Cyber attacks are becoming more prevalent; in fact, Accenture estimates that the number of incidents rose 31% between 2020 and 2021. As the number of attacks climbs, the industry becomes increasingly desperate for qualified cybersecurity professionals. In the U.S. there’s a massive talent gap—to the tune of 715,000 cybersecurity jobs left to be filled, an Emsi Burning Glass market report shows.
What you need to land a six-figure cybersecurity jobBY Sydney LakeJuly 27, 2022, 6:13 PM
While there are a plethora of open positions, there may not be enough qualified individuals to fill these jobs. Companies often require certain credentials, certifications, or other education requirements for high-level cybersecurity jobs. But top cybersecurity professionals agree that there are plenty of ways to break into the industry.
“There are different archetypes of how people find their way into security,” Ryan LaSalle, head of Accenture Security’s North America practice, told Fortune in a recent interview. “Some of those continued education programs, certification programs, self-study programs, and even some of the master’s degrees, and online programs really help those folks make the pivot with some confidence.”
No matter the path you take to get there, pursuing cybersecurity positions do often pay off. Many cybersecurity jobs pay well over the six-figure mark, with some professionals earning $225,000 and more, according to research from Mondo, a recruiting firm for tech and creative companies.
“We often see that cybersecurity skills carry a significant salary premium in some cases on the order of $10,000, $15,000 or more” than other technical roles, Will Markow, vice president of applied research–talent at Emsi Burning Glass, previously told Fortune.
Do I need a master’s degree in cybersecurity to make six figures?
ISC2, an organization that specializes in training and certifications for cybersecurity professionals, reported that 40% of cybersecurity workers had a master’s degree in the field in 2021. What’s important to recognize, however, is that ISC2 represents and helps very high-level professionals who are often studying to earn the most coveted certifications in the field.
“Too many people are scared away from our field when they hear associations saying that you need a master’s degree or other qualifications that really aren’t required for most positions in our field,” Steve Morgan, founder of Cybersecurity Ventures, tells Fortune. “While some portion of cyber workers in highly technical positions or executive roles may have a master’s degree, that is not true for the bulk of people employed in our field.”
Of entry- and mid-level cybersecurity professionals, about 15% have a master’s degree in the field, several sources show. The figures from ISC2 most likely refer to senior-level positions at Fortune 500 companies, Morgan says.
While you don’t necessarily need a master’s degree in cybersecurity to make six figures, several experts agree that going to grad school can often help you earn a higher salary than a bachelor’s degree or other certifications alone.
Master’s degree students in cybersecurity “have more demonstrated critical thinking experience from the written reports and oral presentations they have completed,” Nick Schneider, CEO of cybersecurity firm Arctic Wolf, tells Fortune. “This is often because the master’s candidate may be able to skip an entry-level role and immediately go into a second-level position. But be aware, where you start does not dictate where you end.”
Education can also be substituted by additional work experience or relevant cybersecurity certifications, he adds. Plus, some cybersecurity jobs with the federal government require security clearances, which can increase compensation packages.
Other ways to make six figures in cybersecurity
Completing cybersecurity certifications is also a promising way to work toward making a six-figure salary. Kayne McGladrey, IEEE senior member and cybersecurity strategist at Ascent Solutions, cites a cybersecurity workforce study by ISC2 that shows that certifications result in an average $33,000 more in annual salary.
“Cybersecurity remains a clear path to a middle-class salary for people with a two-year degree, a relevant certification to overcome gatekeeping by HR departments, a desire to help protect one’s friends and community, and a willingness to continuously learn as part of a team,” he tells Fortune.
Sven Dietrich, another IEEE member and professor at Hunter College, also points out that employers will often offer cybersecurity-focused training and certifications. Aside from hard technical skills, landing top-paying cybersecurity jobs also requires a number of soft skills.
“A six-figure job in cybersecurity is likely to require a candidate that can lead and express themselves clearly in front of management, a team, or even customers,” Dietrich says. “For my team, I want to hire someone who has creative thinking in response to a challenge problem, can use sideways thinking to get to the solution, and has good team abilities to first follow, but also lead as necessary. Project management skills are another plus.”
Expert advice on entering the field
Another thing to consider? Cybersecurity isn’t your average 9-5 job, Schneider says. It requires a “mission-oriented attitude,” and appeals to people “motivated with a higher calling.”
“Cybersecurity is an industry that is evolving at an exponential rate and requires a chameleon-like mindset to roll with the punches,” Schneider says. “Although a specific degree might be nice to have, the threat landscape is the wild west where hands-on, real-world experience is critical in defending against rising threats.”