CYBERSECURITY JOB HUNTING GUIDE
  • Home
  • Introduction
    • Things you should know
    • The strategy
  • Paths into Cybersecurity
    • First steps
    • SWOT Analysis
    • How much time do you need?
    • Calculate& Evaluate Knowledge
    • Imposter syndrome
    • Time Management
    • Cybersecurity Domains
    • Cloud Security
    • Financial advice >
      • Credit score
    • The salary
    • Advocacy for underrepresented groups
  • Goal Setting & Career paths
    • Find your career in 5 steps
    • Cybersecurity career options
    • Career finding with LinkedIn
    • Transferable Skills (general)
    • Transferable IT Skills
    • Find a path with job descriptions
    • The I do not know path
    • Do you know “garbage” jobs?
    • “Bonus” knowledge
    • Learning & Motivation
    • Particular vs. any job
    • Pentester path (start)
    • Pen Testing as Career
    • SOC Analyst as career
    • Security Engineer as career
    • Compliance & Risk as career
    • How to find a career (IAM Engineer)
    • Find a company
  • Networking
    • Networking like a pro
    • LinkedIn
    • Referrals & Skills
    • LinkedIn Recruiters >
      • Working with a recruiter
    • Cyber Community
    • Networking University
    • Mentoring
    • Build your personal brand
    • Goal of Networking
  • Hands-on
    • The home lab >
      • Designing a home lab
      • Ways to create a home lab
      • Hypervisors >
        • VirtualBox
        • VMWare Player
        • QEMU/KVM
      • Docker
      • Operating Systems >
        • Kali Linux >
          • Installing Kali with VirtualBox
        • Parrot
        • BlackArch
        • Red Hat Enterprise Linux >
          • RHCSA
        • Security Onion >
          • Installation Security Onion
        • Metasploitable2
        • Ubuntu
        • Windows >
          • Windows in a VM
          • Windows with Virtual Machine Manager
          • Preparing Windows logging
          • John Strand's ADHD VM
      • Firewalls >
        • pfSense Installation
        • pfSense configuration for Security Onion
    • Volunteer Work
    • Note Taking
    • Red labs >
      • Cyberseclabs
      • HackTheBox >
        • HackTheBox Academy
      • INE red side
      • RangeForce
      • Offensive Security
      • TryHackMe
      • Virtual Hacking Labs
    • Red tools & techniques >
      • Atomic Red Team
      • DVWA
      • Metasploit
      • OSINT tools
      • OWASP Juice Shop
    • Blue labs >
      • Blue Team Labs Online
      • DetectionLab (free)
      • INE
      • Letsdefend >
        • LetsDefend password stealer
      • Opensecuritytraining (free)
      • PurpleLabs
      • RangeForce
    • Blue tools >
      • Install a Canary Token
      • CyberChef
      • EDR Lima Charlie installation
      • EDR LimaCharlie configuration
      • EDR Velociraptor (free)
      • EDR Bluespawn (free)
      • DeepBlueCLI (logs Powershell, free)
      • Raccine (ransomware protection, free)
      • Install RITA (detects C2 traffic, free)
      • Sandboxes >
        • Joe's Sandbox
      • SIEM ELK Stack
      • SIEM Graylog >
        • Getting started with Graylog
        • Install Graylog
        • Graylog Windows agent
        • Graylog Linux agent
        • Graylog as application
      • Suricata with RangeForce
      • Identifying IoCs with RangeForce
      • What2Log
  • Certifications, Degree & Courses
    • Overview
    • Free & Affordable Resources
    • Pick your cert
    • Skill Assessment
    • Get a cheap degree
  • (Employment) fraud & scams
    • Suspicious Offer
    • Second Offer
    • Certification Scams
    • Fraud with courses
  • Analyzing a job ad
    • The Header
    • Building a Bridge
    • The Responsibilities
    • Desired Skills
    • Preferred Qualification
    • Benefits
    • Own skills vs job ad
    • Dealing with poorly written job ads
  • Resume writing
    • Templates
    • Building a draft
    • Resume in Detail
    • Understand the company
    • ATS and tailoring
    • Last Step
  • Cover letter
    • Writing a cover letter
  • Preparation & Interview
    • Organize your job hunt
    • SWOT Again (interview)
    • Twitter
    • The interview
    • Interview Questions Designed To Trick You
    • Post interview tasks
  • I did it all, but...
    • You are not alone
    • Try Something New
    • Why You'll Fail in Cyber Security
  • Yes, I got a job!
    • Two, or more offers?
    • Continued learning
    • Moving up
    • Lessons learned
  • Conclusion
  • Additional things
    • Reviews (labs, courses, certs) >
      • CompTIA A+
      • CompTIA Network+
      • CompTIA Security+
      • CompTIA Server+
      • CompTIA PenTest+
      • DroneSec DSOC
      • Defensive-Security Purple Labs
      • FAA Part 107
      • INE eCPPT & PTP
      • Letsdefend review
      • Microsoft AZ-500
      • RangeForce SOC 1
      • RangeForce SOC 2
    • Work In A Different Country >
      • The Work Permit
      • Working in the US
      • Studying in the US
      • Studying in Germany
      • Work in a different country
    • Other Resources >
      • Useful Links >
        • All about careers
        • Red resources
        • Blue resources
      • YouTube
      • Twitch
      • Podcasts
      • Books
      • Udemy
      • Thanks
    • Contributors
  • Stefan Waldvogel, where can I help?
  • Home
  • Introduction
    • Things you should know
    • The strategy
  • Paths into Cybersecurity
    • First steps
    • SWOT Analysis
    • How much time do you need?
    • Calculate& Evaluate Knowledge
    • Imposter syndrome
    • Time Management
    • Cybersecurity Domains
    • Cloud Security
    • Financial advice >
      • Credit score
    • The salary
    • Advocacy for underrepresented groups
  • Goal Setting & Career paths
    • Find your career in 5 steps
    • Cybersecurity career options
    • Career finding with LinkedIn
    • Transferable Skills (general)
    • Transferable IT Skills
    • Find a path with job descriptions
    • The I do not know path
    • Do you know “garbage” jobs?
    • “Bonus” knowledge
    • Learning & Motivation
    • Particular vs. any job
    • Pentester path (start)
    • Pen Testing as Career
    • SOC Analyst as career
    • Security Engineer as career
    • Compliance & Risk as career
    • How to find a career (IAM Engineer)
    • Find a company
  • Networking
    • Networking like a pro
    • LinkedIn
    • Referrals & Skills
    • LinkedIn Recruiters >
      • Working with a recruiter
    • Cyber Community
    • Networking University
    • Mentoring
    • Build your personal brand
    • Goal of Networking
  • Hands-on
    • The home lab >
      • Designing a home lab
      • Ways to create a home lab
      • Hypervisors >
        • VirtualBox
        • VMWare Player
        • QEMU/KVM
      • Docker
      • Operating Systems >
        • Kali Linux >
          • Installing Kali with VirtualBox
        • Parrot
        • BlackArch
        • Red Hat Enterprise Linux >
          • RHCSA
        • Security Onion >
          • Installation Security Onion
        • Metasploitable2
        • Ubuntu
        • Windows >
          • Windows in a VM
          • Windows with Virtual Machine Manager
          • Preparing Windows logging
          • John Strand's ADHD VM
      • Firewalls >
        • pfSense Installation
        • pfSense configuration for Security Onion
    • Volunteer Work
    • Note Taking
    • Red labs >
      • Cyberseclabs
      • HackTheBox >
        • HackTheBox Academy
      • INE red side
      • RangeForce
      • Offensive Security
      • TryHackMe
      • Virtual Hacking Labs
    • Red tools & techniques >
      • Atomic Red Team
      • DVWA
      • Metasploit
      • OSINT tools
      • OWASP Juice Shop
    • Blue labs >
      • Blue Team Labs Online
      • DetectionLab (free)
      • INE
      • Letsdefend >
        • LetsDefend password stealer
      • Opensecuritytraining (free)
      • PurpleLabs
      • RangeForce
    • Blue tools >
      • Install a Canary Token
      • CyberChef
      • EDR Lima Charlie installation
      • EDR LimaCharlie configuration
      • EDR Velociraptor (free)
      • EDR Bluespawn (free)
      • DeepBlueCLI (logs Powershell, free)
      • Raccine (ransomware protection, free)
      • Install RITA (detects C2 traffic, free)
      • Sandboxes >
        • Joe's Sandbox
      • SIEM ELK Stack
      • SIEM Graylog >
        • Getting started with Graylog
        • Install Graylog
        • Graylog Windows agent
        • Graylog Linux agent
        • Graylog as application
      • Suricata with RangeForce
      • Identifying IoCs with RangeForce
      • What2Log
  • Certifications, Degree & Courses
    • Overview
    • Free & Affordable Resources
    • Pick your cert
    • Skill Assessment
    • Get a cheap degree
  • (Employment) fraud & scams
    • Suspicious Offer
    • Second Offer
    • Certification Scams
    • Fraud with courses
  • Analyzing a job ad
    • The Header
    • Building a Bridge
    • The Responsibilities
    • Desired Skills
    • Preferred Qualification
    • Benefits
    • Own skills vs job ad
    • Dealing with poorly written job ads
  • Resume writing
    • Templates
    • Building a draft
    • Resume in Detail
    • Understand the company
    • ATS and tailoring
    • Last Step
  • Cover letter
    • Writing a cover letter
  • Preparation & Interview
    • Organize your job hunt
    • SWOT Again (interview)
    • Twitter
    • The interview
    • Interview Questions Designed To Trick You
    • Post interview tasks
  • I did it all, but...
    • You are not alone
    • Try Something New
    • Why You'll Fail in Cyber Security
  • Yes, I got a job!
    • Two, or more offers?
    • Continued learning
    • Moving up
    • Lessons learned
  • Conclusion
  • Additional things
    • Reviews (labs, courses, certs) >
      • CompTIA A+
      • CompTIA Network+
      • CompTIA Security+
      • CompTIA Server+
      • CompTIA PenTest+
      • DroneSec DSOC
      • Defensive-Security Purple Labs
      • FAA Part 107
      • INE eCPPT & PTP
      • Letsdefend review
      • Microsoft AZ-500
      • RangeForce SOC 1
      • RangeForce SOC 2
    • Work In A Different Country >
      • The Work Permit
      • Working in the US
      • Studying in the US
      • Studying in Germany
      • Work in a different country
    • Other Resources >
      • Useful Links >
        • All about careers
        • Red resources
        • Blue resources
      • YouTube
      • Twitch
      • Podcasts
      • Books
      • Udemy
      • Thanks
    • Contributors
  • Stefan Waldvogel, where can I help?
  CYBERSECURITY JOB HUNTING GUIDE

The salary question

Author: Stefan Waldvogel
​​​Editor: Shana Wejuli -reserved-
Updated April 2022

Cybersecurity jobs are famous for their high salaries, even though this is not true for the first one or two jobs. I mentioned these number before:
  • Do you not have experience? You’re looking at $40-$55.
  • A couple of years’ experience? Between $50 - $80K.
  • Between two and five years of experience? $80 - $125K.
  • Five years and more? $80 - $350K.

These numbers are general numbers. The US is large and diverse. Some areas like the Bay area offer a lot higher salaries, but the costs of living is a lot higher.​

​Researching for the right salary is a mandatory and challenging task. Most employers want to know your salary expectation in an interview. You can use glassdoor, Indeed, Linkedin, payscale, salary.com, dice to get the first idea, and it could look like this:
Picture
This job (Incident Handler) is not an entry-level job, and if it is your first Cybersecurity role, most likely you pivot into this role with a couple of years of IT experience.

You get the highest numbers if you look at certification companies like SANS, EC-Council, CompTIA, etc. These companies want to sell classes, courses, and certifications. -> it is sales.
The other side is the employer's side. I found the lowest number on indeed with $55K because employers want to pay as little as possible. Well-structured Cybersecurity recruiting websites can give you a deeper inside:
  • www.westpointrecruitment.com/job-search (all jobs have a salary range -> most jobs are in Europe)
Other resources are:
  • https://www.hays.com/resources/reports/2021-salary-guide
  • ​www.roberthalf.com/salary-guide
  • payscale.com
  • https://www.ziprecruiter.com/
Hays and Robert Half are recruiting companies, and they make their money with a provision (contract work is a bit different). This provision is tied to the salary, and therefore they sell you to a potential employer as expensive as possible. I assume their numbers are a bit too high, but still realistic.

Some states in the US require a salary range upfront and some companies like Dragos always give a range.

Ziprecruiter has a cool feature, you see the distribution. The following picture gives you a deeper inside about Entry Level SOC Analyst. The average number is around what people expect, but most people make a lot less. You will get around $65K if you work for a good company, but most SOCs are renamed and underfunded HelpDesks and there you will earn a lot less.
This works, because companies get hundreds or even thousands of applicants for such jobs. -> Someone will take a $35K job to get the foot into the door.
Picture
Every time you see a number think about the intention.

The question is: What is a good salary or what salary is acceptable?
These questions are very had to answer because each city is different and each person is different. There are a lot of variables. Some companies (especially in tech) offer "low" salaries, but the benefits are great.
You get the city modifiers via https://www.roberthalf.com/salary-guide but be aware, these are numbers, too. They give you the bigger idea, but it does not matter if a modifier is +8% or +10%, but it matters if you compare a minus 20% city vs. a plus 30% city.

I got the idea for the following picture from a twitch stream (www.twitch.tv/videos/976897705) with Joe Hudson and Neal Bridges:
Picture
  • If you are on LinkedIn and have local recruiters in your network, you can ask them. These people know the market very well, and their numbers are more accurate than glassdoor or other salary websites. 
  • Ask your cybersecurity connections to get a better idea about the salary situation. Most companies have a salary structure for a specific position and the people earn more or less the same amount of money.
  • Use Reddit and just ask. Maybe you get a useful information, maybe not.
  • Websites for salaries and reviews are not very accurate.

For the following pictures, I used salary.com together with 0 years experience and a specific city:
Picture
Picture
This website does not have "Incident Handler" as a job, but similar jobs. Here, you can see the typical range. The first job description is between $50K and $80K, and the higher job is between $60K and $100K. 
Remember: these are just numbers for your orientation, and each city and situation is different. 

Often, tech jobs offer a lot of benefits.
Picture
In this example, the base salary is 66.5% and the total compensation is >$90K.

As an Incident Handler with 0 years work experience, the salary range could look like this:
Picture
For the UK, you can use Trident's Cyber Security Salary guide. The full guide is 19 pages long and covers all relevant topics. Download link: www.linkedin.com/posts/trident-search-group_salary-guide-activity-6788420335030046720-72gv
Picture
source: https://www.tridentsearch.co.uk/

SIEM Engineers
I applied for a job as Security Analyst and got a job as a SIEM Engineer at Graylog, so I did the most research about that area. I got the most accurate numbers from a recruiter (Joe Hudson) who placed over thousand people in the industry and looked into other places.

Junior SIEM Engineer $90K (first year)
SIEM Engineers (Tier II/III in a SOC) $130 - 160K
Senior/Principal/SOAR SIEM Engineers $150 - 165K

SIEM Content Developers (2 years experience) $90 - 110K
Senior SIEM Content Developers $120 - 140K

Architect roles $160 - 190K

Salary is not everything
If it comes to accept an offer, salary is only one thing to consider. If you have multiple offers, try to include holidays, paid certifications, health care, 401K and other points.
A salary that is slightly under average might beat a lot better base salary in terms of the full packet. 100% remote or not?
In my case, I do not even own a car and this saves me at least $6,000 a year, have a lower risk, and spend 0 time commuting.
​
Conclusion
This topic is enormous, and this post covers a tiny part. If you get an offer, think about the package, including health insurance, stocks, bonis, etc... Sometimes a lower offer is an excellent deal if you add all extra things. Some companies offer free SANS classes, and this way, you get valuable certs, and you can do a lot of high-end networking.​​
​What is my salary goal for the first year? Honestly, I know one thing: If I get my first Cybersecurity job, I am "useless" for the first 12 to 18 months. It is like a paid apprenticeship, and I am very thankful to get it. A $50K apprenticeship is still okay, and everything on top of it is a bonus. I will ask for $70K due to my IT background, and I will see.
--> Edit: I got into the job with a high salary (for the job i applied for) and had even job offers beyond 140K. I took a job with a lower salary than the maximum because the life-balance packet for the job at Graylog was much better. 100% work from home, 0 requirements in time, location and workdays. 
Next: Underrepresented groups
© 2021. This work is licensed under a CC BY-SA 4.0 license​