Security Career With Highest Payout

egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
We've all heard of all the dozen or more InfoSec certifications out there. CISSP, GSEC, GCIH, CISA, CISM, CCSA, etc. The list goes on.
However, do you all know which one pays the highest, or at least which are the top 3 highest paying careers and any idea of how much they pay.

This is assuming everything being equal. Assuming the candidates all have the same level of experience in their given roles.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    What is the goal with knowing this? Are you trying to make career decisions based on compensation? I argue it's inherently flawed to try to measure this becusae you just can't keep everything equal no matter how hard you try. Titles or reponsibilities vary from company A to B so trying to circumscribe it to roles achieves nothing. An architect, sales guy, consultant, etc. in security can all make ridiculous amounts of money.
  • ClmClm Member Posts: 444 ■■■■□□□□□□
    If you want to make sure you have the cert that gets you paid the most then just get them all lol. But honestly, if you're looking to get paid high there are a lot of factors to consider location, Role, Organization, Vertical, Technology the list goes on. what I would do is pick a number that you like just say 150k (that's a lot to me) and find the roles that offer that pay. Pick which ones you can enjoy doing and then find all the people in those roles and research what they have. Ask them if you have to.
    I find your lack of Cloud Security Disturbing!!!!!!!!!
    Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig

  • JDMurrayJDMurray Admin Posts: 13,090 Admin
    Looks like you are going to be shooting for CISO. There's a cert for that! icon_study.gif
  • ClmClm Member Posts: 444 ■■■■□□□□□□
    JDMurray wrote: »
    Looks like you are going to be shooting for CISO. There's a cert for that! icon_study.gif


    How is that cert I like the idea im just wary of EC Council
    I find your lack of Cloud Security Disturbing!!!!!!!!!
    Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig

  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    Clm wrote: »
    How is that cert I like the idea im just wary of EC Council
    Stay wary, I'm fairly sure he's joking.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Do not speak ill of EC Council. I will not allow it.
  • DZA_DZA_ Member Posts: 467 ■■■■■■■□□□
    From what I've heard from and discussed with others that even for a CISO, they're not up there with their counterparts. If you're aiming for the highest salary with all things equal, I'm going to position that a very skilled senior sales architect/engineer would be the way since they generate income for the organization + commission and bonus.
  • EANxEANx Member Posts: 1,077 ■■■■■■■■□□
    JDMurray wrote: »
    Looks like you are going to be shooting for CISO. There's a cert for that! icon_study.gif

    Well played
  • MitechniqMitechniq Member Posts: 286 ■■■■□□□□□□
    I have pursued a lot of certifications and what I have realized throughout the years. The person that is above me in position and probably in pay has always had less certs than me. When I was a Linux Administrator, I had my RHCSA but the engineer above me had no cert. When I worked on VMware I got my VCP-DCV but the Architect above me only had a Comptia cert..Now in Security, I rarely see a person above me with certs...
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    That's why I started this thread...hmmm. Thanks for the input icon_smile.gif
    Clm wrote: »
    If you want to make sure you have the cert that gets you paid the most then just get them all lol. But honestly, if you're looking to get paid high there are a lot of factors to consider location, Role, Organization, Vertical, Technology the list goes on. what I would do is pick a number that you like just say 150k (that's a lot to me) and find the roles that offer that pay. Pick which ones you can enjoy doing and then find all the people in those roles and research what they have. Ask them if you have to.
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    I found there is no direct correlation between a cert and pay increase, with the exception of the CCIE is some instances.

    To get the highest salary you need to be working for a company that actually pays those high numbers (a lot of companies have a pay cap), you need to be good at something IN DEMAND, and you need to be in the right place at the right time.


    General manager, CISO/CSO, CIO, Sales, PreSales, Architect, Consultant, VP...are among the titles where I saw the highest salaries...
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    A CEO at a security company can rake it in too. The CEO at Qualys took home about USD$22.74MM in 2017 - most of it in restricted stock. Not sure if he has any certifications though icon_smile.gif
  • Info_Sec_WannabeInfo_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□
    cyberguypr wrote: »
    Do not speak ill of EC Council. I will not allow it.

    icon_lol.gificon_lol.gificon_lol.gif
    X year plan: (20XX) OSCP [ ], CCSP [ ]
  • DZA_DZA_ Member Posts: 467 ■■■■■■■□□□
    paul78 wrote: »
    A CEO at a security company can rake it in too.

    Let me just tweak this a bit: "A CEO at a unicorn security company can rake it in too." It'll be an episode like Billions.
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    DZA_ wrote: »
    Let me just tweak this a bit: "A CEO at a unicorn security company can rake it in too." It'll be an episode like Billions.

    I don't think that's necessarily true. Most venture-backed startups cap the salaries of the founders and CEO's. I've worked at startups where I made much more than the CEO. From what I understand from VC's, the average CEO cash salary is between 100k-250k. The obvious incentive is the equity which is why CEO's want to elevate their startups into Unicorn category and then either take the company public or sell it.

    However, that said, the CEO at a Unicorn will really rake it in only if there is a significant liquidity event.
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    paul78 wrote: »
    .... CEO at a Unicorn will really rake it in only if there is a significant liquidity event.
    I thought I would check out the latest public offering of a security company. Tenable's IPO was last month. I was curious about how much the founders raked in. According to the S1, the co-founders Ronald Gula and John Huffard had 9.21 and 4.09 shares owned. I found it interesting that Renaud Deraison who is the author of Nessus and one of Tenable's co-founders was not listed as a principal shareholder on the S1.

    With the IPO, Tenable is trading around USD$30 so Gula should have made over USD$276MM and Huffard should have about USD$122.7MM. They probably could have made more because the S1 indicated that during the series B offering, Gula and Huffard sold back shares at $5.81/share.

    In terms of payouts, I would call that pretty good.

    So I guess the best security career is to be an entrepreneur and start your own security company and build it until you can take it public. Of course, the odds of a payout are a bit more competitive and more difficult to achieve.
  • Tekn0logyTekn0logy Member Posts: 113 ■■■■□□□□□□
    egrizzly wrote: »
    We've all heard of all the dozen or more InfoSec certifications out there. CISSP, GSEC, GCIH, CISA, CISM, CCSA, etc. The list goes on.
    However, do you all know which one pays the highest, or at least which are the top 3 highest paying careers and any idea of how much they pay.

    The highest paid would be the individual that has mastered the art of social engineering. (Is there a cert for that?)
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Tekn0logy wrote: »
    ... mastered the art of social engineering. (Is there a cert for that?)

    Of course! Chris Hadnagy's outfit runs the Social Engineering Pentest Professional (S.E.P.P.) cert.
  • Techand$$Techand$$ Member Posts: 18 ■■□□□□□□□□
    UnixGuy wrote: »
    I found there is no direct correlation between a cert and pay increase, with the exception of the CCIE is some instances.

    To get the highest salary you need to be working for a company that actually pays those high numbers (a lot of companies have a pay cap), you need to be good at something IN DEMAND, and you need to be in the right place at the right time.


    General manager, CISO/CSO, CIO, Sales, PreSales, Architect, Consultant, VP...are among the titles where I saw the highest salaries...

    Exactly this, normally a highest paid individual is the person who saves or makes a lot of money for an organization. I’m working in the MSSP industry and arguably the best technical person in my company but the highest paid are the ones in presales, these are the guys that have a rounded knowledge in both technical and business areas. Soft skills is another highly valued aspect for the positions listed above, wish there was a certification for that too :)

    OSCP | CISSP | CREST CRT | CCNP | ITIL 

    Goal: CREST CCT | PMP 

  • vanquish23vanquish23 Member Posts: 224
    +Location
    +Cost of Living
    +Years in IT field
    +Size of company (budget)
    +Specialty
    He who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil.
  • ITSec14ITSec14 Member Posts: 398 ■■■□□□□□□□
    It's worth noting that highly talented technical folks can and do often make more than even mid level management. If you possess in demand skills in the right market, you can rake in the money.
  • cale2kitcale2kit Registered Users Posts: 2 ■■□□□□□□□□
    Also to add on, at least for Public Sector, couple those certs with a Security Clearance and you'd be surprised at the salaries offered.
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    egrizzly wrote: »
    do you all know which one pays the highest

    As a matter of fact I do. What are you willing to give for this highly valuable information? icon_cool.gif
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • JDMurrayJDMurray Admin Posts: 13,090 Admin
    Techand$$ wrote: »
    ...but the highest paid are the ones in presales, these are the guys that have a rounded knowledge in both technical and business areas...
    Salespeople put money on a business' books and all other roles eat the money away. Looks like the highest earning security people are the ones selling security products and services.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    JDMurray wrote: »
    Salespeople put money on a business' books and all other roles eat the money away. Looks like the highest earning security people are the ones selling security products and services.

    Can confirm. I still get those "in awe" moments at how much us pre-sales engineers make.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Sign In or Register to comment.