UPDATED October 2022. As the cybersecurity industry matures, there are increasing opportunities for experienced infosec professionals to move into senior management roles in and around the Washington, DC, region. With the rapid rise in volume and severity of cyber threats, these roles are challenging and bring much responsibility, but they offer technologists an exciting career with lucrative salaries.
CISSP is one of the primary certifications that IT professionals can earn to prove their information security management prowess and take advantage of the opening opportunities in the field. But what is CISSP, and what is the average salary you should expect for a CISSP-related job?
What is CISSP?
The Certified Information Systems Security Professional (CISSP) accreditation is a mid-level accreditation administered by (ISC)2. This certification qualifies your understanding of cybersecurity strategy and hands-on implementation. Earning your CISSP certification demonstrates your ability to plan, build and maintain an organization's overall security environment.
As a more advanced accreditation, you will be expected to prove that you have at least five years of work experience in the information security field to gain full accreditation. CISSP is recognized by the US Government and US Military under the DoD 8570 and DoD 8140 directives.
How Much Does a CISSP Make?
As of October 2022, the average national salary for someone with a Certified Information Systems Security Professional (CISSP) Certification in the US is $130,160 yearly. CISSP salaries across the US vary widely, ranging between $74,500 and $195,500, depending on location and experience. However, as the central location for the US Government and many large corporations, CISSP roles in the Washington DC region, including Maryland and Virginia, typically offer higher wages than most regions in the US.
CISSP salaries in Washington DC average $139,999, which, according to Zip Recruiter, puts it close to the top of the state ranking in the US. With a high concentration of federal and local agencies in the city and numerous US military organizations, it's not surprising that there is a wide range of opportunities for CISSP-qualified professionals offering above-average salaries. Companies as diverse as the federal government, General Dynamics, Capital One, and Peraton recruit CISSP-qualified professionals in the district.
What are CISSP Salaries in Maryland?
Maryland ranks number two in Zip Recruiters' list of CISSP salaries by state. At an average of $136,910, our state ranks just below Washington. Here in Greenbelt, Maryland, the average salary is slightly lower at $131,392 but still represents a lucrative salary range. In Maryland, in addition to large organizations like Capital One and Peraton, smaller IT operations such as TekStream Solutions, Volpe Information Technology Group, and SYSARC recruit CISSP-qualified professionals on a regular basis. In addition, check out companies such as Vencor, Parsons, and eTelligent Group for local CISSP opportunities.
What Can You Make with CISSP in Virginia?
At an average salary of $133,196, Virginia is fourth on the Zip Recruiter list of state salaries for CISSP. With a large military contingency and hi-tech business centers such as the Dulles Technology Corridor, it's not surprising that Virginia provides a wide range of opportunities for IT professionals. In addition to the federal government, companies such as Verizon, Raytheon, and Leidos hire people with CISSP qualifications in Virginia.
CISSP Job Titles and Skills
If you're looking for CISSP-focused roles in the DMV, search for job titles such as:
- Network Engineer
- Cyber Monitoring Analyst
- Security Consultant
- Security Architect
- Security Manager
- IT Director
- Chief Information Officer
- Director of Security
- Network Architect
- Security Analyst
- Security Engineer
- Security Auditor
- Security Systems Engineer
You'll find that these roles typically require CISSP certification.
To gain your CISSP certification, you'll have to prove you have at least five years' experience in infosec-related work. Given that these roles carry a high level of responsibility, proven experience is key to landing one. Employers will be looking for skills and experience in:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
How to Gain Your CISSP Certification
If the high salary potential and the prestige of overseeing the design, implementation, and management of an organization's information security appeals to you, gaining your CISSP certification is a must.
As you should expect with a role at this level of responsibility, to get full certification, you will have to prove that you have at least five years of infosec experience before you take the CISSP exam. There are several different ways to prepare for the CISSP exam, from self-study to live, instructor-led training. If you learn more efficiently in a live classroom with an instructor who can answer your questions directly, consider TrainACE's comprehensive, instructor-led CISSP class.