According to this ziprecruiter survey, the average CISSP salary is about $120,000 a year! While some CISSPs make as much as $170,000, the low end is $70,000, which would put you in the top 20% of earners in 2019! The best thing is that you technically don’t even need a degree. Now don’t get me wrong, you do need industry experience, you can’t go from Walmart cashier to CISSP overnight, but it is totally do-able without getting a Computer Science degree.

Here’s a snapshot of job postings by salary from indeed.com.

SalaryNumber of Postings
$85,000+11,346
$100,000+8,915
$105,000+7,721
$115,000+5,367
$130,000+2,326

That says there’s over 2 thousand jobs in the country paying $130,000 a year!

And here’s the minimum CISSP Salary by large cities.

CitySalary – Low End
New York,NY$105,000
San Francisco,CA$100,000
Washington,DC$95,000
Chicago,IL$90,000
Atlanta,GA$90,000
Charlotte,NC$90,000
Dallas,TX$90,000
Houston,TX$90,000
San Diego,CA$80,500

It doesn’t hurt to ask if you are happy with your current job and if you are happy with your current salary. (I hated my job and felt underpaid, that’s why I switched to a career in IT.)

So how do you become a CISSP? The main barrier is passing the exam, and while that is challenging, you also need industry experience. So what if you aren’t already in IT and doing security for a living? Do you need a Computer Science degree? No. Should you get a Computer Science degree? Probably not. Don’t get me wrong, it doesn’t hurt to have it, but most jobs in the IT realm don’t really utilize it. It’s a different skill set.

To get into the industry, you should focus on getting a vendor certification. I’ll save that list for another article, but the MCSE is probably a good place to start, but not the only one. You want to focus on jobs requiring System Administration, those will be the easiest to get into, and odds are that the entry level salary will be better than what your current position pays, so that’s a nice bonus.

Once you are in that position, you’ll want to transition to security, and what better place to start than in your current System Administration position. While security is a specialty, a knowledgeable sysadmin can integrate it into their current work, and start the clock ticking on your CISSP industry experience. You can also look at expanding your networking knowledge, as network secuirty is equally important, and if you can get firewall experience, and perhaps a firewall or intrusion detection certification, that will position you even better (and likely get you another salary bump.)

While it’ll probably take you 5 years to become a CISSP, you should see nice salary bumps along the way. And if you hate your job, there’s not a shortage of demand, so it isn’t tough to find an employer that’s right for you. While the journey won’t be quick and easy, it will be rewarding!