Salary Survey Extra: Deep Focus on CySA+
Posted on
May 5, 2023

Salary Survey Extra is a series of periodic dispatches that give added insight into the findings of our most recent Salary Survey. These posts contain previously unpublished Salary Survey data.

CySA+ from CompTIA is a solid credential for cybersecurity analysts.

A cybersecurity analyst is sort of like the fictitious science doodad in the disaster movie San Andreas that can predict earthquakes. The job of an expert cybersecurity analyst is actually harder: The earthquake analogy holds up when it comes to monitoring (computer networks and IT infrastructure) and anticipating (attacks).

A cybersecurity analyst is expected to go one step further, however, and not just predict disasters, but also prevent them. The CompTIA Cybersecurity Analyst (CySA+) credential (No. 47 on our most recent Salary Survey 75 list) validates individual fluency with this complex and multifaceted skill set.

Here's what the salary picture looks like for CySA+ holders who responded to the Salary Survey:

All U.S. Respondents
Average Annual Salary: $110,250
Median Annual Salary: $109,000
How satisfied are you with your current salary?
Completely Satisfied: 8 percent
Very Satisfied: 19.5 percent
Satisfied: 38.9 percent
Not Very Satisfied: 24.2 percent
Not At All Satisfied: 9.4 percent

All Non-U.S. Respondents
Average Annual Salary: $58,690
Median Annual Salary: $49,380
How satisfied are you with your current salary?
Completely Satisfied: 7.7 percent
Very Satisfied: 13.8 percent
Satisfied: 41.6 percent
Not Very Satisfied: 24.6 percent
Not At All Satisfied: 12.6 percent

CompTIA's long-lived certification program has a global reach, which is definitely reflected here. U.S. residents account for roughly 70 percent of the overall pool of CySA+ holders who participated in the survey, but we also heard from individuals in 32 other countries: Afghanistan, Albania, Andorra, Austria, Brazil, Bulgaria, Canada, Chile, Croatia, Djibouti, Dominican Republic, Ethiopia, India, Ireland, Jamaica, Japan, Jordan, Kenya, Malaysia, Mexico, Montenegro, Netherlands, Philippines, Poland, Portugal, Saudi Arabia, Singapore, South Africa, Switzerland, Thailand, United Kingdom, and Vietnam.

The information security sector of the wider IT universe is largely dominated by male professionals, but a noteworthy 13.5 percent of CySA+ holders who responded to the survey are women, compared to 83.3 percent who are men. (A fractional 2 percent chose not to identify their gender, while 0.8 percent are transgender male, and 0.4 percent are gender variant/nonconforming.) The survey pool of CySA+ holders is also surprisingly youthful, with more than 70 percent of those surveyed younger than 45, either between the ages of 35 and 44 (36.9 percent), between the ages of 25 and 34 (35 percent), or between the ages of 19 and 24 (0.8 percent). Most of the CySA+ "senior citizens" are youngish as well, with a further 22.9 percent of respondents between the ages of 45 and 54, and just 4.2 percent between the ages of 55 and 64.

Roughly 90 percent of CySA+ holders who responded to the survey have an educational background that includes time spent at a college or university. The highest level of formal education completed by most CySA+ holders is either a bachelor's degree (50 percent of respondents), master's degree (29 percent), associate's degree (7.9 percent), doctorate (1.9 percent), or professional degree (1.4 percent). The outliers are the 6.1 percent of those surveyed who completed some level of technical training after high school, the 2.8 percent who concluded their educational pursuits with a high school diploma, the 0.5 percent who are currently in school, and the 0.4 percent who entered the workforce without any formal education.

A strong 87.3 percent of CySA+ holders who responded to the survey are employed full-time, with the rest either employed part-time (3.3 percent), currently in school (3.7 percent), on sabbatical (2.8 percent), or out of work (2.9 percent). Among those who have full-time jobs, most have either a standard 40-hour work week (45.5 percent of respondents) or put in between 41 and 50 hours per week (32.9 percent). The remaining 20-ish percent of respondents are split among those who work more than 50 hours per week (9.4 percent), those who put in between 31 and 39 hours per week (8.5 percent), those who are on the clock for between 20 and 30 hours per week (1.4 percent), or those whose full-time work schedule consists of fewer than 20 hours per week (2.3 percent).

Cybersecurity analysts, it would seem, are well positioned to work remotely: Nearly 40 percent of respondents are spending their entire work week at home, putting in either 40 hours per week from home (20.1 percent), or more than 40 hours per week from home (19.6 percent). In the middle are the 10.8 percent of credential holders who work from home between 31 and 39 hours per week, and the 14 percent who work from home between 21 and 30 hours per week. The balance of CySA+ holders who responded to the survey are more tied to traditional workplaces, either working from home between 10 and 20 hours per week (11.7 percent of those surveyed) or working from home fewer than 10 hours per week (23.8 percent).

In terms of workplace standing, the largest single group of CySA+ holders we heard from are at the senior specialist level (27.4 percent). The rest, in descending order, are either specialists (22 percent of those surveyed), managers (16.7 percent), senior managers (13.1 percent), rank-and-file employees (9.4 percent), directors (9 percent), or executives (2.4 percent).

The largest single group of CySA+ holders who responded to the survey, 32.7 percent, are relative IT novices, having worked in a role that directly utilizes one or more of their certified skills for between 3 and 5 years. The rest have been plying their certified skills for either between zero years (1 to 11 months) and 2 years (9.8 percent of those surveyed), between 6 and 8 years (22 percent), between 9 and 10 years (4.5 percent), or for more than a decade (31 percent).

Finally, here's the view of CySA+ holders on key questions from the survey about how certification impacts job performance:

At my current job I use skills learned or enhanced through certification:
Several times a day: 45.3 percent
Several times a week: 33.1 percent
Several times a month: 11.8 percent
Occasionally: 7.8 percent
Rarely: 2 percent

Since becoming certified, I feel there is greater demand for my skills.
Strongly agree: 40.4 percent
Agree: 42.9 percent
Neither Agree nor Disagree: 11 percent
Disagree: 3.3 percent
Strongly Disagree: 2.4 percent

Becoming certified has increased my problem-solving skills.
Strongly agree: 34.3 percent
Agree: 40.8 percent
Neither Agree nor Disagree: 17.1 percent
Disagree: 4.5 percent
Strongly Disagree: 3.3 percent

Becoming certified has increased my workplace productivity.
Strongly agree: 25.7 percent
Agree: 43.7 percent
Neither Agree nor Disagree: 20.8 percent
Disagree: 6.1 percent
Strongly Disagree: 3.7 percent




About the Author

Certification Magazine was launched in 1999 and remained in print until mid-2008. Publication was restarted on a quarterly basis in February 2014. Subscribe to CertMag here.

Posted to topic:
Jobs and Salary

Important Update: We have updated our Privacy Policy to comply with the California Consumer Privacy Act (CCPA)

CompTIA IT Project Management - Project+ - Advance Your IT Career by adding IT Project Manager to your resume - Learn More