We were asked a simple question recently – “How much can you earn in a cyber security job?” – but the question is not as simple as you might think. Factors like the type of role, location, the skills and experience you have, the sector the role is in and more, all play a part in determining the answer. But we don’t like unanswered questions, so we set about trying to find out what the ‘simple answer’ is!
We undertook thorough research on this, using multiple different sources, including our own cyber security salary calculator, so we can get you an accurate answer. You can read how we found the information at the bottom of this article.
What the data showed
Average starting salaries for our cyber security analyst role ranged from £28,000 in the North East of England through to £35,067 in London, with upper estimates in the same areas being £55,840 and £68,508 respectively. Interestingly, the place with the highest entry salary estimate was Birmingham, at £35,600 with their upper salary estimate being only a few hundred pounds a year lower than London.
Remote working also appeared as an option, with mean salary estimates of £52,286 being higher than those of any single fixed region!
- To summarise our overall findings, before we get to the ‘simple answer’:
- You don’t need to move to London to get a great cyber salary!
- The earning potential is vast, and there is a huge amount of roles at the lower end of the spectrum
- Working remotely is a viable option, and salary estimates are higher than for some fixed location jobs
- As with most roles, your exact salary will depend on experience, size of company, target sector, etc
- The top end roles CISO, Chief Security Architect, CSO, Director, VP level can pay a package anywhere from £200k-800k
- There are plenty of opportunities for career and salary progression in the cyber industry!
So, what is the “average cyber security salary in the UK?”
The ‘simple answer’ to the far more nuanced question of ‘how much can you earn in a cyber security job?’ is…….
This is mainly because of the volume of opportunities in a SOC environment where you have large teams of L1 & L2 analysts, also a large number of grad schemes and entry level opportunities.
How much can you earn in your career?
Of course the average salary is a meaningless number. Chief Information Security Officer (CISO) roles working for large companies can attract significant six figure salaries. An entry level ‘no skills required’ role may pay as little as £23,000 a year, with the attraction of training being included in the package. This is one of the reasons we assumed 3-4 years of experience.
One of the major attractions of Cyber security is that it is not just a job however, it’s a career. The ‘no skills required’ starter of 2022 could be the CISO for Megacorp before they know it. The ability to progress to new cyber roles in a company, or moving to a different company doing a similar role, is one of the major attractions. With technologies advancing all the time, and technology being used as a core part of almost all global supply chains, the need for great cyber security talent will only increase, as will the salaries they can command. Even without allowing for inflation, a twenty year career is likely to see a skilled cyber professional earning over £1 million, plus benefits.
Our research to find the average cyber security salary
According to an ITPro study, more than 6,000 new jobs were added to the UK’s cyber security workforce in 2021. These roles ranged from junior level internships through to board level CISO roles. To answer our question, we stripped out these extremes and focused on more typical “Cyber Security Analyst” jobs. We also assumed that the person in this role had 3-4 years of experience.
In many jobs, location can have a large impact on the salary you will earn. However, the ITPro study points out that in 2020 there were 1,838 cyber security firms active across the UK, of which more than half were based outside of London and the South East. To make our ‘simple answer’ as accurate as possible, we decided to gather data for six locations: London, Birmingham, Glasgow, Bristol, Newcastle, plus a remote working option.
How we gathered data
Intaso have an online salary calculator, which contains historic data on the salaries paid for different job types, across varying sectors and geographies. We used data from the tools of five job sites in addition to our own, to try and get an unbiased answer to our ‘simple question’.
Unfortunately, not all the sites had detailed information for our chosen cyber security analyst role, or openly admitted that they had ‘low confidence’ in the salary data they were providing, as cyber was not their focus area. However, we did manage to extract around 100 data points, allowing us to come up with a geographic range, based on the mean average of the salaries the tools suggested.
We discarded extreme data, both at the low end (why would someone with 3-4 years Cyber experience want a job paying less than £20,000?… come on) and also some suspiciously high end salaries that came with the caveat “up to”, which made us think they could be more sales focused.
Finally we took our answer and blind tested it against a new set of online job portals. It passed the test with flying colours. This gave us enough confidence to publish a number that can hold its head high!