Cybersecurity Jobs: Everything You Ever Wanted to Know

by Eileen Ristau Tauchman | Oct 01, 2018

Everything you ever wanted to know about cybersecurity jobs
Updated with new data from CyberSeek in November 2018.
Cybersecurity is constantly evolving and growing – currently, there are more than 768,000 IT pros employed in cybersecurity in the United States. And there are more than 300,000 current U.S. job openings in cybersecurity that need talented IT pros like yourself. Keep reading to learn about the different types of cybersecurity jobs and salaries and how to start your cybersecurity career.

What Cybersecurity Jobs Are Out There?

According to CyberSeek, the top three cybersecurity job titles are cybersecurity engineer, cybersecurity analyst and network engineer. Even if you don’t have a ton of experience yet, there’s a place for you in cybersecurity, with employers seeking IT pros for entry-level, mid-level and advanced-level cybersecurity jobs. We've outlined a few of the most popular ones, along with the certifications you need, in the table below. (P.S. See what's on a cybersecurity certification exam by downloading the exam objectives.)

Common Cybersecurity Job Titles and Details

Job Title Description Salary Data Job Growth Related Certifications

Cybersecurity Specialist

  • Monitor network activity
  • Investigate breaches
  • Install and use cybersecurity tools
  • Simulate attacks to identify vulnerabilities

Cybersecurity specialist median annual wage: $75,000

18% growth from 2014 to 2024

  • CompTIA Security+
  • GIAC
  • Certified Information Security Manager (CISM)
  • Certified Information Security Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)

Cybersecurity Analyst

  • Detect cyberthreats
  • Implement protections
  • Monitor network activity
  • Analyze reports to identify unusual behavior

Cybersecurity analyst median annual salary: $85,000

28% from 2016 to 2026

Penetration Tester

  • Act like a hacker to identify vulnerabilities 
  • Stay up to date on the latest testing and hacking models
  • Locate, assess and manage vulnerabilities
  • Apply appropriate tools for penetration testing

Penetration tester average salary: $102,000

18%  from 2014 to 2024

Cybersecurity Engineer

  • Create new solutions to solve existing security issues
  • Enhance security capabilities by evaluating new technologies
  • Define, implement and maintain corporate security policies
  • Recommend modifications in legal, technical and regulatory areas that affect IT security
 

Cybersecurity engineer median annual salary: $108,000 

28% growth from 2016 to 2026  

 

How to Get a Cybersecurity Job

Cybersecurity Certifications

While there are many cybersecurity certifications out there, the certifications in the CompTIA Cybersecurity Career Pathway build upon each other and help IT pros move forward in their cybersecurity careers, from entry-level to advanced.

  • CompTIA Security+ is a great starting point for ​getting into cybersecurity. This IT certification assesses the knowledge, skills and abilities an IT professional demonstrates after two years of cybersecurity field work and establishes the core knowledge required of any cybersecurity role.
  • At the intermediate level, CompTIA offers certifications for both offensive and defensive cybersecurity: CompTIA Cybersecurity Analyst (CySA+) and CompTIA PenTest+. CompTIA CySA+ focuses on defense through incident detection and response and CompTIA PenTest+ focuses on offense through penetration testing and vulnerability assessment. These IT certifications assess three to four years of cybersecurity field work.
  • CompTIA Advanced Security Practitioner (CASP) enables experienced cybersecurity professionals to prove their mastery of the skills required at the 5- to 10-year experience level. CASP is the pinnacle of cybersecurity certifications and is intended for those who wish to remain immersed in hands-on enterprise security, incident response and architecture, for example, as opposed to managing cybersecurity policy and frameworks.

What's on a Cybersecurity Certification Exam?

Wondering what's on a cybersecurity certification exam? You're in luck, because we provide that in our exam objectives. Download the exam objectives for the CompTIA certification that matches your experience level.

Download Exam Objectives

Cybersecurity Degrees

You can get into cybersecurity with a certification, a degree or both. It really depends on what you want to do and what kind of experience you already have. Websites like CyberDegrees.org outline numerous options for pursuing a cybersecurity degree. You can filter between what degree type (associate degree, bachelor’s degree, master’s degree and others) or program (online or in person) you are looking for. CyberDegrees.org does the leg work for you, providing lists that break down the top online bachelor’s degrees, top schools in the country and more!

On-the-Job Cybersecurity Experience

Even if you aren’t working in a cybersecurity role yet, you already may have cybersecurity experience from another IT role. Cybersecurity feeder roles are IT career areas that are most likely to serve as stepping stones into a cybersecurity career. Networking, software development, systems engineering, financial and risk analysis, and security intelligence are all feeder roles that CyberSeek has identified as great paths from which to transition into cybersecurity.

Why It’s Great to Have a Cybersecurity Job

There are many ways a career in cybersecurity can bring benefits to your life. If you want a fulfilling career in a field that is everchanging and only continuing to grow, then a career in cybersecurity may be perfect for you. Cybersecurity offers many different sub-fields as well as financial stability, with average salaries approaching, if not exceeding, six figures. Most importantly, a career in cybersecurity is rewarding – you are a real-life superhero, defending your network and protecting your organization from attacks. A career in cybersecurity is waiting for you!

Want to know what’s on a cybersecurity certification exam? Download our exam objectives today.

32 Comments

  • Josbin Jose

    Sunday, October 7, 2018

    I have 7+ years experience in IT field in Antivirus. I want to be a Cyber Security Expert. Please let me know further.

  • Bharath R A

    Monday, October 8, 2018

    Hi there, I am writing to you from India, seeking your help, I am interested in getting into Cybersecurity space, I am 42 years old non-IT person, more into Sales & Marketing for the past 25 years, do you think it will make some sense for me to get into Cybersecurity space and make a career out of it.

  • Tuesday, October 9, 2018

    Hi, Josbin and Bharath! Thank you both for your comments. Yes, you can move into cybersecurity. Remember, your career is a marathon, not a sprint, so you'll need to work your way up to senior-level positions. But with hard work, dedication and patience, you can get there. Combine certifications, hands-on experience and a little bit of luck to land the job of your dreams. Good luck!

  • Toyosi

    Thursday, October 11, 2018

    Been an IT personnel for some years now. Is there any form of scholarship for this certification? Thanks .

  • Thursday, October 11, 2018

    Hi, Toyosi! Thanks for your question. Check out this article about how to get discounts on certifications: https://certification.comptia.org/it-career-news/post/view/2018/08/31/voucher-discount Good luck!

  • Michael

    Thursday, October 11, 2018

    Hello, I currently have about 3 years working in IT, I have a couple of CompTIA certifications, and I am currently pursuing a degree in cyber security. What steps can I take to further my career in IT and become a cyber security expert?

  • Alex

    Thursday, October 11, 2018

    Hi there, I am currently in a technical sales field within the iot. Some of our business touches on cybersecurity, but not traditionally nor directly. Is there any recommendations or guidance on how one would transfer from a technical sales position to cybersecurity? Thank for the great info!

  • Thursday, October 11, 2018

    Hi, Michael! Thanks for your question. It sounds like you are off to a great start already! Experience and certifications can help you gain and validate the skills employers are looking for. We wrote an article last year that offers more tips on how to grow in the field, like staying up to date on current best practices and networking with other cybersecurity pros: https://certification.comptia.org/it-career-news/post/view/2017/10/16/how-to-get-a-job-in-cybersecurity-cybersecurity-experts-weigh-in Good luck!

  • Thursday, October 11, 2018

    Hi, Alex! Thanks for your question. It's not uncommon to move from selling technology to working in IT - it can be easy to catch the bug! Take a look at our article about changing careers from sales to IT. It's not specifically tailored to cybersecurity, but it will give you some good advice that you can combine with what you read here. Good luck! https://certification.comptia.org/career-change/switching-career-path/from-jobs/sales-to-it

  • Dani Kay

    Thursday, October 11, 2018

    I recently completed my Network+ cert and am hoping to complete my Security+ cert this month. I have been job hunting and networking for several months in the Dallas/Fort Worth area, which is currently booming with jobs. All of the IT jobs listed want at least 2 years of experience, which I don't have because I just completed my schooling . If there is such a high demand for cybersecurity personnel, why are employers only willing to accept those with experience? How are those with experience getting their experience? Didn't they at some point not have any experience? Who was willing to hire and train them? I've even looked at paid and unpaid internships, and the requirements for those are that you are currently a full time student in a bachelor's program at an accredited university. Why aren't those of us who were in class full time for a couple of months in an IT cert program just as qualified to participate in internships? I've even looked at internships with government entities such as Homeland Security and the Secret Service (yes, I'm willing to relocate to the D.C. area) and they have the same college requirement. Needless to say, my frustration level is increasing daily...

  • Itumeleng Herman Diale

    Thursday, October 11, 2018

    Hi, I worked in IT a few years ago doing second line IT Support, I stopped IT and worked different jobs but I was always IT freelancing and studying, I have MCSA Windows Server 2012, Core Solutions of Microsoft Exchange Server 2013, Administering SCCM and Intune, Configuring Windows 10 Devices, MCSA Office 365 and I am currently doing Juniper JNCIA-Junos (Exam scheduled) and JNCIA-Cloud from the opportunities I got to study and receive free exam Vouchers. I recently Completed Cisco CCNA Cyber Ops from the Cisco Scholarship Program, I have a problem that here in South Africa, most of hiring staff always say that IT Certifications does not add any value without experience, I have a different view on this, I believe from courses, labs, videos, researches and training You have what it takes to perform very well and learn more quickly. I would appreciate it if I could get Your perspective on IT Certification benefits and an advise on how I can be recognized, I have learned a lot from every course I have done, every exam I have taken and My continuing education, it would be great if I can be a Cybersecurity Analyst and get Comptia Certifiaction as well.

  • Chris G

    Thursday, October 11, 2018

    I just retired from the military with a bachelors in Cyber Security with Net + and Sec + CE but with limited experience in the cyber side. Where can I start?

  • Suraj D

    Friday, October 12, 2018

    Hi, i am 16 ,from india and very much interested in making a career in the field of cyber security....what can i do now to get into cyber security in my future

  • Erin

    Friday, October 12, 2018

    Hey, I'm a senior in high school and I have been wanting to go in the IT field for quite some time now. I have recently discovered my interest in cyber security and I would love some tips on how to get started. I would like to do something like attacking a system to find its faults or defend it from the attacks. Do I need to learn hacking to do any of those, and if so, where can I learn it? Are there any other careers in cyber security you would recommend for someone with my interests?

  • Friday, October 12, 2018

    Hi, Dani! Thanks for your comment. Congratulations on earning your certifications! There are a number of ways to gain the experience you need to land a cybersecurity job. It may mean starting in a more general IT position, like tech support or systems/network administration, so you can understand how everything works before beginning to secure it. Check out our article on test driving IT for other suggestions on how to gain hands-on experience in IT: https://certification.comptia.org/career-change/switching-career-path/how-to-try-it Good luck!

  • Friday, October 12, 2018

    Hi, Chris! Thanks for your comment, and thank you for your service. It depends on what general IT experience you already have. If you have experience working with IT, such as in the military, that paired with your degree and certifications could position you well for an entry-level cybsersecurity job, such as a specialist. If not, you could look for a more general IT role, like tech support or systems/network administration, and do cybersecurity tasks within those roles to gain experience. Good luck!

  • James Stanger

    Friday, October 12, 2018

    Hey, everyone! Exciting to see all of the questions about how to get started. The answer is, at least in my mind, deceptively simple: Focus on a fundamental set of skills relevant to a job role or responsibility, and then get hands-on experience doing them. For example, when it comes to cybersecurity, grab some virtualization software, such as VMWare or (my favorite) VirtualBox, install some versions of Linux and/or Windows, and create your own network. Then, you can start learning about how to use security tools. The CompTIA Security+, PenTest+, and CySA+ objectives can help guide you when it comes to knowing what to learn first. If you're not up to speed with Linux, no problem - you can download a version of Linux (e.g., Ubuntu, Red Hat, CentOS, Kali), and then start practicing. I regularly conduct hour-long "Office Hours with James" Webinars that focus on things like Linux command line basics, or using various security tools. They are available on demand: Navigating the Linux command line https://www.comptia.org/events/view/office-hours-with-comptia-s-chief-technology-evangelist-james-stanger Setting up an IT Pro “playspace” https://www.comptia.org/events/view/office-hours-with-comptia-feb https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&referrer=https%3A%2F%2Fwww.comptia.org%2Fevents%2Fwebinars&eventid=1775687&sessionid=1&key=577C0789B565DE9FDA7E693FE2ABD052®Tag=&sourcepage=register Investigating Red team (pen testing) / blue team (security analytics) skills https://www.comptia.org/events/view/changes-in-the-red-team-blue-team-an-investigation---office-hours-for-june Demystifying Metasploit https://www.comptia.org/events/view/demystifying-metasploit Investigating Threat hunting https://www.comptia.org/events/view/office-hours-with-comptia-s-chief-technology-evangelist-james-stanger-march. If you don't like the above videos, there are literally thousands of resources available on YouTube, or, you can choose a quality CompTIA training partner to learn more about essential skills. In short, my advice is to install some Windows and Linux systems in a virtualized environment and start making mistakes! For me, anyway, it's the fastest way to learn real-world skills. All the best! James

  • Itumeleng Herman Diale

    Saturday, October 13, 2018

    Hi, I worked in IT a few years ago doing second line IT Support, I stopped IT and worked different jobs but I was always IT freelancing and studying, I have MCSA Windows Server 2012, Core Solutions of Microsoft Exchange Server 2013, Administering SCCM and Intune, Configuring Windows 10 Devices, MCSA Office 365 and I am currently doing Juniper JNCIA-Junos (Exam scheduled) and JNCIA-Cloud from the opportunities I got to study and receive free exam Vouchers. I recently Completed Cisco CCNA Cyber Ops from the Cisco Scholarship Program, I have a problem that here in South Africa, most of hiring staff always say that IT Certifications does not add any value without experience, I have a different view on this, I believe from courses, labs, videos, researches and training You have what it takes to perform very well and learn more quickly. I would appreciate it if I could get Your perspective on IT Certification benefits and an advise on how I can be recognized, I have learned a lot from every course I have done, every exam I have taken and My continuing education, it would be great if I can be a Cybersecurity Analyst and get Comptia Certifiaction as well.

  • Ronnie

    Saturday, October 13, 2018

    Getting a cyber security job isn't nearly as straight forward as this article suggest. At least for me that is. I do not have any working experience in IT and no one wants to give a neophyte a chance. Even though I have great work experience in other areas and demonstrate through interviews that I have the acumen. With no work experience I have paid for a cyber security program designed to give people hands on experience. I am taking college courses to receive a cyber security degree. And I got the Security+ certification. But all of my efforts have been in vain thus far because every cyber security entry level job wants experience. The reality I'm facing now is while there are many jobs available in theory, they're not for people new to IT (again, in my experience). Seems like you have to have either the right alumni or be transitioning from one sector of IT to another. Someone like myself whom has and continues to pay out of his pocket to make himself more marketable feels a bit hopeless (not impossible however). Any suggestions?

  • Theodore Breckenridge

    Monday, October 15, 2018

    Hello I was interested in enrolling in the comp TIA security + exam. What steps should i take to get started?

  • Monday, October 15, 2018

    Hi, Ronnie! Thanks for your comment. In general, cybersecurity roles are not entry-level. You need to understand how technology and networks function before you can begin securing them. Therefore, it's good to have general IT experience before moving into cybersecurity. IT roles like tech support and systems or network administration can help you gain cybersecurity experience before you move into a more specialized role. That said, there are also opportunities in cybersecurity for people changing careers from other fields to IT. For example, someone working in finance may have the analytical acumen to succeed in cybersecurity. Take a look at this article that provides more details on popular cybersecurity jobs: https://certification.comptia.org/it-career-news/post/view/2018/08/10/the-top-9-jobs-in-cybersecurity

  • Monday, October 15, 2018

    Hi, Theodore! Thanks for your question. If you're ready to get CompTIA Security+, your first step is to download the exam objectives to understand what's on the test. You can then begin training - CompTIA offers a variety of tools that can help you at whatever stage you're in. Then, when you're ready, purchase your exam voucher and schedule your exam. If you purchase a bundle, you'll get training, a voucher and a retake voucher for a discounted price. Good luck! https://store.comptia.org/

  • Daniel

    Friday, October 19, 2018

    I have worked in IT directly for almost 20 years. I have worked for a Managed Service Provider for the past 8.5 years. I have many of the standard certs picked up along my years but haven't focused on new ones in recent years as I learn what I need as I go with my job and I haven't been required to get new certs recently. I've dealt with wide range of technologies as a Network Engineer: SQL, Windows Servers/workstations, Wireless, Powershell scripting, Radius,Macs, SANs, vSphere, Switching/Routing, Firewalls. I don't consider myself highly competent at any of them in particular but very functional and able to get things done/configured as needed ...as issues come up for our clients. I'd like to move in the direction of CyberSecurity. I've been a big fan of MalwareBytes (I've dealt with cleaning malware/viruses from systems and followed the recent Meltdown/Spectre vulnerabilities a bit). I recently convinced my employee to partner with MalwareBytes for reselling to our clients. I'm not sure what the best path or course of action is for me to begin heading down the path of CyberSecurity, but I really feel I need a fresh direction in my career/something to help me stand out from the run of the mill Network Engineers/administrators out there and possibly better earnings potential. I am currently employed with an MSP as a network Engineer. Any advise would be greatly appreciated!!

  • Friday, October 19, 2018

    Hi, Daniel! Thanks for your comment. It sounds like you have some great experience that could benefit a cybersecurity role. I think our article on how to get into cybersecurity from networking might give you some good ideas: https://certification.comptia.org/it-career-news/post/view/2018/08/29/how-your-networking-experience-can-land-you-a-job-in-cybersecurity Good luck!

  • Alexander O Akpodiete

    Friday, October 19, 2018

    Great article and I agree with James because I teach IT certification courses and always tell my students about the importance of the basics/foundation before moving into Cybersecurity. CompTIA IT Fundamentals, A+, Net+ and Security+ are good stackable credentials on your path to that Cybersecurity career. Be patient and understand as Eleen said that it is a marathon, not a sprint. I have ITF, Cloud Essentials, A+, Sec+, ITIL, PMP, along with degrees in Computer Science, Cybersecurity and law. Still I had to work my way up and I am still doing it. Take that entry level job to build up your resume. Don't lose hope. Hang in there. Dr. Alex O. Akpodiete, JD, PMP, ITIL, Sec+, CAHIMS IT/Cybersecurity Consultant, Educator, Project Management Professional, ATAWA GROUP LLC d/b/a ATAWA TECHNOLOGIES 240-772-4113 profatwa@gmail.com or alex.akpodiete@atawagroup.com

  • Mario

    Sunday, October 28, 2018

    What guidance for someone with a law degree and working many years as a litigator in New York with an interest in Cyber Security? What’s the best way to transition into this career with a law degree? What areas are best for this background? Appreciate any advice! Thank you.

  • Monday, October 29, 2018

    Hi, Mario! Thanks for your comment. You can absolutely change careers from law to IT, or you can stick with law and refine your focus to cybersecurity law. It's up to you! Take a look at the career change section of our website to learn more about how to get into IT: https://certification.comptia.org/career-change Good luck!

  • Dayo

    Monday, October 29, 2018

    This is indeed a great read, a mind-opening article. I am a medical doctor with a few years of experience in medicine, but I am a novice in the field of IT. With the recent issues of cyber attacks on health records of major health facilities around the world, I am very interested in the area of cyber security as it applies to healthcare. What's a good point to start for me please? And how do you advise I progress from this start point? Thank you.

  • Monday, October 29, 2018

    Hi, Dayo! Thanks for your comment. Cybersecurity in health care is a huge issue right now. Check out this article on how to get into IT from health care to get started: https://certification.comptia.org/career-change/switching-career-path/from-jobs/healthcare-to-it Good luck!

  • Dayo

    Friday, November 9, 2018

    This is indeed a great read, a mind-opening article. I am a medical doctor with a few years of experience in medicine, but I am a novice in the field of IT. With the recent issues of cyber attacks on health records of major health facilities around the world, I am very interested in the area of cyber security as it applies to healthcare. What's a good point to start for me please? And how do you advise I progress from this start point? Thank you.

  • Tuesday, November 13, 2018

    Hi, Dayo! Thanks for your comment. Your background in health care will give you a great perspective for doing cybersecurity in the field. If you are new to IT, know that it takes time to work your way up to a career in cybersecurity. You'll want to start by learning the fundamentals of hardware, software and networking so you understand how they function before learning how to protect networks and data. CompTIA A+, Network+ and Security+ may be a good way to get started. Read more here: https://certification.comptia.org/it-career-news/post/view/2017/07/21/networking-as-the-foundation-of-it-why-you-shouldn-t-skip-algebra-to-start-with-calculus

  • CeJey

    Wednesday, November 21, 2018

    This is awesome!

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story