Meetup Vulnerabilities: Escalation of Privilege and Redirection of Funds

Information Security Jobs, Salaries and Opportunities for Developers Willing to Upgrade

Developers who choose to augment their coding knowledge with secure development skills will find themselves in the most in-demand career field as the massive growth in cyber attacks continues to force organizations, and governments, to strengthen their cyber war chests with more advanced tools, increased budgets and larger teams. Read on the learn about the information security jobs, salaries and opportunities for developers willing to upgrade their skills.

By 2020, the cybersecurity market size is expected to grow to $170 billion, up from $75 billion in 2015 and security-savvy developers should work to capitalize on this astonishing growth through security related continued education.

A quick glance at the astronomical budgets that governments, and Fortune 100 companies, are allocating towards securing their cyber provides just a small look into the extreme challenges organizations are facing by the increase in both cyberattack sophistication and volume.



J.P. Morgan has increased their 2016 cybersecurity budget to $500 million, up from $250 million in 2015, and their general counsel for IP and data protection says that the company, “still feels challenged” when it comes to threats from cyber attacks. The Bank of America’s CEO Brian Moynihan has stated that when it comes to securing their cyber, there “is no budget constraints” while at the federal level, President Obama has increased their cybersecurity spend to $17 billion in 2017, up from $14 billion in 2016.


Along with the massive budgets being earmarked to protect organizations against the rising wave of cybercrime and cyber espionage comes a difficulty for organizations to fill all the open cybersecurity positions. In 2015 alone, more than 200,000 cybersecurity job positions went unfilled, a shortfall that is on track to increase to 1.5 million by 2019 according to Symantec CEO Michael Brown.


For developers passionate about securing code and willing to invest time adding security to their stack of IT skills, when it comes to career advancement, the world is their oyster.


How can developers Increase “Secure Development Awareness” at a Professional Level?

At the top of the pyramid when it comes to information security jobs and cybersecurity certifications is the Certified Information Systems Security Professional (CISSP), however it requires years of prior experience in the field of information security.


For developers looking to boost their secure development knowledge by attaining a security certification, an ideal place to start your research is 10 Security Certifications To Boost Your Career in order to find the certification that matches both your goals and current qualifications.


When it comes to pinpointing which pathway best suits your career goals in terms of moving forward with cybersecurity, there are numerous routes to take. The number of possible cyber security career pathways available to developers is at least as diverse as any other IT subspecialty.


Developers who have a passion for policy enforcement, incident response, auditing, user awareness and are interested in providing a security perspective on 3rd party products can head in the direction of Enterprise IT security.


Compliance-minded developers with experience developing applications with PCI-DSS, MISRA, FIPS and other policy certifications can find roles available as security, or compliance, consultants or as internal, or external, auditors.


Other routes include jobs in wireless security, network security, cryptography, risk management, identity architects and many others. According to the U.S. Department of Labor, the most sought after job titles in cyber security include security engineer, security analyst, information security analyst, network security engineer and information technology security analyst.

The Bottom Line: Cybersecurity Salaries*

Higher salaries are the most obvious benefit for developers who decide to enhance their cybersecurity knowledge and move into secure development roles. Roles in cyber security can pay up to 9% more on average than IT jobs outside of the security realm. In addition to the monetary benefits, secure developers also get a chance to gain a deeper understanding of the organization’s IT structure, needs and threats as a whole which provides an opportunity for advancement and possible fast track to team leadership positions.


Additionally, the best code defenders and security experts have a passion for security which goes beyond their paychecks. Knowing that they protect both the organization’s and their clients’ private data from cyber-espionage and malicious parties adds to any monetary compensation of working in cyber security.


5 Top Information Security Jobs and Salaries

Security Engineer

Security engineers are tasked with building and maintaining IT security solutions within organizations. Among their daily tasks they will perform vulnerability testing, risk analyses and security assessments while creating innovative ways to solve existing production security issues.

Requirements: Degree in Computer Science

Median Salary: $88,777


Security Analyst

Security analysts are in charge of the detection and prevention of cyber threats against an organization through an ongoing analysis of the company’s IT infrastructure. Day to day tasks include the planning and implementation of security measures and controls, data maintenance and the monitoring of security assets, in-house security awareness training and more.


Requirements: Between 1 and 5 years of prior cyber security experience

Median Salary: $66,787


Penetration Tester

Penetration testers, or legal hackers, help organizations to find security threats in applications, networks and systems. They’re also known as pentesters and will find themselves testing applications and other IT aspects by simulating cyber attacks which have been found in the wild, prior to a component’s release to production which is critical to securing an organization’s security posture in the face of growing cyber threats.


Requirements: Unlike other cybersecurity, many openings for pentesters do not require a previous degree, however this is a job where your abilities will be under constant scrutiny, so some formal education is recommended.
Median Salary:  $77,774


Security Consultant

Security consultants work to design and implement innovative security solutions that are aligned with the goals and needs of their organization. Since security consultants are relied upon by numerous different departments to guide, and implement, long-term cyber security strategy, extensive industry experience is required for this role. For developers who are new to the security role, starting as a pentester, or security analyst, is recommended, although after proving themselves in other security roles, and understanding the industry inside-out, for between three to five years, aspiring security analysts could find themselves relevant for this role.


Requirements: Degree in Computer Science, between three and five years of experience in cyber security.
Median Salary: $80,763


Incident Responder

Incident responders, also known as CSIRT Engineers, or Intrusion Analysts, work to investigate and limit the damage from cyber attacks that have occurred while working closely with the security team to prevent further attacks from taking place. Incident responders constantly monitor their organizations networks and systems for threats while performing audits, risk analysis, malware assessments and liaising with other aspects of an organization’s security organization.


Requirements: Like pentesters, incident responders don’t necessarily have to have a specific degree, although a cyber security certification, or specialization
Median Salary: around $60,000


Don’t Wait to Increase your Secure Development Awareness


While security analysts and security engineers must have a degree and extensive experience, there are options for developers who want to turn their security passions into a profession in roles such as incident responders and pentesters, with less intensive requirements. If you’re a developer, don’t wait until November to vote for secure development, start working on enhancing your career in cybersecurity today!


*Salary statistics taken from, job description information taken from



jumping 1

For a list of cyber security career opportunities working with us at Checkmarx, click here.

Jump to Category