The state of cyber security salaries in 2022

Published on: 18 Apr 2022

Jobs in cyber security are plentiful in this new decade since, unfortunately, there has never been a higher number of ways for cyber criminals to attack IT systems. 
According to figures from Check Point, cyber attacks increased globally by 50 per cent between 2020 and 2021 alone, while 39 per cent of UK businesses reported being the victim of such criminal activity last year. 
As a result, cyber security companies and professionals are highly sought-after as businesses seek to protect their sensitive and confidential information quickly, easily and effectively. This is particularly the case for the top five most targeted sectors, which - according to Amazing Support - are: 

  • Healthcare 
  • IT and telecoms 
  • Legal 
  • HR/recruitment 
  • Manufacturing and utilities 

Indeed, many firms seem to be busy playing catch-up as they try to fill cyber security roles, with ISACA’s State of cybersecurity 2022: Global update on workforce efforts, resources and cyberoperations report showing 63 per cent have unfilled positions this year, up eight per cent on 2021. 
Furthermore, 62 per cent said they have understaffed cyber security teams, while 46 per cent have a team of between just two and ten people. 
This is despite 43 per cent of organisations responding to the research saying they are experiencing a higher volume of cyber attacks than at the same time last year, with the top three concerns being reputational damage, data breaches and supply chain disruption. 
The authors of the document said the resulting situation is an “ongoing seller’s market for cyber security professionals”. 

The demand for UK cyber security jobs
In the UK, new regulations are also seeing the creation of more cyber security jobs. Newly proposed laws under the National Cyber Strategy could soon force firms providing essential digital services to follow strict cyber security rules or face hefty fines, which necessitates professionals being drafted in to help. 
All this may be why there were 2.5 million open cyber security jobs worldwide in March 2022, according to Microsoft, and more than 6,000 new roles added to the UK’s workforce last year, the Department for Digital, Culture, Media and Sport reported. 
“The demand for skills has never been higher. We have record flow of jobs coming in. Most candidates used to have three or four interviews before deciding, now it’s three or four job offers before they’ll decide on a role,” recruitment expert Ian Storey told Verdict magazine. 
Cyber security is clearly a fast-growing field, but are the salaries associated with working in this industry growing to match? The simple answer is yes, as a study by Via Resource discovered. It looked at ten major cyber security job roles and found median salaries had increased significantly in the past year, with some wages going up by as much as 45 per cent. 
Meanwhile,’s report found the average annual cyber security salary in the UK is £52,155, although more experienced workers can expect to see salaries around £75,000 per year. 
So, what are some of the most in-demand positions in 2022 and what might the people doing those jobs expect to make? Here are examples of just a few of them: 
Chief information security officer (CISO) 
Responsible for developing and implementing information security initiatives to protect systems and assets from both external and internal threats. An average salary in the UK is around £80,000, but the median may be as high as £110,000 (up 22 per cent on last year). 
Cyber security engineer 
One of the top jobs in the industry, this focuses on vulnerability analysis, troubleshooting and policy creation. The annual salary may be anywhere between £50,000 and £78,000 per annum, depending on the company. 
Ethical hacker 
A relatively new role, this sees professionals paid by companies to try to get past their cyber security measures in a bid to better protect them against real hackers. Using their reports, businesses can amend their vulnerabilities before they are breached. Ethical hackers could get paid between £52,500 and £78,000 a year on average. 
Malware analyst 
Malware analysts examine in detail the latest threats to cyber security with a view to helping businesses better understand them and prepare for them. In the UK, they could expect to earn around £50,000 a year on average, but the very highest earners could command more than £100,000. 
Other key positions might include: 

  • Cloud security expert (£55,000) 
  • Security consultant (£57,500) 
  • Security analyst (£45,000) 
  • Network engineer (£45,000) 

With professionals experienced in these roles never more in demand, why not browse our range of open positions today, or upload your CV to let recruiters find you?