It’s no secret that we’re (still) in an international cyber talent crisis, and that skilled workers are in high demand.
We conducted research into the top ten highest paying jobs in cybersecurity to find out just what kind of opportunities awaited those who entered the field. Here are the types of jobs companies are willing to pay (the most) for and what they entail for those looking to upskill, reskill, or make the transition into a cyber-focused career.
We continue with the second half of our two-part series below. Careers have been ranked in descending order by average national salary with 2023 data from Ziprecruiter.
5. Cyber Security Architect/ $141,799 per year
Cyber security architects work to secure online assets, such as information systems and cloud computing architecture. They understand the principles of networking and can create and manage network architecture: they typically specialize in network security and computer systems analysis. High-level duties for this sort of position might include planning and executing adversary emulations, developing and automating security tools, maintaining security equilibrium and best practices in times of mergers and acquisitions, and performing ongoing assessments of security architecture as the ecosystem expands. Day-to-day demands can include testing information systems, maintaining network infrastructures, responding to security incidents, and creating security reports for senior IT personnel on a regular basis.
4. Identity Access Management Architect/ $145,981 per year
This is a job for the frontlines of any enterprise environment: overseeing identity and access management (IAM). They design and manage the software that controls user access to the enterprise network, whether that be through Multi-factor Authentication (MFA), Single Sign-On (SSO), assigning and auditing roles and permissions on the principle of least privilege, requiring tokenized authenticators, or implementing password managers, company-wide access policies, or IAM platforms. Identity access management architects are also responsible for testing the safety of user access habits, and they can do this by engineering campaigns to intentionally compromise user accounts for the purpose of testing and learning. These methods include phishing simulations, social engineering tactics, and more.
3. Chief Information Security Officer (CISO) / $153,069 per year
The CISO oversees the entire security operations of an enterprise. While at the top of the cybersecurity food chain – they provide C-suite security representation, interfacing with CIO, CFO, CEO and the like – they are often found at smaller companies devoid of the full security personnel architecture. This skews the median income downwards slightly, but their role isn’t diminished by SMB involvement. In fact, it’s nearly always expanded as CISOs in smaller companies wear many hats. Regardless of company size, a CISO’s primary duty is to develop, influence, and lead the company’s security strategy from the top down. In creating and implementing security procedures, they may reference a framework as a guide, such as NIST, SOC-2, ISO 27001, or more. They typically lead out in approving new technologies, establishing and supporting company-wide security culture initiatives, and designing data management and security policies.
2. Cloud Security Architect/ $154,418 per year
Given the continuous mass-exodus to the cloud, a Cloud Security Architect is in ever-higher demand. Companies are going from on-premises to hybrid, and from hybrid to fully cloud-based (or spinning up as cloud-native altogether). A Cloud Security Architect designs and installs security systems that protect assets in the cloud. This includes testing existing security controls and re-implementing all the old methodologies – access management, firewalls, signature and behavior-based detection, threat investigation and response, encryption, Secure File Transfer (SFT) and more – in a whole new environment: the cloud. This position demands an agile learner and an open mind as cloud computing security approaches can be fundamentally different from securing assets on-premises.
1. Software Security Architect/ $163,414 per year
As more companies try to do more with less, senior personnel become a premium. While a security solutions engineer handles the day-to-day tasks of reviewing current architecture and spearheading improvements, a Software Security Architect plans them from the ground up. They are responsible for possessing technical security design capabilities, critical thinking and decision-making capacities as team lead, leadership qualities as a mentor who can train up developing security architects, team building skills as they bring together different teams to implement solutions, and a top-down approach as they integrate security implementations into the greater flow of the business. Skillsets include qualifications in areas such as network security, network hardware configuration, network standards, and network protocols.
So long as digital information exists online, there will be cybercriminals trying to steal it and cybersecurity specialists needed to secure it. Nearly every company is a technology company now, and you can hardly go anywhere without paying online, registering an email, or utilizing an app. As companies continue the push towards complete digitization, the demand for highly skilled cybersecurity experts that can staff SOCs and manage solutions at those enterprises will only increase.
Interested in using your cybersecurity skillset to its fullest advantage? Check out Fortra’s job postings to see if there’s an opening for you!
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.