Security Engineer Salaries in Washington, D.C.?
aderon
Member Posts: 404 ■■■■□□□□□□
Looking for an estimate of how much money I could get in the Washington, D.C. area for my skillset. I've been thinking of moving down there and I'm looking for security engineering jobs.
Grand Total IT Experience: 6 years
Total Direct Security Engineering Experience: 2 years
Total AWS Experience: 2 years
Total Linux Experience: 4.5 years
Total Networking Experience: 4 years
Total Direct HTTP/Web Experience and Troubleshooting: 2.5 years
Total Windows Experience (Mostly entry-level, non-administrative experience): 2 years
Languages: Python (3 years), Bash (4 years)
Scripts: Have written approximately 50+ production scripts doing everything from automated configuration changes, to creation of custom solutions using APIs, and automation of routine tasks, etc
Certifications: CISSP, CCNA R&S, CCNA Security, AWS CSA Associate, A+, Net+, Sec+, Proj+, Lin+
Education: B.S. IT, M.S. Cybersecurity (4.0 GPA)
Summary:
Have designed/architected several rollout projects from scratch across multiple environments (Vuln scanners, MFA, endpoint protection, WAFs)
Have also completed several other major projects (cloud migrations, upgrading products through several major version upgrades that required extensive planning, etc) in other products (Password safes/rotators, PKI, MDM)
Experience using, administering, and working with plenty of other products and technologies: Firewalls, VPNs, Routers, Switches, IPS/IDS, SIEM, URL filtering, Email protection, SPF/DKIM/DMARC, HTTP, CDNs, BGP, Wireshark, phishing campaigns, DNS, FTP, DHCP, various other sysadmin and networking technologies.
I have plenty of cloud experience having gone through two migrations at different companies. This includes everything from redesigning VPCs, subnets, VPC Peering, SGs, NACLs, etc, to migrating over various security products and ensuring they work as expected in the cloud.
I'm further along knowledge-wise than my years of experience would normally represent. I do very well in technical interviews and my raises/feedback have often indicated that I perform better than my peers.
My biggest weakness is my Windows knowledge. I'm familiar with it from having used it almost my entire life, but that's a far cry from administering it. My system administration knowledge of Windows is essentially non-existent. I've worked in majority/fully linux environments my entire career so that's where my skillset lies. I'm fine with the technologies (since a lot of the same ones exist in Linux), but couldn't tell you how to implement them in the Windows' world.
Also, due to my limited security experience, I haven't implemented as many different products in a work place setting as say someone with 10 years of security experience.
Grand Total IT Experience: 6 years
Total Direct Security Engineering Experience: 2 years
Total AWS Experience: 2 years
Total Linux Experience: 4.5 years
Total Networking Experience: 4 years
Total Direct HTTP/Web Experience and Troubleshooting: 2.5 years
Total Windows Experience (Mostly entry-level, non-administrative experience): 2 years
Languages: Python (3 years), Bash (4 years)
Scripts: Have written approximately 50+ production scripts doing everything from automated configuration changes, to creation of custom solutions using APIs, and automation of routine tasks, etc
Certifications: CISSP, CCNA R&S, CCNA Security, AWS CSA Associate, A+, Net+, Sec+, Proj+, Lin+
Education: B.S. IT, M.S. Cybersecurity (4.0 GPA)
Summary:
Have designed/architected several rollout projects from scratch across multiple environments (Vuln scanners, MFA, endpoint protection, WAFs)
Have also completed several other major projects (cloud migrations, upgrading products through several major version upgrades that required extensive planning, etc) in other products (Password safes/rotators, PKI, MDM)
Experience using, administering, and working with plenty of other products and technologies: Firewalls, VPNs, Routers, Switches, IPS/IDS, SIEM, URL filtering, Email protection, SPF/DKIM/DMARC, HTTP, CDNs, BGP, Wireshark, phishing campaigns, DNS, FTP, DHCP, various other sysadmin and networking technologies.
I have plenty of cloud experience having gone through two migrations at different companies. This includes everything from redesigning VPCs, subnets, VPC Peering, SGs, NACLs, etc, to migrating over various security products and ensuring they work as expected in the cloud.
I'm further along knowledge-wise than my years of experience would normally represent. I do very well in technical interviews and my raises/feedback have often indicated that I perform better than my peers.
My biggest weakness is my Windows knowledge. I'm familiar with it from having used it almost my entire life, but that's a far cry from administering it. My system administration knowledge of Windows is essentially non-existent. I've worked in majority/fully linux environments my entire career so that's where my skillset lies. I'm fine with the technologies (since a lot of the same ones exist in Linux), but couldn't tell you how to implement them in the Windows' world.
Also, due to my limited security experience, I haven't implemented as many different products in a work place setting as say someone with 10 years of security experience.
2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started)
Comments
-
networker050184 Mod Posts: 11,962 ModReally depends on the type of role you land. You could be making anywhere from $50k to $200k. The gov contracting can be very lucrative but I can't say I've met anyone that actually enjoyed it. I think you could certainly count on $70k+ though with your skills.An expert is a man who has made all the mistakes which can be made.
-
aderon Member Posts: 404 ■■■■□□□□□□What have their experiences been like? That was one thing I forgot to mention, I don't have a clearance of any sort, but my background is as clean as they come and I've only ever left the country once for about a week. No family abroad, etc.
Regardless though, I imagine this hurts my chances fairly significantly.2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started) -
soccarplayer29 Member Posts: 230 ■■■□□□□□□□Depends on the role, but I'd say 100k-160k.
That includes options both government and commercial. There are plenty of opportunities in both so no clearance shouldn't be an issue and they are easy to find a sponsor.Certs: CISSP, CISA, PMP -
EANx Member Posts: 1,077 ■■■■■■■■□□soccarplayer29 wrote: »no clearance shouldn't be an issue and they are easy to find a sponsor.
Mostly incorrect. It's difficult to find a sponsor unless you "have a very particular skill-set". This is why a lot of people go overseas for a year or two, simply to get the clearance. -
dehgrah Member Posts: 140 ■■■□□□□□□□I would say at least $120K but don't take any less than $115k, for example I currently live in SC and $80k is equal to making $130 in D.C. Having a clearance to increase your pay even more.
-
aderon Member Posts: 404 ■■■■□□□□□□Mostly incorrect. It's difficult to find a sponsor unless you "have a very particular skill-set". This is why a lot of people go overseas for a year or two, simply to get the clearance.2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started)
-
EANx Member Posts: 1,077 ■■■■■■■■□□Far more specialized. "Computer security" is a very broad topic that ranges from penetration-testing to NIST compliance and auditing. A NetApp or Commvault SME? Sure. A VMware engineer? Nope, there are three outside the 7-11.
-
soccarplayer29 Member Posts: 230 ■■■□□□□□□□Mostly incorrect. It's difficult to find a sponsor unless you "have a very particular skill-set". This is why a lot of people go overseas for a year or two, simply to get the clearance.
I live in the DC area and in my personal experience there are some positions which require clearance, some that require candidates to be "eligible for clearance" which will sponsor candidates for clearance, and others which do not require any sort of clearance. Given the OP's experience I think he could find a government contracting opportunity which would sponsor him if he choose to go that route. But I agree that my message that getting a clearance/sponsor is easy is not a blanket statement and doesn't apply to those with generic or limited skills sets.Certs: CISSP, CISA, PMP -
TechGromit Member Posts: 2,156 ■■■■■■■■■□DC is a governemnt town. Most companies have at least some contracts with the Government, without a security clearance, the pool of potential employers shrinks considerably. Which in turn hurts your earning potential, because your going up against way more competition from people without clearances for jobs no clearances are needed, which will have a downward pressure on wages. I say 100k is the best you could hope for, a Secret clearance will boost your earning potential a good 50% and Top Secret 75%.Still searching for the corner in a round room.
-
McxRisley Member Posts: 494 ■■■■■□□□□□I've had a few offers for jobs in the DC area. All were between 80k - 120k, which is honestly a laughable amount considering the COL there. You can take whatever amount they offer you and subtract around 40k - 50k and that will be your comparable pay from a place with a normal COL. So if you take a job for 120K, it will really be like you're making 70k - 80k due to the insanely high COL. My previous company tried to ship me up there and I told them I would need a minimum of 200k so that I could support my family, obviously that didnt happen. Me personally, I prefer to make that range out here in the sticks where there is a lot more breathing room and money goes A LOT further.I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
-
Ertaz Member Posts: 934 ■■■■■□□□□□I've had a few offers for jobs in the DC area. All were between 80k - 120k, which is honestly a laughable amount considering the COL there. You can take whatever amount they offer you and subtract around 40k - 50k and that will be your comparable pay from a place with a normal COL. So if you take a job for 120K, it will really be like you're making 70k - 80k due to the insanely high COL. My previous company tried to ship me up there and I told them I would need a minimum of 200k so that I could support my family, obviously that didnt happen. Me personally, I prefer to make that range out here in the sticks where there is a lot more breathing room and money goes A LOT further.
Same. I just got fiber to the home. I'm upgrading to gig in September. I like being the only CISSP in my town of 1200. If I got paid coastal elitist $ I'd be all set...