Skip to content

Cybersecurity Salaries by State

Reviewed by Chris Rodgers, PlexTrac Cyber Swiss Army Knife

The importance of cybersecurity in protecting sensitive data and infrastructure has led to a surge in demand for cybersecurity professionals. This article presents the current state of cybersecurity salaries, including trends, industry comparisons, and factors influencing pay.

Current State of Cybersecurity Salaries 

Cybersecurity professionals command competitive compensation packages due to the high demand for their skills. Salaries are based on factors such as job title, experience and location. However, cybersecurity experts typically earn higher-than-average salaries compared to other industries.

Overview of Cybersecurity Salary Trends 

Cybersecurity salaries have regularly increased in recent years due to the rising frequency and complexity of cyberthreats. Organizations invest more in cybersecurity to secure their networks, resulting in better salaries for professionals.

Factors Affecting Cybersecurity Salaries 

1. Experience: More experienced cybersecurity professionals command higher salaries as their value and expertise grow.

2. Certifications: Industry-recognized certifications (e.g., CISSP, CEH) positively impact salaries by validating professionals’ skills and making them more desirable to employers.

3. Education: Advanced degrees, such as a master’s or Ph.D., can influence salaries by demonstrating a deep understanding of cybersecurity concepts.

4. Job Roles and Responsibilities: Different roles in cybersecurity come with varying levels of responsibility, which also can affect salaries. Managerial or leadership positions often earn higher salaries than entry-level or technical roles.

5. Location: Geographical location plays a significant role in determining cybersecurity salaries due to the cost of living, local demand for professionals, and industry standards.

Cybersecurity Salaries by State 

According to data from the U.S. Bureau of Labor Statistics, the average annual salary for information security analysts, a common cybersecurity job title, varies by state. Here are the average yearly salaries for information security analysts in the 30 most populous states as of May 2022, according to BLS data:

California – $131,260

Texas – $101,800

New York – $133,100

Florida – $106,440

Pennsylvania – $82,441

Illinois – $108,510

Ohio – $103,470

Georgia – $117,020

North Carolina – $117,860

Michigan – $100,370

New Jersey – $118,050

Virginia – $121,940

Washington – $131,260

Arizona – $106,360

Massachusetts – $113,610

Indiana – $124,151

Tennessee – $92,840

Missouri – $94,080

Maryland – $131,260

Wisconsin – $92,660

Minnesota – $102,700

Colorado – $132,000

South Carolina – $94,016

Alabama – $77,517

Louisiana – $94,700

Kentucky – $86,870

Oregon – $96,050

Oklahoma – $81,640

Connecticut – $113,580

Utah – $89,820

It’s important to note that salaries can vary based on job title, experience, certifications, and education. Additionally, these numbers are from 2022 and are subject to change in the coming years. It’s always best to research current salary trends in your area.

Cybersecurity Salaries by Title

In cybersecurity, salaries vary based on job title, experience, certifications, and location. Let’s explore specific job titles and salary ranges in cybersecurity.

1. Security Analyst/Engineer: Responsible for monitoring, analyzing, and responding to security incidents. Salary range: $60,000 to $100,000 annually, depending on experience and location.

2. Security Consultant: Provides expert advice and guidance on cybersecurity. Salary range: $80,000 to $150,000 per year, based on experience and project scope.

3. Security Architect: Designs and builds secure systems and networks. Salary range: $100,000 to $160,000 per year, depending on experience and organization size.

4. Incident Responder: Investigates and contains security incidents. Salary range: $70,000 to $120,000 per year, based on experience and incident complexity.

5. Chief Information Security Officer (CISO): Oversees overall cybersecurity strategy. Salary range: $150,000 to $300,000+ per year, depending on organization size and industry.

Cybersecurity Salaries by Experience Level

1. Entry-Level: Salaries range from $50,000 to $80,000 per year for professionals with minimal experience and some certification(s).

2. Mid-Level: With a few years of experience and specialized certifications, salaries run from $80,000 to $120,000 according to 12 months.

3. Senior-Level: Managers, directors or CISOs with extensive experience, leadership skills, and superior certifications earn salaries from $120,000 to $300,000.

Note: Salary ranges may vary based on location, industry, organization size, and demand for cybersecurity professionals. These ranges are approximate and subject to market conditions and industry trends.

Entry-Level Cybersecurity Salaries 

Cybersecurity Analyst

Salaries for cybersecurity analysts range from $60,000 to $100,000 per year. They screen and examine security incidents, identify threats, behavior vulnerability tests, and put security measures in force.

Cybersecurity Specialist

Cybersecurity specialists with expertise in areas such as penetration testing, network security, threat intelligence, or cloud security earn around $70,000 to $120,000 per year.

Cybersecurity Engineer

Cybersecurity engineers earn a median income of $90,000 to $130,000 annually. They design, implement, and maintain secure systems and networks, such as configuring firewalls, conducting risk assessments, and performing security audits.

Cybersecurity Auditor

Cybersecurity auditors ensure an organization’s protection controls observe enterprise requirements and regulations. Their salaries typically range from $80,000 to 120,000 annually, depending on experience, certifications, and organization size.

Cybersecurity Manager 

Cybersecurity managers oversee security implementation and protection. They earn salaries of $100,000 to $150,000 or more per year, depending on experience, organization size, and location. They combine technical expertise and management skills to effectively execute the organization’s cybersecurity strategy.

Note: Salary ranges may vary based on location, industry, organization size, and demand for cybersecurity professionals. These ranges are approximate and subject to market conditions and industry trends.

Gender and Diversity Gaps in Cybersecurity Salaries 

The cybersecurity field, like many professions, faces salary gaps based on gender and diversity. Factors such as biases, stereotypes, lack of representation, and unconscious biases contribute to these disparities.

Efforts to Close the Gap 

Initiatives include:

1. Equal Pay Policies: Implementing policies for equal pay and conducting audits to address disparities.

2. Diversity and Inclusion: Creating inclusive work environments and diverse hiring practices. 

3. Education and Training: Encouraging underrepresented groups through scholarships, mentorship and training.

4. Industry Collaboration: Partnerships promoting diversity awareness and career resources.

5. Professional Networks: Supportive networks providing mentorship and resources.

6. Leadership Representation: Promoting diversity in leadership roles and visible role models.

Closing the gaps requires commitment from organizations, leaders, policymakers, and the cybersecurity community. An inclusive and diverse workforce brings diverse perspectives, ideas and talent for effective security practices.

Cybersecurity Salary Differences Between Public and Private Sector Jobs

Salaries in the cybersecurity field can vary between the public and private sectors. Generally, private-sector cybersecurity jobs offer higher salaries than their public-sector counterparts. Private companies often have larger budgets and can allocate more resources toward cybersecurity, leading to better compensation packages.

Several factors impact cybersecurity salaries. Education and certifications play an enormous role. Industry-specific certifications, such as CISSP or CEH, validate expertise and may lead to better salaries.

Experience and skills are crucial in determining salaries. Professionals with more experience and a proven track record of handling complex security challenges are highly valued and can negotiate higher salaries. Specialized penetration testing, cloud security, or threat intelligence skills can also earn higher compensation.

Job location is another factor influencing cybersecurity salaries. Salaries vary based on the cost of living in a particular area and the demand for cybersecurity professionals. Urban areas or regions with a high concentration of technology companies often pay better than rural areas.

Industry-Specific Cybersecurity Salaries

Cybersecurity salaries can vary depending on the industry in which professionals work. Here is a comprehensive overview of cybersecurity salaries in specific industries, highlighting how industry-specific factors can affect compensation.

1. Healthcare: In the healthcare sector, cybersecurity specialists generally earn between $70,000 and $120,000 yearly. Salary discrepancies stem from factors such as the size of the organization, the complexity of the healthcare environment, and the nature of the protected data.

2. Finance: In the finance industry, cybersecurity professionals can expect salaries ranging from $90,000 to $150,000 per year. Compensation variances are due to the size and complexity of financial institutions, the type of data under protection, and the level of regulatory compliance required.

3. Government: In the government sector, cybersecurity professionals typically earn salaries between $80,000 and $120,000 annually. Compensation fluctuations are driven by factors such as the required security clearance level, the type of data being protected, and the size of the government organization.

Industry-specific factors, including the regulatory landscape, the intricacy of technological infrastructure, and the value of safeguarded data, all affect cybersecurity salaries. Furthermore, industries dealing with extreme competition for cybersecurity talent may offer higher compensation to attract and retain skilled professionals.

Future of Cybersecurity Salaries

Projected trends suggest continued cybersecurity salary growth as the demand for skilled professionals increases. Rising technologies such as artificial intelligence, cloud computing, and the Internet of Things (IoT) will drive the need for specialized cybersecurity expertise.

This growing demand could lead to escalating salaries for professionals with abilities in these areas. Additionally, the evolving threat landscape, including rising cyberthreats and regulations, will drive companies to invest more in cybersecurity, which should lead to in higher salaries for skilled specialists who can efficiently deal with these demanding situations. Overall, the future of cybersecurity salaries looks positive, reflecting its critical role in safeguarding digital assets.

Tips for Negotiating Cybersecurity Salaries

Negotiating a cybersecurity salary can be daunting, but ensuring you’re getting the compensation you deserve is essential. Here are five tips for negotiating cybersecurity salaries: 

1. Do Your Research

Before negotiating your salary, research the average salary range for your job title and experience level in your targeted geographic location. This will help you make an informed case for your desired salary.

2. Highlight Your Skills and Experience 

Be prepared to demonstrate your skills, accomplishments and experience. Use specific examples to showcase how you’ve added value to previous organizations or successfully handled complex security challenges.

3. Consider Non-salary Benefits 

In addition to salary, consider non-salary benefits like flexible work arrangements, training opportunities, and bonuses. Negotiating these benefits can help you obtain a better overall compensation package.

4. Be Confident and Professional 

Approach salary negotiations with confidence and professionalism. Avoid making ultimatums or being confrontational. Focus instead on presenting a persuasive case for your desired compensation.

5. Know When to Walk Away 

While negotiating salary, it’s critical to know your worth and not accept an offer that doesn’t align with your expectations. If the company cannot meet your salary request, consider if other opportunities are a better fit for your skills and experience.

By following these tips, you can effectively negotiate your cybersecurity salary and ensure you’re fairly compensated for your expertise.

Avoid These Common Cybersecurity Salary Negotiation Mistakes

When negotiating salary, common mistakes can hinder your success. These can result in receiving a lower salary offer than you deserve or damaging your negotiating position.

Here are some common mistakes to avoid during cybersecurity salary negotiations:

1. Failing to research the market rate for your position and experience level.

2. Focusing solely on salary and neglecting other aspects of compensation, such as benefits and perks.

3. Asking for too much too soon without building a case for why you deserve it.

4. Being too aggressive or confrontational during negotiations.

5. Failing to listen to the employer’s needs and priorities.

6. Disclosing your desired salary too early before fully understanding the position and organization.

7. Failing to follow up after the negotiation.

Avoiding these mistakes can increase the chances of successful negotiation and help you achieve a fair and competitive salary.

Chris Rodgers
Chris RodgersPlexTrac Cyber Swiss Army KnifeChris Rodgers is a highly experienced security professional with a deep understanding of penetration testing and ethical hacking. With over 15 years of experience in the industry, Chris has helped numerous organizations identify and address their vulnerabilities and secure their critical systems. Throughout Chris's career, he has worked on a wide range of security assessments and engagements wherein he has supported large enterprises, vendors, and start-up organizations. His expertise in these areas has led to the successful identification and exploitation of security flaws in complex systems, allowing clients to proactively address and mitigate risk. In addition to his technical skills, Chris is a skilled communicator who can effectively convey complex security concepts to technical and non-technical audiences. He has a passion for sharing his knowledge and experience and has delivered numerous presentations and workshops on topics related to vulnerability management, asset management, and security assessments in the cybersecurity space.

Liked what you saw?

We’ve got more content for you

Request a Demo

PlexTrac supercharges the efforts of cybersecurity teams of any size in the battle against attackers.

See the platform in action for your environment and use case.