Skip to content ↓ | Skip to navigation ↓

Given a surge in digital threats like cryptominers, ransomware, and DDoS attacks, it is no surprise that the field of information security is booming. Cybersecurity Ventures estimates that there will be 1.5 million job openings across the industry in 2019 up from one million in 2016. At the same time, the Bureau of Labor Statistics forecasts a 37 percent increase in Information Security Analyst positions alone between 2012 and 2022.

Such growth makes information security an exciting and lucrative career choice. At the same time, the industry’s expansiveness complicates the process of selecting a specific career path.

To make it easier for aspiring security professionals, here are 10 of the top highest-paying infosec jobs based on overall pay grade.

#10: Incident Responder

An Incident Responder is one who is responsible for addressing security incidents, threats and vulnerabilities that arise in an organization.

Individuals who aspire to become Incident Responders must be prepared to actively monitor organization networks for intrusions, perform security audits and penetration testing, conduct malware analysis and reverse engineering, and design measures that not only minimize the damage of a given incident but that also prevent a similar intrusion from ever happening again. Incident Responders are typically members of a Computer Security Incident Response Team (CSIRT) and so report to a CSIRT Manager. They should be familiar with a wide range of skills, including web-based application security, eDiscovery tools and forensic software.

Incident Responders make a median salary between $70,217. Overall, they can expect to earn between $48,557 and $105,171, reveals PayScale.

#9: Security Specialist

A Security Specialist is an entry- to mid-level employee who is responsible for completing a variety of duties designed to strengthen the security of an organization.

Oftentimes, Security Specialists are required to analyze the security requirements of an organization’s systems, install and configure security solutions on corporate networks, perform vulnerability testing and help train fellow employees in security awareness. Individuals who are interested in becoming Security Specialists should have knowledge in ethical hacking, computer networking, programming and Security Information and Event Management (SIEM).

Security Specialists make a median salary of $73,601. According to PayScale’s most recent estimates, these individuals can expect to make at least $47,215 but can hope to take home as much as $115,201.

#8: Computer Forensics Expert

A Computer Forensics Expert is responsible for analyzing evidence gathered off of computers, networks and other data storage devices in an effort to investigate incidents of computer crime.

These individuals commonly work closely with law enforcement agencies to compile evidence for legal cases, draft technical reports or offer expert testimony in trial, and train law enforcement in computer evidence tactics. Those who wish to pursue this particular career path must be familiar with several programming languages and operating systems as well as with cryptography principles, eDiscovery tools and forensics software.

Computer Forensics Experts make a median salary of $82,231. They can expect to earn at least $57,037, according to PayScale. However, given the possibility of commissions, tips and overtime, they can make as much as $119,337.

#7: Security Consultant

A Security Consultant is an outside expert who helps an organization implement the best solutions according to their security needs.

Those who wish to become Security Consultants must be knowledgeable in a wide range of security standards, security systems and authentication protocols. In order to succeed, they must also be willing to develop an in-depth picture of the organization for which they are working, which includes interviewing management and other executives, as well as familiarizing themselves with the organization’s corporate policies. Security Consultants can then use this knowledge to implement a set of security tools they see fit depending on an organization’s needs.

Security Consultants make a median salary of $83,989, according to PayScale’s estimates. They can expect to bring home a total pay of at least $53,721, but they can earn as much as $131,432 a year.

#6: Malware Analyst

A Malware Analyst is responsible for helping an organization understand the viruses, worms, bots, Trojans and other malicious software that threaten its network on a daily basis.

In this capacity, Malware Analysts commonly work with Computer Forensics Experts and Incident Responders in the event of an intrusion and/or suspicious computer behavior to help identify malicious programs that may have infiltrated an organization’s computer systems. This involves conducting static and dynamic analysis of the suspicious code in order to establish signatures of the malware’s presence, as well as developing tools that can help protect the organization’s networks against future intrusions.

Malware Analysts make a median salary of $84,739, says PayScale. They can expect to earn at least $52,156, but some can take home as much as $123,291 a year.

Are you interested in learning about the top 5 jobs? Find out what makes the list with part 2 here.

Also, you can check out Tripwire’s job postings to see if there’s an opening for one of the jobs listed above.

Jobs #5 – #1, here

10 Ways Tripwire Outperforms Other Cybersecurity Solutions
  • Braye

    Wow, very informative. This came at a right time when considering a career in Info. Sec. Well, I'm not sure if this applies to Canada.

    • lexmajor

      Pretty much. I'd say salaries listed are a big higher than what you'll encounter, which means they are about the same listed amounts in CAD.

  • Micheal Ethan

    The high-profile security breaches of the past few years have made it clear that organizations need to do everything necessary to safeguard their technology stack and databases against both internal and external threats. According to a new analysis of Dice salary data, that need has translated into salaries for certain tech professionals that greatly
    exceed the baseline for tech-pro salaries.Lead Software Security Engineers, Directors of Security, Security Consultants and others tasked with repelling cyber-threats can expect to earn six-figure salaries per year—so long as their skills, experience and certifications prove to be a match for very demanding roles that are continuously evolving. With that in mind, here’s a list of the top 10 security jobs, ordered by average salary for 2015.

  • Cate Lewitt

    Thanks for an interesting piece! Information security is a promising field and the most pleasant part of it for me is the possibility of working from home. For example, quite a number of freelance tech jobs can be found here, including information security ones. That’s great! And this website is also nice: high rates, a lot of other jobs (not only in technology) and no commission fee.

<!-- -->