Cybersecurity is a growing and impactful field with a higher-than-average salary. Explore 10 of the top cybersecurity jobs, from entry-level to senior positions, along with their pay expectations and most common responsibilities.
Cybersecurity professionals are in demand. Working in the cybersecurity field gives you the chance to work in a fast-paced environment where you continually learn and grow. Cybersecurity might be worth considering if you’re already in the world of information technology (IT) or looking to make a career switch.
This article will look at some of the many roles available to cybersecurity professionals. We’ll also discuss how to get started in cybersecurity and what your career path might look like.
When starting a new career path, it's helpful to network with industry professionals to learn more about the field and to create mutually beneficial relationships. Steve Graham, Senior Vice President Head of Product at EC-Council, had the following advice during Coursera's virtual panel, "How can online learning accelerate cybersecurity careers and talent?":
"There's a lot of different groups that you can join, whether it's meeting other students or joining special interest groups that get you into this field. It's also figuring out what you're passionate about and finding some mentors in that area that you can connect with to help guide you."
Read more: What Is Networking? How to Grow Your Network
Note: All salary data represents the average annual salary in the US, according to Glassdoor (November 2024).
In the context of cybersecurity, entry-level positions can be a bit of a misnomer. For some roles, the National Security Agency (NSA) defines entry-level as requiring a bachelor’s degree plus up to three years of relevant experience—less with higher-level degrees [1]. With a high school diploma or GED, you’ll likely need between four and seven years of relevant experience on your resume.
Most cybersecurity professionals enter the field after gaining experience in an entry-level IT role. Here are a few of the most common entry-level jobs within the bigger world of cybersecurity.
Average salary: $112,399
Feeder role: network or systems administrator
As an information security analyst, you help protect an organization’s computer networks and systems by:
Monitoring networks for security breaches
Investigating, documenting, and reporting security breaches
Researching IT security trends
Helping computer users with security products and procedures
Developing strategies to help their organization remain secure
This is among the most common roles on a cybersecurity team and an excellent entry point into the world of information security.
Common certifications: CompTIA Security+, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH)
Related job titles: cybersecurity analyst, IT security analyst
If you're just starting your career as a cybersecurity analyst, you might consider earning a Professional Certificate to help you break into the field. You can build job-ready skills with an industry leader by enrolling in Microsoft's Cybersecurity Analyst Professional Certificate program.
Average salary: $118,057
Feeder role: networking, IT support, systems engineering
In this role, you’re the company’s point person for security, ensuring that data remains secure against unauthorized access and cyberattacks. Responsibilities for security specialists vary from organization to organization but may include:
Testing and maintaining firewalls and antivirus software
Implementing security training
Researching new security risks
Suggesting improvements for security weaknesses
Common certifications: CompTIA Security+, Systems Security Certified Practitioner (SSCP), GIAC Security Essentials (GSEC)
Related job titles: cybersecurity specialist, information security specialist
Average salary: $88,176
Feeder role: IT support, risk analyst
If you enjoy seeking clues to solve a puzzle, this role might be for you. Digital forensic investigators retrieve information from computers and other digital devices to discover how an unauthorized person accessed a system or to gather evidence for legal purposes. Day-to-day tasks might include:
Collecting, preserving, and analyzing digital evidence
Recovering data from erased or damaged hard drives
Documenting the data retrieval process and maintaining chain of custody
Assisting law enforcement in criminal investigations
Providing expert testimony in court proceedings
Common certifications: GIAC Certified Forensic Analyst, EnCase Certified Examiner (EnCE), AccessData Certified Examiner (ACE)
Related job titles: computer forensic specialist, cyber forensic specialist, digital forensics analyst
You can find out if this career path is right for you with a risk-free, seven-day trial of InfoSec's online program, Cyber Incident Response Specialization. You can audit the program for free or switch to a paid option to earn career credentials.
Average salary: $89,821
Feeder role: network administrator, risk analyst, IT support
As an IT auditor, you’ll assess your organization’s technology for potential issues with security, efficiency, and compliance. Some of your regular tasks might include:
Planning and performing audits
Documenting and presenting audit findings
Providing guidance on recommended and mandatory security measures
Designing plans to fix any security risks
Identifying opportunities for better efficiency
Common certifications: Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA)
Related job titles: internal IT auditor, security auditor
As you gain experience in cybersecurity, several paths can open up for advancement into more specialized roles. These are just a few options for mid-level and advanced cybersecurity professionals.
Average salary: $87,743
Feeder role: systems administrator, information security analyst
In this role, you’re typically put in charge of the day-to-day operations of an organization’s cybersecurity systems. Your responsibilities might include:
Monitoring systems and running regular backups
Managing individual user accounts
Developing and documenting security procedures for the organization
Collaborating with security teams to respond to unwanted intrusions
Participating in company-wide security audits
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
Related job titles: security administrator, cybersecurity administrator, information security officer
Average salary: $111,503
Feeder role: information security analyst, incident responder
As a penetration tester (pen tester for short), you’ll help businesses identify their security weaknesses before malicious hackers can do the same. You do this by attempting to breach computer networks with the company’s permission. Penetration testing tasks might include:
Planning, designing, and carrying out penetration tests
Creating reports on test results and offering recommendations to security decision-makers
Developing scripts to automate parts of the testing process
Conducting social engineering exercises (attempting to get company employees to disclose confidential information)
Providing technical support during incident handling
Common certifications: Certified Ethical Hacker (CEH), CompTIA PenTest+, GIAC Certified Penetration Tester (GPEN)
Related job titles: white hat hacker, ethical hacker, vulnerability assessor
Average salary: $136,434
Feeder role: information security analyst, penetration tester
In this role, you design the systems to keep a company’s computers, networks, and data safe from cyberattacks to natural disasters. These security systems might include elements like firewalls and intrusion detection systems. Day-to-day tasks might include:
Developing security standards and best practices
Recommending security enhancements to management
Ensuring new security systems are installed and configured correctly
Testing security solutions
Leading incident response teams
Develop programs to automate vulnerability detection
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)
Related job titles: cybersecurity engineer, network security engineer, information security engineer
Average salary: $160,481
Feeder role: security engineer, information security analyst
As a security architect, you set the vision for a company’s security systems. This role combines programming, threat research, and policy development to keep an organization a step ahead of threats. Your responsibilities might include:
Building and maintaining security networks and systems
Preparing budgets and overseeing security expenses
Coordinating security operations across IT and engineering departments
Improving systems in response to security incidents or vulnerabilities
Conducting breach of security drills
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CSA Certificate of Cloud Security Knowledge (CCSK)
Related job titles: cybersecurity architect, information security architect
Average salary: $136,206
Feeder role: computer programmer, information security analyst, systems administrator
Working in cryptography involves securing data for communication and information exchange. Cryptologists create encryption algorithms, ciphers, and other security protocols to encrypt data. Cryptanalysts decrypt information that has been coded. Common tasks in this role include:
Developing new cryptographic algorithms
Analyzing existing algorithms for vulnerabilities
Implementing encryption solutions
Testing new encryption techniques and tools
Common certifications: EC-Council Certified Encryption Specialist (ECES)
Related job titles: cryptologist, cryptanalyst, cryptography engineer
Average salary: $132,143
Feeder role: information security analyst, security administrator
In this cybersecurity leadership position, you’re responsible for overseeing the security infrastructure at your organization. This might include:
Managing human and technological resources
Tracking changes to internal and external security policy
Ensuring compliance with security rules and regulations
Sourcing cybersecurity tools for the organization
Leading risk mitigation efforts
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
Related job titles: information security (InfoSec) manager
While requirements for cybersecurity jobs vary widely from company to company, you might notice some common trends. Let’s take a closer look at some of the requirements and how you can go about meeting them to get your first cybersecurity job.
Many jobs in security list a bachelor’s degree in computer science, information technology, or a related field as a requirement. According to Zippia, 56 percent of cybersecurity specialists have a bachelor's and 23 percent have an associate degree [2]. While degrees are common among professionals in the cybersecurity industry, they’re not always required.
That said, having a bachelor’s or master’s degree can often create more job opportunities, make you a more competitive candidate in the cybersecurity job market, or help you advance in your career. Some degree programs, like the University of Maryland Global Campus' Bachelor of Science in Cybersecurity Technology, even specifically focus on cybersecurity as their primary area of study.
Typically cybersecurity job postings may request at least one certification. You’ll find more than 300 different certifications, and the quality isn’t always the same.
If you’re new to cybersecurity, consider starting with a more foundational certification, like the CompTIA Security+. From there, you can begin gaining the necessary work experience to earn more advanced certifications.
Read more: 10 Popular Cybersecurity Certifications
With so many cybersecurity positions to fill, having the right skills can go a long way toward securing you a job. To prepare for a cybersecurity career, start building your workplace and technical skills through online courses, boot camps, or self-study. These skills are a good place to start:
Cloud security
Programming (especially scripting) languages
Encryption
Knowledge of cyber threats
Risk assessment and threat analysis
Intrusion detection
Problem solving
Analytical thinking
Read more: Is Cybersecurity Hard to Learn? 9 Tips for Success
Subscribe to our weekly newsletter Career Chat. It's a low-commitment way to stay current with industry trends and skills you can use to guide your career path.
Getting started as an IT support technician or network administrator allows you to establish yourself within an organization and build up your technical skills before taking on the added responsibilities of a security role.
The National Security Agency (NSA) also offers Development Programs in Cybersecurity Operations and Cybersecurity Engineering. These three-year, full-time, paid roles help participants build their skills or switch to a new career.
When you’re ready to start looking for jobs in cybersecurity, expand your search beyond the usual job sites (LinkedIn, Indeed, ZipRecruiter, etc.). You’ll find a couple of sites that specialize in cybersecurity and tech job postings, including:
Ready to develop both technical and workplace skills for a career in cybersecurity? The Microsoft Cybersecurity Analyst Professional Certificate and Google Cybersecurity Professional Certificate on Coursera are your gateways to exploring job titles like security analyst, SOC (security operations center) analyst, and more. Upon completion, you’ll have exclusive access to career resources like resume review and interview prep that will support you in your job search.
Demand for cybersecurity professionals has been consistently high in recent years. This is good news for qualified cybersecurity job seekers, as it means that getting a job in their chosen field might not be as difficult as it might be for someone facing a job market with fewer openings than qualified job seekers.
However, while there are millions of career opportunities for qualified cybersecurity professionals, gaining the necessary job skills can be challenging. Many cybersecurity professionals gain entry into the field by working in an entry-level IT position and elevating their credentials with certifications. You can also consider a professional certificate, such as the IBM Cybersecurity Analyst Professional Certificate, available on Coursera, designed to help learners become job-ready.
Cybersecurity is a concern for any company that utilizes computer systems, so there are opportunities for cybersecurity professionals to find jobs across a wide range of industries. One major employer of cybersecurity specialists is the government. Every federal agency in the US employs cybersecurity professionals, including and especially the Cybersecurity & Infrastructure Security Agency (CISA).
Outside of the government, cybersecurity professionals might look for jobs at technology companies such as Apple and Intel; software companies such as Cisco; banks such as the Federal Reserve Bank of New York and Capital One; and health centers such as Patient First; manufacturers such as Lockheed Martin and General Motors.
Remote work is becoming more common, and cybersecurity roles are well positioned for it. Most job descriptions will state whether remote work is an option.
If working from home is a priority for you, you can find listings on Dice and NinjaJobs. Dice refers to this option as “remote,” while NinjaJobs uses “telework” and “telecommute.” Both terms have the same meaning.
While you may be able to enter the field of cybersecurity without knowledge of programming languages, it is considered a valuable skill set, particularly as you seek to advance your career. Python is often cited among the key skills needed for a career in cybersecurity.
Browse job descriptions to determine whether programming will be necessary to obtain your desired role. If you are able to secure an entry-level position without programming skills, you may want to consider gaining that knowledge over time.
Intelligence Careers. "Cyber Careers, https://www.intelligencecareers.gov/nsa/nsacyber.html." Accessed November 26, 2024.
Zippia. "Best Colleges for Cyber Security Specialists, https://www.zippia.com/cyber-security-specialist-jobs/education/." Accessed November 26, 2024.
Editorial Team
Coursera’s editorial team is comprised of highly experienced professional editors, writers, and fact...
This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.