Cybersecurity Analysts Salary
mnashe
Member Posts: 136 ■■■□□□□□□□
I received an email today from CompTIA about cybersecurity jobs. In the article, they list Cybersecurity Analysts with a salary range of $55,560 to $153,090. They list Pentester as $101,000 and Cybersecurity Engineer with a range of $107,000-$127,000.
This seems off to me, but I'm not in the security field, so I don't know. I didn't think analysts would make up to $153,000 and I would assume pen testing and engineers would make more than analysts
This seems off to me, but I'm not in the security field, so I don't know. I didn't think analysts would make up to $153,000 and I would assume pen testing and engineers would make more than analysts
Comments
-
LeBroke Member Posts: 490 ■■■■□□□□□□An analyst is a very catch-all term. I have a friend that's contracting in Calgary (so not even US salaries) for $120/hour, for example. His title? Security Analyst.
His previous title was Security Architect at a multinational, and he's also been running his own company for a good 10-15 years now.
Job titles are basically meaningless in tech. I've met a guy whose business card literally said "Computer Janitor." He's a senior sysadmin at a trendy tech company. -
CyberCop123 Member Posts: 338 ■■■■□□□□□□The word "Analyst" is one of the most confusing terms in cyber security.
I've seen jobs where analyst refers to entry level and salary of £25'000
Equally I've seen jobs where analyst is for about £70'000
I found it surprising as I always associated analyst with lower level/junior roles. I think on the most part it is.
Funny though as I've also seen similar trends with "ethical hacker", "vulnerability assessment" and even to some degree pen tester. E.g. Junior may be on £30k but red team lead on £100k+
The only consistent job title for salary and level has been "engineer". Each time they've been well paid jobs.
I think most of it is HR not really understanding the connotations these titles have and also lacking true knowledge of skills and experience of the applicants.
An example of this is
people saying "you haven't got CEH have you?"....
me: no but I have my oscp
Them; ok... mmmm they did ask for ceh thoughMy Aims
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully) -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□Yep, in security the blanket terms seem to be analyst, engineer and architect, which covers pretty much everything. You'll find analysts who teach SANS courses and work in the NSA and other people who feel that after 2 years they're too experienced to be an analyst anymore.
-
cyberguypr Mod Posts: 6,928 ModRule #1: titles mean NOTHING! A security analyst can be anything from a compliance monkey to a highly skilled incident responder or even a reverse engineer. It’s useless to throw salary ranges around without understanding the scope of responsibilities of a particular role. This is part of the problem why I get entry level security positions asking for $100k+ salaries, even when the list of duties we publish clearly shows entry level tasks.
-
mnashe Member Posts: 136 ■■■□□□□□□□thanks all, this explains it. The true analyst role seems cool, but only with that higher end salary lol. Salary is kind of what has kept me away from a security role. I'm already making over 100k doing networking. I'd rather in a security role, but can't compromise the income
-
chrisone Member Posts: 2,278 ■■■■■■■■■□Pay me 150k and you can call me anything lolCerts: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
mikey88 Member Posts: 495 ■■■■■■□□□□Pay me 150k and you can call me anything lol
ComTIA just wants your money so they'll throw around ridiculous salary ranges. Not saying it's not obtainable just a bit deceiving. Ask around on these forums and you'll get a straight salary answer for your area in 5mins.Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux -
NOC-Ninja Member Posts: 1,403the pay depends on the company, location, experience, degree, skills and network.
the title matters but its varies. there is a range of pay on the title. some gets paid less , some gets paid more. -
DatabaseHead Member Posts: 2,760 ■■■■■■■■■■This is the same in data.
We have a principal architect who has the title Business Analyst. He makes over 200 an hour. The titles can get ridiculous, what I noticed from my perspective is that contracting agencies who work on premise sometimes carry goofy titles.
For instance I'm a senior BI analyst, but perform roles such as data modeler, (design data models for the business). So in reality my title doesn't match what I do completely......
@ Mikey completely agree....... -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□ComTIA just wants your money so they'll throw around ridiculous salary ranges. Not saying it's not obtainable just a bit deceiving. Ask around on these forums and you'll get a straight salary answer for your area in 5mins.
-
Blucodex Member Posts: 430 ■■■■□□□□□□cyberguypr wrote: »Rule #1: titles mean NOTHING! A security analyst can be anything from a compliance monkey to a highly skilled incident responder or even a reverse engineer. It’s useless to throw salary ranges around without understanding the scope of responsibilities of a particular role. This is part of the problem why I get entry level security positions asking for $100k+ salaries, even when the list of duties we publish clearly shows entry level tasks.
Everyone is a Senior! I see resumes where their first position is a "senior". -
soccarplayer29 Member Posts: 230 ■■■□□□□□□□Everyone is a Senior! I see resumes where their first position is a "senior".
I guess that's what you get when the "entry" level job postings require 5+ years experience.Certs: CISSP, CISA, PMP