Salary Survey Extra: Deep Focus on CompTIA CySA+
Salary Survey Extra is a series of periodic dispatches that give added insight into the findings of our most recent Salary Survey. These posts contain previously unpublished Salary Survey data.
It takes time to get an accurate read on a new IT certification. Tech industry association CompTIA debuted a new certification for cybersecurity analysts — information security professionals who evaluate human behavior and apply those insights to security practices — in February 2017.
The CompTIA Cybersecurity Analyst (CySA+) credential first registered a notable impact in our Salary Survey near the end the following year and popped through on the 2019 version of our Salary Survey 75 list at No. 41 with an average annual salary of $110,480. This year it came through at No. 53 with a small, if still enviable, salary number.
There’s no way to know for certain every factor that plays into such a phenomenon, but it seems likely that established security professionals number more heavily among the earliest adopters of CySA+. Given a full year of additional availability, we may now be seeing the effect of an influx of younger, less experienced professionals to the overall CySA+ population.
Here’s what the salary picture looks like for CySA+ holders who responded to the Salary Survey:
All U.S. Respondents
Average Annual Salary: $96,820
Median Annual Salary: $80,000
How satisfied are you with your current salary?
Completely Satisfied: 4.5 percent
Very Satisfied: 31.8 percent
Satisfied: 36.4 percent
Not Very Satisfied: 13.6 percent
Not At All Satisfied: 13.6 percent
CompTIA’s long-lived certification program has a global reach, but this year’s pool of CySA+ holders is made up solely of U.S. residents. The smallish pool of international respondents who contributed to last year’s findings failed to materialize this time around.
The information security sector of the wider IT universe is largely dominated by male professionals, but a refreshing 12.5 percent of CySA+ holders who responded to the survey are women. The survey pool of CySA+ holders is also surprisingly youthful, with nearly 65 percent of those surveyed younger than 45, either between the ages of 35 and 44 (36.5 percent), between the ages of 25 and 34 (26.1 percent), or between the ages of 19 and 24 (4.5 percent). Most of the CySA+ “senior citizens” are youngish as well, with a further 31.8 percent of respondents between the ages of 45 and 54, and just 4.5 percent between the ages of 55 and 64.
More than 70 percent of CySA+ holders who responded to the survey have an educational background that includes time spent at a college or university. The highest level of formal education completed by most CySA+ holders is either a bachelor’s degree (54.5 percent of respondents), master’s degree (9.1 percent), associate’s degree (4.6 percent), or professional degree (4.5 percent). The outliers are the 13.6 percent of those surveyed who completed some level of technical training after high school, the 4.6 percent who concluded their educational pursuits with a high school diploma, and the 9.1 percent who are currently in school.
A strong 91.7 percent of CySA+ holders who responded to the survey are employed full-time, with the remaining 8 percent either currently in school (4.2 percent) or out of work (4.1 percent). Among those who have full-time jobs, most have either a standard 40-hour work week (45.5 percent of respondents) or put in between 41 and 50 hours per week (45.5 percent). The remaining 9 percent of respondents are evenly split between those who work more than 50 hours per week (4.5 percent) and those who put in between 31 and 39 hours per week (4.5 percent).
Cybersecurity analysts, it would seem, are well positioned to work remotely (as many are likely doing right now): A notable 27.3 percent of respondents work 40 hours per week from home, and a further 4.5 percent are at home between 31 and 39 hours per week. The balance of CySA+ holders who responded to the survey are more tied to traditional workplaces, either working from home between 10 and 20 hours per week (13.6 percent of those surveyed) or working from home fewer than 10 hours per week (54.6 percent).
In terms of workplace standing, the largest single group of CySA+ holders we heard from are either at the specialist level (37.5 percent) or senior specialist level (also 37.5 percent). The rest, in descending order, are either rank-and-file employees (8.4 percent of respondents), managers (8.3 percent), or senior managers (also 8.3 percent).
A notable 58.3 percent of CySA+ holders who responded to the survey are IT veterans, having worked in a role that directly utilizes one or more of their certified skills for more than a decade. The rest have been plying their certified skills for either between zero years (1 to 11 months) and 2 years (16.7 percent), between 3 and 5 years (20.8 percent), or between 6 and 8 years (4.2 percent).
Finally, here’s the view of CySA+ holders on key questions from the survey about how certification impacts job performance:
At my current job I use skills learned or enhanced through certification:
Several times a day: 70.8 percent
Several times a week: 16.7 percent
Several times a month: 4.2 percent
Occasionally: 8.3 percent
Rarely: [No responses]
Since becoming certified, I feel there is greater demand for my skills.
Strongly agree: 37.5 percent
Agree: 45.9 percent
Neither Agree nor Disagree: 8.3 percent
Disagree: 8.3 percent
Strongly Disagree: [No responses]
Becoming certified has increased my problem-solving skills.
Strongly agree: 29.2 percent
Agree: 37.5 percent
Neither Agree nor Disagree: 20.8 percent
Disagree: [No responses]
Strongly Disagree: 12.5 percent
Becoming certified has increased my workplace productivity.
Strongly agree: 20.8 percent
Agree: 41.7 percent
Neither Agree nor Disagree: 25 percent
Disagree: [No responses]
Strongly Disagree: 12.5 percent
PAST CySA+ DEEP FOCUS FEATURES