Skip to content ↓ | Skip to navigation ↓

Information security is an exciting, and rapidly growing field for individuals who are interested in protecting users and their data against a host of evolving threats.

In an effort to map out the industry as a possible career choice, we recently conducted research into the top 10 infosec jobs based on overall pay grade. We now continue with the second part of our two-part series.

#6: Incident Responder

An Incident Responder is one who is responsible for addressing security incidents, threats and vulnerabilities that arise in an organization.

As such, individuals who aspire to become Incident Responders must be prepared to actively monitor organization networks for intrusions, perform security audits and penetration testing, conduct malware analysis and reverse engineering, and design measures that not only minimize the damage of a given incident but that also prevent a similar intrusion from ever happening again.

Incident Responders are typically members of a Computer Security Incident Response Team (CSIRT) and so report to a CSIRT Manager. They should be familiar with a wide range of skills, including web-based application security, eDiscovery tools and forensic software.

Incident Responders make a median salary between $70,000 and $90,000. Overall, they can expect to earn between $50,000 and $150,000.

#7: Security Consultant

A Security Consultant is an outside expert who helps an organization implement the best solutions according to their security needs.

Those who wish to become Security Consultants must be knowledgeable in a wide range of security standards, security systems and authentication protocols. In order to succeed, they must also be willing to develop an in-depth picture of the organization for which they are working, which includes interviewing management and other executives, as well as familiarizing themselves with the organization’s corporate policies.

Security Consultants can then use this knowledge to implement a set of security tools they see fit depending on an organization’s needs. They are also commonly responsible for testing these systems and updating them when needed.

Security Consultants make a median salary of $81,220, according to PayScale’s 2015 estimates. They can expect to bring home a total pay of at least $46,000, but they can earn as much as $147,000 a year.

#8: Computer Forensics Expert

Infosec JobsA Computer Forensics Expert is responsible for analyzing evidence gathered off of computers, networks and other data storage devices in an effort to investigate incidents of computer crime.

These individuals commonly work closely with law enforcement agencies to compile evidence for legal cases, draft technical reports or offer expert testimony in trial, and train law enforcement in computer evidence tactics. A variety of organizations, including law enforcement, legal firms and all levels of government, are the most common employers of Computer Forensics Experts.

Those who wish to pursue this particular career path must be familiar with several programming languages and operating systems, as well as with cryptography principles, eDiscovery tools and forensics software.

Computer Forensics Experts make a median salary of $77,270. They can expect to earn at least $56,000, according to PayScale. However, given the possibility of commissions, tips and overtime, they can make as much as $119,000.

#9: Malware Analyst

A Malware Analyst is responsible for helping an organization understand the viruses, worms, bots, Trojans and other malicious software that threaten its network on a daily basis.

In this capacity, Malware Analysts commonly work with Computer Forensics Experts and Incident Responders in the event of an intrusion and/or suspicious computer behavior to help identify malicious programs that may have infiltrated an organization’s computer systems. This involves conducting static and dynamic analysis of the suspicious code in order to establish signatures of the malware’s presence, as well as developing tools that can help protect the organization’s networks against future intrusions.

Malware Analysts make a median salary of $75,000. They can expect to earn at least $48,000, but some can take home as much as $100,000 a year.

#10: Security Specialist

A Security Specialist is an entry- to mid-level employee who is responsible for completing a variety of duties designed to strengthen the security of an organization.

Oftentimes, Security Specialists are required to analyze the security requirements of an organization’s systems, install and configure security solutions on corporate networks, perform vulnerability testing and help train fellow employees in security awareness. Individuals who are interested in becoming Security Specialists should have knowledge in ethical hacking, computer networking, programming and Security Information and Event Management (SIEM).

Security Specialists make a median salary of $73,853. According to PayScale’s most recent estimates, these individuals can expect to make at least $43,000 but can hope to take home as much as $113,000.

You can read Part 1 here