A Comprehensive Resource to Forge Your Path in Cybersecurity!

July 31, 2023 Felicita J Sandoval MSc., CFE

Artificial Intelligence Researcher | Cybersecurity Professional | Governance | Co- Founder | Speaker | PhD (Candidate)

Are you transitioning to a career in cybersecurity or just starting in the field? The vast array of options within cybersecurity can be overwhelming at first. However, don't let that discourage you! I am here to guide you through the maze and help you find the perfect position for your skills and interests. Below, I've compiled a list of fifteen cybersecurity roles, each accompanied by a brief definition, recommended certifications, and average annual salary, to aid your career decision-making process.

Career Options

Penetration Tester

Penetration testers improve companies' security posture by identifying vulnerabilities in systems and networks. Some recommended certifications are CEH, OSCP, CISSP, CPTE, and eCPPT. The average salary for a pentester in the US is 76K-97K annually.

SOC Analyst

SOC analysts monitor and analyze security alerts, incidents, and logs to detect and respond to cybersecurity threats as it's happening. Some recommended certifications are CompTIA Security+, CISSP, CSA, CCTHP, and GCIH. The average annual salary for a SOC Analyst in the US is 83K-117K annually.

Incident Response Specialist

Incident response specialists assist companies in recovering from breaches by investigating and mitigating security incidents. Some recommended certifications are GCIH, CFE, CIRP, GCFE, and ECIH. The average salary for an incident response specialist in the US is 65K-84K annually.

Security Consultant

Security consultants provide expertise in different areas, such as cybersecurity strategies, risk assessments, and security development. Some recommended certifications are CISSP, CISM, CEH, CompTIA Security+, and CISA. The average salary for a security consultant in the US s 102K-143K annually.

Security Engineer

Security engineers design and implement security solutions, such as firewalls, encryption, and access controls, to protect an organization's infrastructure. Some recommended certifications are CISSP, CEH, CISM, CompTIA Security+, CCSP, CISA, and CISSP-ISSAP. The average salary for a security engineer in the US is 79K-112K annually.

Malware Analyst/Reverse Engineer 

Malware analysts examine and dissect malicious software to understand its behavior and develop countermeasures. Some recommended certifications are GREM, CMI, CTIA, CHFI, and ECSA. The average salary for a malware analyst in the US is 90K-108K annually.

Threat Intelligence Analyst

Threat intelligence analyst research and analyze cyber threats, providing insights to improve proactive defense strategies. Some recommended certifications are CCTIA, CTIA, GCTI, CySA+, and EC- Council CTIA. The average salary for a threat intelligence analyst in the US is 68K-113K annually.

Network Security Specialist 

Network security specialists ensure the security of an organization's network infrastructure, including firewalls, routers, and VPNs. Some recommended certifications are CompTIA Security+, Cisco Certified CyberOps Associate, CND, Cisco Certified CyberOps Professional, CISM, and CCSA. The average salary for a network security specialist in the US is 79K-113K annually.

Application Security Specialist 

Application security specialists secure and assess software applications to prevent vulnerabilities and protect sensitive data. Some recommended certifications are CSSLP, CASE, GSSP, CEH, OSCP, CISSP, and eWAPT. The average salary for application security specialists in the US is 69K-95K annually.

Cloud Security Specialist 

Cloud security specialists secure cloud-based environments and services like GCP, Azure, and AWS. Some recommended certifications are CCSK, CCSP, AWS Certified Security, Microsoft Certified Azure Security Engineer Associate, Google Cloud Certified GCP, CompTIA Cloud+, and Cisco Certified CyberOps Associate. The average salary for a cloud security specialist in the US is 89K-113k annually.

Identity and Access Management (IAM) Specialist 

IAM specialists manage user access and authentication systems to ensure secure access to resources. Some recommended certifications are CIAM, CISSP, CAP, AWS Security Certified, Microsoft 365 Certified, Okta Certified Administrator, and SailPoint Certified IdentityNow Engineer. The average salary for an IAM specialist in the US is 68K-86K annually.

Cybersecurity Architect

Cybersecurity architects design and implement comprehensive security architectures for organizations to safeguard their assets. Some recommended certifications are CISSP, CCSP, CISM, CEH, CCSADigita, AWS Certified Security, and Microsoft Certified Azure Security Engineer Associate. The average salary for a cybersecurity architect in the US is 122K-164K annually.

Security GRC Analyst 

Security GRC analysts ensure that the organization's cybersecurity efforts align with business objectives, regulatory requirements, and industry standards. Some recommended certifications are CRISC, CISSP, CISM, CGEIT, CTPRP, CCEP, CySA, and CDPSE. The average salary for a security GRC analyst in the US is 87K-110K annually.

Digital Forensic Investigator 

Digital forensics analysts investigate cyber incidents and gather digital evidence for legal purposes. Some recommended certifications are CDFE, CCFE, GCFE, CCFP, CHFI, GCIH, and ECIH. The average salary for a digital forensics investigator in the US is 74K-91K annually.

Cybersecurity Instructor 

Cybersecurity instructors educate individuals and organizations on best practices, cybersecurity awareness, and defensive strategies. Some recommended certifications are CTT+, CEI, CISSP, CEH, CompTIA Security+, GSEC, and Cisco Certified CyberOps Instructor. The average salary for a cybersecurity instructor in the US is 55K-75K annually.

What to consider?

Please keep in mind that the average salaries for these cybersecurity positions may vary over time. I relied on data from reputable sources like ZipRecruiter and Salary.com to gather this information. It's essential to note that individual salaries can fluctuate based on factors such as experience and location. Always consider these variables when assessing potential earnings in the cybersecurity field.

Words of encouragement

I encourage you to use this resource as a starting point and start a comprehensive research journey to shape your career path in cybersecurity. Use it as a springboard to explore various opportunities, certifications, and specialized areas within the field. Join organizations like Latinas in Cyber that offer career resources and empower you with knowledge and insights to make informed decisions that align with your passions and aspirations in the dynamic realm of cybersecurity. Remember, it's not just about the number of certificates you have but about the skills you possess.

Happy researching, and best of luck on your career journey!

Felicita Sandoval is a professional in cybersecurity and AI, serving as a Cybersecurity Professional at LiveRamp and a doctoral student at Colorado Technical University. Her work focuses on protecting digital assets, compliance, and AI research. An effective speaker, she often discusses AI and cybersecurity career development. As Co-Founder of Latinas in Cyber (LAIC), she promotes diversity in tech through advocacy, mentorship, and networking. Felicita also hosts the Cyber C-Suite x La Jefa Interview Series, engaging with industry leaders on AI and cybersecurity.