Explore Jobs
Find Specific Jobs
Explore Careers
Explore Professions
Best Companies
Explore Companies
Cyber security engineer job growth summary. After extensive research, interviews, and analysis, Zippia's data science team found that:
The projected cyber security engineer job growth rate is 32% from 2018-2028.
About 35,500 new jobs for cyber security engineers are projected over the next decade.
Cyber security engineer salaries have increased 12% for cyber security engineers in the last 5 years.
There are over 14,773 cyber security engineers currently employed in the United States.
There are 73,419 active cyber security engineer job openings in the US.
The average cyber security engineer salary is $99,492.
Year![]() ![]() | # Of Jobs![]() ![]() | % Of Population![]() ![]() |
---|---|---|
2021 | 14,773 | 0.00% |
2020 | 12,543 | 0.00% |
2019 | 12,162 | 0.00% |
2018 | 20,358 | 0.01% |
2017 | 19,829 | 0.01% |
Year![]() ![]() | Avg. Salary![]() ![]() | Hourly Rate![]() ![]() | % Change![]() ![]() |
---|---|---|---|
2025 | $99,492 | $47.83 | +3.4% |
2024 | $96,213 | $46.26 | +2.3% |
2023 | $94,035 | $45.21 | +3.0% |
2022 | $91,320 | $43.90 | +3.1% |
2021 | $88,537 | $42.57 | +2.8% |
Rank![]() ![]() | State![]() ![]() | Population![]() ![]() | # of Jobs![]() ![]() | Employment/ 1000ppl ![]() ![]() |
---|---|---|---|---|
1 | District of Columbia | 693,972 | 632 | 91% |
2 | Virginia | 8,470,020 | 2,415 | 29% |
3 | Delaware | 961,939 | 235 | 24% |
4 | Maryland | 6,052,177 | 1,289 | 21% |
5 | Minnesota | 5,576,606 | 1,158 | 21% |
6 | Rhode Island | 1,059,639 | 220 | 21% |
7 | Alaska | 739,795 | 146 | 20% |
8 | Washington | 7,405,743 | 1,404 | 19% |
9 | New Hampshire | 1,342,795 | 255 | 19% |
10 | Vermont | 623,657 | 119 | 19% |
11 | Illinois | 12,802,023 | 2,149 | 17% |
12 | Oregon | 4,142,776 | 696 | 17% |
13 | Pennsylvania | 12,805,537 | 2,002 | 16% |
14 | North Carolina | 10,273,419 | 1,593 | 16% |
15 | New Jersey | 9,005,644 | 1,415 | 16% |
16 | Colorado | 5,607,154 | 891 | 16% |
17 | Nebraska | 1,920,076 | 307 | 16% |
18 | Georgia | 10,429,379 | 1,581 | 15% |
19 | Alabama | 4,874,747 | 718 | 15% |
20 | Arizona | 7,016,270 | 997 | 14% |
Rank![]() ![]() | City![]() ![]() | # of Jobs![]() ![]() | Employment/ 1000ppl ![]() ![]() | Avg. Salary![]() ![]() |
---|---|---|---|---|
1 | Annapolis | 5 | 13% | $94,776 |
2 | Pensacola | 4 | 7% | $84,049 |
3 | Ashburn | 3 | 7% | $91,417 |
4 | Huntsville | 9 | 5% | $87,411 |
5 | Bethesda | 3 | 5% | $94,607 |
6 | Dearborn | 4 | 4% | $89,767 |
7 | Washington | 18 | 3% | $85,404 |
8 | Olathe | 4 | 3% | $86,410 |
9 | Colorado Springs | 9 | 2% | $87,264 |
10 | Orlando | 6 | 2% | $82,086 |
11 | Tampa | 6 | 2% | $82,607 |
12 | Arlington | 4 | 2% | $91,536 |
13 | Montgomery | 4 | 2% | $87,419 |
14 | Denver | 5 | 1% | $86,654 |
15 | Atlanta | 4 | 1% | $98,224 |
16 | Boston | 4 | 1% | $95,007 |
17 | Virginia Beach | 4 | 1% | $91,755 |
18 | Chicago | 5 | 0% | $79,585 |
Rider University
University of Alabama at Huntsville
Pace University
West Virginia State University
University of Maryland Global Campus
Pennsylvania State University - Altoona
Pennsylvania State University - Lehigh Valley
Northwood University
The University of Tampa
Albertus Magnus College
Robert Cutlip Ph.D.: Seek internship opportunities while still enrolled. This will help with gaining experience, growing professionally, and starting to build your professional reputation and contacts. Also, actively engage in networking and outreach, along with research on private sector or government sector opportunities that you can pursue.
Robert Cutlip Ph.D.: Regarding salary, internship experience or part-time employment in the field will be of benefit. Also, any certifications in this area will be of benefit to prospective employers.
Robert Cutlip Ph.D.: The field of Cybersecurity is rapidly evolving. Threats from foreign actors are becoming more mature. Also, artificial intelligence presents new challenges. I would suggest staying abreast of new threat signatures, mitigation strategies, and technologies that will be a factor in this space in the near future.
Zhengping Luo Ph.D.: Securing your first internship or job in your field can be challenging and sometimes frustrating. It's important to keep an open mind about all potential job opportunities in your field. While your first job may not be your dream job, gaining experience will improve your prospects as long as you remain in the field. Be patient, as you may face many rejections before landing a good position. It's worth noting that rejections are often not a reflection of your qualifications. Employers consider various factors when hiring, and many of which are often have nothing to do with your professional skills, so don't be discouraged. Simply keep moving forward without carrying the burden of past rejections. After securing your position, remain open to challenges, as they often provide opportunities to make a name for yourself and advance your career.
Zhengping Luo Ph.D.: Cybersecurity is a rapidly evolving field deeply rooted in Computer Science. To excel as a cybersecurity expert, you must understand the underlying technology of information systems. Therefore, continuous learning and staying updated with the latest technologies are essential. Currently, generative models like large language models are on the rise. It won't be long before cybersecurity concerns expand to include artificial intelligence technologies. Thus, the ability to keep pace with technological advancements, such as AI, is crucial for cybersecurity professionals. Cybersecurity is still evolving, and programming/debugging skills remain crucial. In addition, strong communication and teamwork skills are increasingly essential for cybersecurity experts.
Zhengping Luo Ph.D.: Maximizing your salary potential hinges on providing value in a market-driven economy. Make sure to focus on developing skills that are in high demand. One of the tips is to consider expanding your horizons beyond where you grow up or the place you received your degree. Explore opportunities in locations that value your talents and offer competitive compensation, such as different cities, states, or even nations. Additionally, don't limit yourself to familiar job roles; be open to new positions and industries. The evolving job market continually creates new and unforeseen opportunities. While striving for financial success is important, it's equally vital to consider long-term goals and personal fulfillment. Prioritize maximizing life experiences and other cherished values alongside financial goals.
Tommy Morris Ph.D.: Cybersecurity is an ever evolving landscape. The tools you use in your job will change as your career progresses. Make sure to understand the underlying concepts behind the tools and the attacks you are defending against so that you can easily adapt to change.
Tommy Morris Ph.D.: Be close to the money. Cybersecurity is an expense to many organizations and a profit center for others, the ones that sell cybersecurity software and services. Try to work on the side that profits from cybersecurity if you want to make money.
Tommy Morris Ph.D.: Two skills are critical for the short term and long term in cybersecurity careers. Short term (3-5 years) artificial intelligence and machine learning will be a big trend in cybersecurity. Take a class in AI/MLand try to understand it can serve as a tool in your toolbox. Longer term, cybersecurity professionals need to be prepared to work on cross functional teams and be good communicators.
Dr. Darren Hayes: Add a cover letter, to accompany your resume, as many older people who review your resume expect you to include one. Don't just list your skills but mention some special projects that you were involved in, or your impact on an organization during an internship. These demonstrate the application of your skills and can be great talking points during an interview. Don't add a lot of acronyms to your resume and expect that the reviewer will know what those mean - spell everything out. Read about the organization that you are applying to before an interview - it shows that you care and are taking an interest while in the interview. Professional certifications, in addition to your degree, will give you an edge over other applicants. Additionally, participation in team competitions, such as capture the flag, demonstrates a willingness to learn beyond the classroom, hone your skills, and ability to work in a team setting. Cybersecurity, digital forensics, IT, are always evolving so you need to continue to evolve too. Therefore, you should have plans to continue learning, such as professional certifications, graduate degree, training classes and other continuing education options. Talk about your plans and goals in an interview and not just about what you have done.
Dr. Darren Hayes: Many students add 'Excellent communication skills' to their resume but cannot explain what they mean by this. If you can demonstrate this by showing a website that you created, detailing your skills, portfolio of special projects, and other key successes, then it shows that you went the extra mile. Excellent communication skills can also be demonstrated with a YouTube video that you created, a presentation you gave at an academic conference or at other speaking engagements. Graduates looking for a job with Homeland Security that can demonstrate excellent writing skills are in need. My students who possessed excellent writing skills, in addition to technical skills, generally ended up making a higher salary. Those in high-ranking positions are generally assigned reporting responsibilities that require a good command of the English language. Critical thinking is also vitally important.
Dr. Darren Hayes: Artificial intelligence - in terms of automating certain areas of cybersecurity, such as acquiring threat intelligence, malware detection and being alerted to network breaches. Ransomware continues to be the primary concern for most organizations and using AI to quickly identify those threats and quickly respond will be key. AI can also be used in investigations, such as photo searches to identify where a suspect is or to find a missing person. Knowledge of current events - especially geopolitical events. These events have repercussions for the most sophisticated (state-sponsored) cyber attacks. Knowledge of a second, third or fourth language, is helpful now and will continue to be important - especially from a cybersecurity perspective because investigations often include foreign nationals. Knowledge of malware is really important for homeland security and this area of expertise will continue to be in demand. Incident response will continue to be understaffed and therefore tremendous opportunities will continue for those who can respond to network breaches, forensically analyze systems, examine malware, etc. Other areas of importance include, machine learning, quantum computing, open source intelligence (OSINT), threat intelligence (especially related to critical infrastructure and SCADA), cryptocurrencies, IoT threats and IoT evidence, to name but a few.
West Virginia State University
Computer Science
Dr. Ali Al-Sinayyid PhD: Cloud Security: With the increasing adoption of cloud computing, expertise in securing cloud environments will be crucial. Artificial Intelligence and Machine Learning (AI/ML): Leveraging AI and ML for threat detection, anomaly detection, and predictive analytics will be essential in staying ahead of sophisticated cyber threats. Privacy and Data Protection: With the rise of data privacy regulations like the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), skills in privacy engineering, data protection, and compliance will be in high demand. IoT Security: As the Internet of Things (IoT) continues to expand, securing connected devices and IoT ecosystems will become increasingly important. Threat Intelligence and Cyber Threat Hunting: Proactive threat intelligence gathering and cyber threat hunting skills will be essential for identifying and mitigating advanced cyber threats before they cause significant damage.
Dr. Ali Al-Sinayyid PhD: Maximizing salary potential when starting your career in cybersecurity requires strategic planning and ongoing skill development. Here are some steps to consider: Certifications: Obtaining industry-recognized certifications such as CompTIA Security+, CISSP, CISM, CEH, or CCSP can enhance your marketability and salary potential. Practical Experience: Highlight hands-on experience through internships, co-op programs, research projects, or freelance work to showcase your skills and capabilities to potential employers. Negotiate Salary: Research industry salary benchmarks and be prepared to negotiate your salary based on your qualifications, experience, and the value you bring to the organization. Stay Updated on Industry Trends: Stay abreast of emerging trends, technologies, and market demand in cybersecurity to position yourself for lucrative opportunities and career advancement. Network and Build Relationships: Cultivate relationships with professionals in the field, participate in industry events, and leverage networking opportunities to uncover hidden job opportunities.
Dr. Ali Al-Sinayyid PhD: I advise any graduate of computer science entering the cybersecurity field, to focus on continuous learning and practical experience. Stay updated on emerging technologies, threats, and best practices through professional development courses, certifications, and participation in industry conferences and events. Also, you need to seek opportunities for hands-on experience through internships, research projects, or collaboration with industry partners. Finally, consider specializing in a niche area of cybersecurity to differentiate yourself and enhance your expertise.
Jesse Varsalone: Cybersecurity graduates will need to learn to work with Artificial Intelligence (AI) as it becomes more integrated into daily IT tasks for problem solving. The proliferation of IoT (Internet of Things) devices connected to the network will increase the need for cybersecurity professionals to focus on securing these devices. Even more importantly, common cybersecurity tasks like securing and hardening will be even more paramount if networks include critical infrastructure devices. Cyberattacks can have far-reaching financial implications and cause serious damage to the reputation of companies. Attacks can also include intellectual property loss or the disclosure of personal information. As compromises including ransomware attacks continue to plague companies and organizations, it will be essential for cybersecurity professionals to know how to detect, respond to, and remediate these cyberattacks.
Jesse Varsalone: Obtaining additional industry certifications like CompTIA Security+, CISSP (Certified Information Systems Security Professional), and OSCP (Offensive Security Certified Professional) can make you a more valuable employee. If you are focused in an area like SOC (Security Operations Center), you can make yourself more well-rounded by learning a different role such as penetration (pen) testing. Adding an additional sector of cybersecurity will make you a more valuable asset to your present company and help you understand your current work role even better.
Jesse Varsalone: There are several things you can do to be successful in your career. Athletes in the NBA and NFL are at the highest level of competition, but they still go to practice all the time and participate in off-season workouts. Anyone in cybersecurity should also practice their skills on a regular basis. Microsoft, VMware, and Oracle provide free virtualization options where you can use Microsoft and Linux virtual machines to practice using the operating systems. Hackthebox and Tryhackme are two cybersecurity training platforms on which you can practice cybersecurity skills with free tiers. Both can help solidify skills and help you gain knowledge in areas of cybersecurity where you might want to expand your skill set. Some of the other ways that you can jump-start your career besides frequent practice include various networking opportunities within the cybersecurity community. Your college or community college may have a cyber team that you can join. Another option might be a local BSides conference (dedicated to advancing information security knowledge-sharing) or a local hackerspace like Unallocated in the Fort Meade, Maryland area. BSides events offer lock picking villages, capture the flag (CTF’s) competitions, and training sessions are all provided at a low cost.
Syed Rizvi PhD: The field of cybersecurity is in a constant state of evolution, emphasizing the importance of continuous learning and staying abreast of the latest trends, technologies, and threats. Graduates should prioritize networking within the industry, as it can provide avenues for mentorship, collaboration, and career growth. Attending industry events, joining professional organizations, and connecting with established professionals are effective strategies. Practical experience holds significant value in cybersecurity; thus, seeking internships, participating in cybersecurity competitions, and engaging in personal projects are recommended to hone skills and build a robust portfolio. Additionally, while technical prowess is essential, soft skills such as communication, problem-solving, and teamwork are equally prized. Nurturing these skills alongside technical expertise is essential for professional success.
Syed Rizvi PhD: Proficiency in cloud security will be increasingly vital as cloud technologies see widespread adoption. Understanding how to secure cloud environments, data, and applications will be in high demand. Furthermore, the utilization of AI and ML technologies for both offensive and defensive cybersecurity strategies underscores the need for professionals well-versed in these areas. Familiarity with compliance frameworks such as GDPR, CCPA, and HIPAA is essential, given the evolving landscape of data privacy regulations globally. Additionally, the ability to swiftly gather, analyze, and respond to cyber threats in real-time will be paramount as threats become more sophisticated and prevalent.
Syed Rizvi PhD: Acquiring certifications such as CISSP, CISM, CEH, and CRISC can demonstrate expertise and potentially lead to higher salaries within the industry. Graduates should consider specializing in niche areas within cybersecurity, such as penetration testing, incident response, or security architecture, where demand for skilled professionals is particularly high. Pursuing leadership roles, such as team lead or manager positions, can also yield higher salaries and increased responsibility. During salary negotiations, it is crucial to research industry standards and market rates for the specific role and location. Articulating one's skills, experience, and value proposition effectively can help justify desired salary expectations.
Pennsylvania State University - Altoona
Computer/Information Technology Administration And Management
Syed Rizvi: The field of cybersecurity is in a constant state of evolution, emphasizing the importance of continuous learning and staying abreast of the latest trends, technologies, and threats. Graduates should prioritize networking within the industry, as it can provide avenues for mentorship, collaboration, and career growth. Attending industry events, joining professional organizations, and connecting with established professionals are effective strategies. Practical experience holds significant value in cybersecurity; thus, seeking internships, participating in cybersecurity competitions, and engaging in personal projects are recommended to hone skills and build a robust portfolio. Additionally, while technical prowess is essential, soft skills such as communication, problem-solving, and teamwork are equally prized. Nurturing these skills alongside technical expertise is essential for professional success.
Syed Rizvi: Acquiring certifications such as CISSP, CISM, CEH, and CRISC can demonstrate expertise and potentially lead to higher salaries within the industry. Graduates should consider specializing in niche areas within cybersecurity, such as penetration testing, incident response, or security architecture, where demand for skilled professionals is particularly high. Pursuing leadership roles, such as team lead or manager positions, can also yield higher salaries and increased responsibility. During salary negotiations, it is crucial to research industry standards and market rates for the specific role and location. Articulating one's skills, experience, and value proposition effectively can help justify desired salary expectations.
Syed Rizvi: The field of cybersecurity is in a constant state of evolution, emphasizing the importance of continuous learning and staying abreast of the latest trends, technologies, and threats. Graduates should prioritize networking within the industry, as it can provide avenues for mentorship, collaboration, and career growth. Attending industry events, joining professional organizations, and connecting with established professionals are effective strategies. Practical experience holds significant value in cybersecurity; thus, seeking internships, participating in cybersecurity competitions, and engaging in personal projects are recommended to hone skills and build a robust portfolio. Additionally, while technical prowess is essential, soft skills such as communication, problem-solving, and teamwork are equally prized. Nurturing these skills alongside technical expertise is essential for professional success.
Pennsylvania State University - Lehigh Valley
Curriculum And Instruction
Kermit Burley M.Ed.: I would tell any graduate who is just beginning their career to be certain to always give 100% effort and perhaps even just a bit more. You are doing this not only for your supervisor, but for yourself. This skill will eventually become a habit and will ultimately set you apart from your competition. Many graduates new to a job or position will frequently wait to have their supervisor tell them what to do. The truly successful graduate will always seek to solve problems and then do more than what is expected. And believe me, having been a supervisor many times in my career, this high effort person will be noticed and rewarded.
Kermit Burley M.Ed.: In my fields of Cyber and Information Technology we truly need the abilities to be always learning and always preparing for the next great breakthrough or the next big threat. So, adaptability and a willingness to always be learning are essential for success. Of course, our greatest challenge now and certainly in the next 3-5 years will be AI. (Artificial Intelligence) It is already upon us and has the potential to revolutionize our field and the entire landscape of what we do. The ability to stay ahead of that very steep hill will require constant innovation and an ability to accurately anticipate what is coming just around the corner. What I also see is an increased need for "people" skills, the ability to lead a team of people to achieve goals and budgetary requirements. All too often graduates in Cyber and IT are stereotyped as not having any people skills at all and preferring to work alone. This stereotype must end and those graduates who possess people skills will be in great demand not only in the next 3-5 years, but for decades to come.
Kermit Burley M.Ed.: In my fields of Cyber and Information Technology we truly need the abilities to be always learning and always preparing for the next great breakthrough or the next big threat. So, adaptability and a willingness to always be learning are essential for success. Of course, our greatest challenge now and certainly in the next 3-5 years will be AI. (Artificial Intelligence) It is already upon us and has the potential to revolutionize our field and the entire landscape of what we do. The ability to stay ahead of that very steep hill will require constant innovation and an ability to accurately anticipate what is coming just around the corner. What I also see is an increased need for "people" skills, the ability to lead a team of people to achieve goals and budgetary requirements. All too often graduates in Cyber and IT are stereotyped as not having any people skills at all and preferring to work alone. This stereotype must end and those graduates who possess people skills will be in great demand not only in the next 3-5 years, but for decades to come.
Northwood University
Computer And Information Sciences
Professor David Sanford: Workers like that they are challenged to solve problems and lead technological innovations.
They appreciate the diversity of projects
They enjoy the need for continuous improvement and education
Many see the global impact of their work.
They also desire and appreciate the need for versatile skills
A competitive salary is also an item that employees like
Workers dislike that the work can be stressful
Dealing with tight deadlines and/ or cybersecurity concerns.
This is a positive and a negative: The need to constantly stay up to date with technology can be a bit overwhelming for some.
There may be times of isolation, and
The unexpected system failures can be frustrating as they often require extra hours or the need to be on-call.
The multiple responsibilities and managing repetitive tasks are also issues workers point out in this field.
In short, the workplace offers exciting opportunities but comes with its fair share of pressures and challenges. Different people have different experiences based on their roles and personal preferences.
The University of Tampa
Information and Technology Management Department
Louis Bobelis: Cybersecurity is emerging as one of the hottest and most desirable job industries globally, so I feel student graduates must stick out far beyond just what their degree provides them with. As an IT-based profession, Industry Standard Certificates play a crucial role in the hiring process because it assures the individual as the basic knowledge set required to fulfill a "base-level" qualification. In the current job market, I would say it is almost mandatory to have a CompTIA Security+ in order to be competitive. SSCP, CEH, OSCP, CCSP, and CySA+ are other great options but may be more difficult for graduates.
Louis Bobelis: I feel the most important soft skill is character. Being outspoken and able to explain technical cyber incidents decisively and clearly for non-IT-oriented people in your organization is especially important when you are in more senior-level positions.
Louis Bobelis: In this industry, certificates truly do go a long way, and in some organizations, you cannot elevate or find growth without acquiring specific certifications. This is not always the case and showing your worth in your internal organization by coming up with ideas that can make the current processes more efficient is always a great way to attract promotion.
Louis Bobelis: An ability to triage events and understand a cyber investigation process. Understand how to sandbox a file and locate IOCs (Indicators of Compromise) within the file. Knowing and understanding the MITRE Kill Chain and other Cybersecurity standards.
Albertus Magnus College
Business Administration and Management Department
David Garaventa: Communication and collaboration skills are critical. Particularly now that many employees are working remotely, it has become more difficult - yet more important than ever - to have IT teams that work effectively together, even when they are not in the same room together. But this is not unique to the IT realm. Whether via remote meetings or through effective written communications, it is no longer enough to simply have "technical skills." Technical skills can be taught to employees more easily than developing employee's soft skills, so when an employee approaches their job with a strong set of communication skills and strong analytic reading and writing abilities, they can often make themselves stand out to employers. The employers will recognize that they have the attributes to be an asset to the team and can then invest in helping them develop any technical areas where they may be lacking.
This is not to say that technical skills don't matter, because they do, especially in the IT field. But suppose an employee brings a strong set of soft skills to an IT team (e.g., collaboration, communication, critical thinking, etc.). In that case, they probably also can learn more technical skills as part of their job function. I once had a colleague say to me that when she is hiring, she has found that technical skill is all over the place...but it's the soft skills that are harder to find. Lastly, having the ability - and a desire - to be continually learning is essential. Technology is not static, and businesses are not static, so thinking critically in different settings across various technology platforms is very important. The tools your department uses today may not be the tools they are using tomorrow, so being fluid, adaptable, and constantly learning is the name of the game.
David Garaventa: The technical skills that are required are broad and tend to be business and/or industry-specific. If you are working in healthcare IT, the patient management platforms you use could be different from the client database used by a bank's IT team, for example. So, on the one hand, the recommendation would be to determine what platforms are most commonly used in your industry area and spend time mastering those platforms. On the other hand, most industries tend to have specific tools that are most commonly used, and spending time mastering those is important.
Going deeper into the subject, technical skills around project management, cloud infrastructure, security, and end-user support bridge across all industries. Having knowledge and skills in these areas will serve IT professionals well, no matter what field or industry they end up in. Again, it is challenging to recommend specific technical skills because the field of IT is so broad.
David Garaventa: Here is where I can be a little more specific, but mostly in terms of certifications. Certifications and micro-credentials indicate two things to an employer: First, you must have an established, verified set of knowledge and skills that you bring to the table. If it is an industry-respected certification, it brings a lot of credibility regarding your knowledge and skills around a specific platform or application. The second thing that certifications and micro-credentials demonstrate to an employer is that you are willing to continue to grow and develop your skills in your field. Technology is progressing so rapidly that the things you knew last year may no longer be relevant today. And as a result, having the ability and desire to continue learning, adapting, and attaining certifications is a great way to show your ongoing commitment to your profession.