Always Negotiate Salary, Even For Your First Cybersecurity Job

Landing your first cybersecurity job is challenging. With some hard work, networking and perseverance you’ll eventually hear those magic words: “We’d like to make you an offer.” It’s an amazing feeling after months of job hunting. Now it’s time to discuss a subject that your teachers and mentors may not have prepared you for: Money.

Salary Range

Cybersecurity is a well compensated career field. For some readers that initial offer may be more than you’ve ever made before. It might be more than your parents ever made. Your natural instinct is to quickly say “yes” and ring the register. Not so fast!

From the recruit’s perspective it’s easy to presume that the company has a specific salary planned for the role. It’s more likely that they have a salary range planned for each role. It only benefits the company, if you accept their first offer. After all, they likely have some wiggle room in what they can offer.

Often your prospective employer expects you to negotiate. Their planned salary range will reflect the position, the company, and the geography of the role. Whether the range is $70-80k or $100-120k, it’s a reasonable assumption that their initial offer was not at the top of the range. Negotiating can earn you some incremental gains.

Compounding Returns

You probably won’t be able to negotiate for a dramatically higher salary for your first cybersecurity job, but any increase in salary can have notable implications. Throughout the course of your career your salary in a given year will usually be a function of multiple factors including your previous year’s salary. Your employer will generally take your previous year’s salary into consideration for your annual and promotion pay raises (except when you change companies).

That means any extra salary you can negotiate will have a long lasting impact. Let’s say we presume you get just a 2% annual raise over the course of the next 30 years. Even in this modest scenario every extra $1,000 you can negotiate for is worth a total of $40,568 over the 30 year period.

Negotiating for an extra $5,000 may not sound like a big deal. After all, it’s only an extra $417 a month (before taxes). Even that’s worth an extra $202,840 over a 30-year period. But you’re not playing for just annual raises. You’re looking to get promoted and advance in your career. So let’s say that in addition to 2% annual raises you also get a promotion every five years with a 20% raise. Every extra $1,000 you negotiate for with your first cybersecurity job, would equate to over $64,000 for the course of 30 years. Negotiating for an additional $5,000 would be worth over $322,000 of lifetime earnings in this scenario.

Starting to get the point? Any additional salary you can negotiate can have long-term benefits.

Be Informed and Sensible

When it comes time to negotiate salary, it’s important to be informed about negotiation techniques and be sensible with your expectations.

Have a plan. When you get your verbal offer, it is okay not to give an answer right away. Thank them and ask if you can get back to them in a day or two. This will give you time to regroup and prepare for your counter. You don’t want to negotiate salary on the fly. Below are a few handy salary negotiation resources.

Being sensible in your expectations requires you to have an idea of what salary range is reasonable. Find company- and title-specific salary information with online resources like, Glassdoor, or PayScale. Your salary negotiation isn't like the movies where they give some wildly inflated counteroffer. Make a counteroffer at the top of the range (or just above it). 

Your bargaining power may not currently be super high. This is after all your first cybersecurity job. However, any additional salary you can negotiate will have long-term, compounding effects. Many employers are expecting you to negotiate.

At the end of the day it’s important for you to be happy with your role and your salary. Cybersecurity is well paid. It’s also hard work. It’s not uncommon for cybersecurity professionals to work long hours, weekends, and occasionally holidays. You want to feel like you’re being compensated fairly for your hard work.

Recommended Posts:

Becoming Cyber Newsletter
Cybersecurity Is A Relationship Business
When people think of the cybersecurity profession, many naturally think of the technical aspect. You certainly need technical proficiency. Many would be surprised to hear, however, that cybersecurity is really a relationship business. Whether you look at the protected or the protectors, people are the lynchpin. The systems and applications, which cyberse……
Read more
Becoming Cyber Newsletter
Imposter Syndrome Is a Real, But You’re Not Alone
You’ve worked your butt off completing your cybersecurity training courses and certifications. You’ve finally scored your first cybersecurity interview. Are you doubting your skills and abilities? Are you starting to question why they would hire you? Do you begin to worry that despite the hard work you’ve put in, that you’ll be discovered as a fraud? Th……
Read more