White Hat Hacker Salaries: What To Expect
Thanks to the unrelenting stream of news about big corporations being hacked, companies all over the world are starting to become keenly attuned to the pitfalls of poor InfoSec.
Loss of data and breaches of confidential information aren't the only risks, damage to reputation is another serious consequence. As a result, organizations are prepared to invest heavily to protect themselves and their brand.
So, it's not terribly surprising that white hat hackers, penetration testers, and information security analysts are some of the most prized and well-paid employees in the IT workforce today. But just how highly paid are these positions?
Let's take a look at the following stats and figures.
Information Security Analyst Salary PayScale.com/ shows that entry-level information security analysts can expect $64,000 from the outset of their career. This corresponds well with Indeed.com/'s average figure of $69K for 2016.
The average yearly pay for ISAs in the May 2015 Bureau of Labor survey was $93,000 with an hourly rate of $44.83. There is no distinction between entry-level, mid-level, and senior positions here, so take this as a broad estimate.
The top thee US states with the highest ISA earners are:
New York – $111,170
California – $109,110
Virginia – $106,320
White Hat Hacker Salary According to a 2015 IT Salary Report by Global Knowledge, an ISA with a CompTIA Security+ certification can expect a salary around $79,000.
Indeed.com/'s 2016 stats indicate that the average salary for a white hat hacker position is $104,000. When you compare this with Indeed's average salary stats for senior cyber security engineers at $106,000, you get a good idea of the earning power of a white hat hacker.
Meanwhile, 41 white hat hacker respondents at PayScale.com/ disclosed their earnings and the average salary came out to $80,000 per year, with actual salaries ranging between $35,635 and $181,825. Also at PayScale, penetration tester jobs are revealed pay in the range of $44,000 to $124,000, with a mean of $78,000.
White hat Hacker Job Titles White hat hacking is one of a handful of security skills that benchmark proficiency in penetration testing and security analysis. Similarly, white hat hackers are not limited to a single job title. Here are some of the most common positions held by white hat hackers:
Information security analyst
Cyber security analyst
Network security analyst
Intrusion detection analyst
IT security engineer
IT security administrator
While these job titles are all in good demand, keep in mind that countless variations exist out there in the real-world job market.
How to Get a Higher Salary Whether you're a certified white hat hacker or a plain vanilla white hat hacker with only first-hand experience, there are several ways you can command a greater salary in the field of white hat hacking.
Many experts emphasize the need for specialization (in application security, network security, and so on), yet, at the same time it's also a great idea to branch out and generalize a bit. Rounding out your security skill set with experience in roles such as system administration and software engineering will go a long way toward increasing your paycheck.
On the other hand, specializing in different forms of IT security roles will absolutely benefit white hat hackers and pen testers. The most straightforward path to specialization is certification in other security-centric courses such as:
CISSP (Certified Information Systems Security Professional)
OSCP (Offensive Security Certified Professional)
OSCE (Offensive Security Certified Expert)
GPEN (GIAC Penetration Tester)
CISM (Certified Information Security Manager)
CISA (Certified Information Security Auditor)
Two other excellent (and free) ways of increasing your worth as an white hat hacker are by performing independent security research and participating in bug bounty hunting programs.
If you haven't got a blog already, start one today and tell the world about your adventures in IT security. Potential employers will be looking for this kind of initiative, especially when hiring hackers — and blogs are the perfect platform to showcase your knowledge, passion, and skills!
Moving Forward: Future Projections Between 2013 and 2015, IT security positions in the United States experienced about 12% increase in starting salary across the board for roles such as InfoSec analyst and network security engineer. It is too early to say what the stats for 2016 look like, but the overall trend is extremely positive.
In 2014, the total number of ISA jobs as reported by the Bureau of Labor was 88,880 with a projected growth rate of 18% between now and 2024. That comes out to an extra 15,000 security analyst jobs, and this number does not reflect self-employed individuals who make up a significant portion of white hat hackers.
For those interested in taking on IT security as a career, the writing is on the wall. Now is the perfect time to get started, and you can expect your earning potential to grow steadily throughout the years. In fact, even if you were to develop no new skills or specializations, you'd likely still be earning more and more, year-by-year, due to the growing demand for skilled security pros.
Interested in White Hat Hacking training? Watch Keith Barker's White Hat Hacking course. Not a subscriber? Start your free week today!