Certifications / Security

13 Honest Information Security Analyst Salaries

13 Honest Information Security Analyst Salaries picture: A
Follow us
Published on January 26, 2017

We dedicated an entire week of posts to breaking into the white-hot information security field, including how to get experience in IT security, tips for crushing your first security interview, certifying as an ethical hacker, and even what to do if you get audited during certification.

Have you ever looked at a salary estimate and thought it to be ridiculously high? We know you have.

We posted a weekend #NuggetFact a little while back. It said, "The average salary of a Network+ certified professional is about $74,000." You had some opinions about that salary. Similarly, we recently posted the 10 Highest Paying IT Certifications, which also sparked some debate. We heard you.

Yes. Those salaries are high, but we didn't make them up. Those are actual national stats, but averages don't always represent the truth. Outliers can mess up the entire calculation.

Basically, we're saying that places like New York City and San Francisco ruin the salary statistics for everyone. You probably aren't making $120,000 per year as an information security analyst in Cleveland, Ohio. Realistically, you're probably making between $50,000 and $60,000 as a junior analyst. Does that sound better?

What is the Actual Salary of an Information Security Analyst?

We realize what's true salary-wise for one area of the country isn't necessarily true for other parts of the country, so here's what we did.

We scoured Dice, LinkedIn, Monster, Glassdoor, Payscale, and local job boards to compile as much data about security salaries in larger, but not large, metropolitan areas. We capped population at 1 million.

It's not perfect, but here's our most honest look at IT security salaries across the United States.

Information Security Analyst Salaries











Fort Collins





Oklahoma City















Las Vegas




















Des Moines





Forth Worth










Kansas City





 Methodology: We found 172 postings from 30 U.S. cities with populations less than 1 million on popular job posting sites between November 2016 and January 2017.

The average salary for information security analyst based on these salaries? $70,153.85

The average high? $95,615

The average low? $49,385

How does that sound? Let us know.

How do you become an Information System Analyst?

Even if you merely skim the available nationwide job sites for information security analysts (or any security-related) posts, you'll find they have a few things in common.

Experience required. Most analyst hiring managers require (or strongly prefer) a couple of years of security experience, coupled with a strong background in IT fundamentals. If you don't have the requisite experience, you can likely start acquiring that experience today in your current position. CBT Nuggets security expert Keith Barker outlines how to get security experience in our recent webinar.

Certifications are highly desirable. Depending on the industry, you'll find a few certifications that show up often. In the financial industry, you'll often see CISSP or CISA. If you're going for a job with the federal government, then you're required by directive to have the CompTIA Security+ certification.

For higher level positions, such as senior information security analyst or engineer position, you'll also want to obtain your ITIL certification. At the very least, you'll likely see "project management" under the desired skills section.

By validating your experience with ITIL or PMP certifications, you can save a few lines on your resume, an entire discussion, and legitimately prepare for the next step in your career.

What's the next step?

That's really up to you. You can start today by gaining experience by taking on security tasks at your current job, or follow the advice in How to Become an IT Security Expert.

If you're already in the field, then work on learning project management and how to use collaborative tools to reach the next levels. What are those job titles?

  • Information security engineer

  • Security engineer

  • Information security officer

  • Security manager

  • Information security manager

In the highest tier of the security pecking order, you can expect to find job titles such as:

  • Security architect

  • Chief information security officer

In this final tier, you'll likely be earning the big bucks, making the big decisions, and shouldering all the responsibility if something goes wrong. (And, what can possibly go wrong in a security role?)

But if you're just starting out, that's a ways off. In the meantime, work on consolidating your experience, specialize in an area that interests you, and certify your knowledge.

We can help.

CBT Nuggets has everything you need to learn new IT skills, certify on in-demand technologies, and advance your career unlimited video training and practice exams, virtual labs, validated learning with in-video quizzes, personalized study plans, and access to our exclusive community of professionals. Learn more about the CBT Nuggets Learning Experience.


By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.

Don't miss out!Get great content
delivered to your inbox.

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.

Recommended Articles

Get CBT Nuggets IT training news and resources

I have read and understood the privacy policy and am able to consent to it.

© 2024 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522