX: $99,528 per year
  • New York, NY: $99,200 per year
  • Atlanta, GA: $96,867 per year
  • Austin, TX: $83,887 per year

Of course, there are other areas that pay quite well too. For example, the average salary in Seattle, WA is $94,833; in California, it’s $102,249; and in Colorado, $110,722.

According to CompTIA IT Salary Calculator, “cybersecurity analysts and engineers have salary that range from $57,000 to $158,000, with an annual median figure of $99,730.” Looking at Columbus, Ohio, for example — since it ranks no. 1 on the CompTIA Tech Town cost of living list — the overall median salary for a mid-level cybersecurity analyst or engineer is $94,720, while it is $115,900 in Washington DC.

Skills and certification recommendations to boost your salary 

To earn a higher salary, one must have an array of skills relevant to the job. Those with networking proficiencies, for example, could earn up to +24.57% more; whereas familiarity of firewalls might be paid +57.59% more than the average base salary, according to 

Proven abilities as an information security analyst and appropriate certifications, such as the CompTIA CySA+, are viewed favorably by employers that are interested in candidates that not only have the proper education to fill their positions but that can somehow prove their specific competencies and experience. CSAs need to demonstrate their knowledge and expertise in doing one or more of the following tasks:

  • Employing advanced problem-solving analytical skills to troubleshoot alerts and provide post-incident analysis.
  • Performing vulnerability testing on systems to look for suspicious or anomalous activities that could lead to lost or stolen data.
  • Carrying out an audit on system vulnerabilities to expose and resolve any weaknesses in altering security controls for future prevention of cyber threats or attacks.

Gaining professional qualifications is essential for some jobs, and certifications such as the CompTIA CySA+ credential set the benchmark for what a cybersecurity analyst needs to know. They also represent an excellent way to acquire specialized knowledge, understand all topics that a professional in the field should master and, most importantly, prove employers current, up-to-date skills and education. The certification can validate professionals’ foundation-level knowledge and skills necessary for a successful career in the field. This might help earn a higher salary in addition to securing a position.

IT practitioners looking to gain security analyst skills might find the CompTIA CySA+ is the right certification to achieve cybersecurity mastery and to grow in a career in high demand. What’s more, certifications like the CySA+ make cyber professionals more attractive to employers; those who are certified could earn anywhere from $52,000 to $117,000 per year, according to PayScale figures.

This “IT workforce certification applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats,” writes CompTIA. It is appropriate for professionals who are just getting started or that are ready to expand their skills and knowledge. The CompTIA CySA+ certification can help them display their capabilities and their ability to detect patterns of events that indicate a possible threat or vulnerability. No organization can ever be fully protected from cyberattacks. 

Average cybersecurity analyst salary compared to other related occupations 

Let’s take a look at PayScale’s most common career paths for Cyber Security Analyst and potential annual earnings.

  • Information Technology (IT) Manager: $55,000 to $134,000
  • Cyber Security Engineer: $67,000 to $138,000
  • Information Security Analyst: $51,000 to $110,000


As cyberattacks continue to rise and threats show no signs of slowing down, the cybersecurity job market continues to increase its size across all industries. Certain skills will pay more because they are more valuable to employers.

As a subdomain of IT, cybersecurity ensures some of the highest returns, with the median base salary of a professional in the US of over $90,000 per year. It also has tremendous growth potential, especially in positions of analysts. 

So, do you have what it takes to become an entry-level cybersecurity analyst and earn the credentials that will allow you to earn a good salary while working in one of the fastest-growing industries in the US?

As pay is commonly based on competences, experience and other factors such as level or education, qualification and everyday duties, it is important for professionals to consider all credentialing opportunities to increase their employability and salary potentials. With a faster-than-average growth potential, the cybersecurity or information security analyst fields are definitely a good choice today for newer recruits or professionals considering a career change.


Posted: January 15, 2020
Daniel Brecht
View Profile

Daniel Brecht has been writing for the Web since 2007. His interests include computers, mobile devices and cyber security standards. He has enjoyed writing on a variety of topics ranging from cloud computing to application development, web development and e-commerce. Brecht has several years of experience as an Information Technician in the military and as an education counselor. He holds a graduate Certificate in Information Assurance and a Master of Science in Information Technology.

Leave a Reply

Your email address will not be published.