SOC Analyst Salary: Your 2024 Guide

Written by Coursera Staff • Updated on

Learn about a career as a security operations center analyst, where they work, how to qualify, and the potential earning, and the locations that pay the highes

[Featured Image]: An SOC Analyst responding to a cyber-related threat on a business computer system.

A security operations center analyst, or SOC analyst for short, has a crucial role in handling cybersecurity attacks. How valuable is it? The anticipated cost to global businesses from Cyber crimes will be $10.5 trillion annually by 2025 [1], forcing many companies to close their doors permanently—if SOC analysts aren’t on board to address the situation.

As a result, a SOC analyst’s salary is competitive. a SOC analyst is an integral part of the modern security team that keeps business running smoothly even when severe disruptions occur for companies that understand the value of preventing and addressing cyberattacks.

What does a SOC analyst do?

A SOC analyst is a tech professional responsible for identifying and responding to cyber-related attacks on business computer systems and servers. They create and execute protocols for handling threats and must implement the changes necessary to prevent such incidents.

This work includes:

  • Analyzing the vulnerability of a company’s infrastructure and threat tolerance

  • Staying current with emerging trends regarding cybersecurity

  • Investigating and documenting potential threats and information security issues

  • Determining the safety of new software and hardware to prevent unnecessary risk

  • Crafting formal disaster recovery plans, preferably in advance of concerns

Especially in larger companies and global corporations, SOC analysts are part of a team that includes cybersecurity engineers, security managers, and a chief information security officer. A SOC analyst works to search out potential concerns and, with proper planning, eradicate them before they become costly. This planning includes:

  • Implementing security tools like firewalls, data loss prevention tools, and traffic inspection solutions

  • Utilizing security monitoring tools to investigate suspicious activity

  • Working to reduce downtime and keep businesses operating smoothly

  • Performing system audits to patch levels and access control data

It’s a complex job but an important one that many companies consider crucial to their operations.

Where do SOC analysts work?

Information security analysts work in-house at large, global corporations, as well as:

  • Computer systems design firms

  • Company management firms 

  • Credit intermediation firms

  • Information services companies

  • Scientific and technical consulting services

SOC analysts also work for monetary authorities like central banks, data processing and hosting companies, and scientific research firms. They also work in the motion picture industry, financial investment firms, waste management and remediation companies, and companies specializing in computer manufacturing.

Read more: What Does a Cybersecurity Analyst Do? Job Guide

What does a SOC analyst earn?

A SOC analyst earns an average total pay of $88,083  [2]. According to Glassdoor, this consists of the average base pay of $78,366  a year with $9,717 additional pay that could include bonuses and profit sharing.

The earning potential can depend on many factors, including location, company, experience, training, and job title. Education and certifications can also influence salary.

How do I qualify to become a SOC analyst?

Most employers expect SOC analysts to earn a bachelor’s degree or associate degree in computer science or computer engineering and have additional skills from practical experience in information technology or networking roles. 

These skills include:

  • Excellent communication skills 

  • Mastery of Linux, Windows, IDS, SIEM, CISSP, and Splunk

  • In-depth understanding of information security

  • Ability to defend networks by securing traffic and identifying suspicious activity

  • Knowledge of perpetration testing for systems, networks, and applications to determine the vulnerable status

  • Prevent and limit the impact of security breaches

  • Collect, analyze, and report security data for computer forensics

  • Read and identify parameters of software programs, as well as reverse-engineer malware.

 Professionals in the information technology field can learn many of these skills through practical experience and by completing additional training and certification programs.

Do I need a certification to practice as a SOC analyst?

Employers often expect SOC analysts to complete specific certification programs to ensure they can address complex issues during crises. These certification programs include:

  • Cisco Certified CyberOps Associate

  • EC-Council Certified Ethical Hacker 

  • EC-Council Certified SOC Analyst (CSA)

  • CompTIA Security+

An excellent place to start this training is taking In The Trenches: Security Operations Center, a course offered by the EC-Council on Coursera that provides a foundation on enterprise security structure, modern threat and attacker TTPs, the basics of incident response, and a basic primer to Security Onion.

Salary information and variations

Salaries for SOC analysts can vary dramatically due to many factors, including location, employment status, job title, and the experience gained through professional development.

Location and salary

Due to cost of living variability and industry hubs, certain areas of the country offer higher salaries for SOC analysts. The highest-paying states and their average annual salaries are [3]:

  • California: $137,600

  • New York: $138,730

  • Maryland: $135,920

  • Washington DC: $132,820 

Employment status and salary

Security operations centers typically have three or four tiers. The higher the tier, the greater the salary—and the more responsibility you will have.

A Tier 1 support security analyst looks into daily security, information, and event management (SIEM) alerts and determines the urgency of a crisis. They oversee and configure the security monitoring tools. A Tier 2 support security analyst must address actual security breaches. They will use the information the Tier 1 professional gave to pinpoint the systems impacted by the attack and dig in to find the perpetrator while creating a strategy for containment and recovery.

A Tier 3 security analyst has even more experience than those assigned to Tier 2 and must handle critical incidents. This work involves penetration testing and isolating areas of weakness. They review alerts and security data to find the security gaps within the network. The fourth tier is known as an Incident Response Manager, and this professional manages the actions during a crisis. They communicate with C-level professionals and, sometimes, external stakeholders of an organization.

Job title variations and salary

Just like the different tiers, job titles will also determine the salary of a SOC analyst. An information security analyst has about one to three years of experience and earns an average total pay of $82,126  [4]. Senior information security analysts may have the same experience level, but can earn an annual average salary of $132,501. Finally, a principal information security analyst with more than eight years of experience earns an average yearly income of $135,762 .

Professional development 

Information technology professionals are life-long learners, as the industry demands that they constantly stay up-to-date on the latest trends and best practices. Cybersecurity can change dramatically in terms of threats and solutions to common problems. 

As the expense of cybersecurity breaches rises in America, experts predict that business executives in 2023 will increase their security operations center budgets by double digits [5]. This provides opportunities for professionals to continue their professional development while working on a security team.

Online courses can provide a flexible opportunity to add more tools to counter an increasingly complex issue. Reading blogs and following local media are also business best practices for SOC analysis work.

First steps

Start building job-ready skills in cybersecurity with the Google Cybersecurity Professional Certificate on Coursera. Get hands-on experience with industry tools and examine real-world case studies, all at your own pace. Upon completion, you’ll have a certificate for your resume and be prepared to explore job titles like security analyst, SOC (security operations center) analyst, and more.

Article sources


Cybersecurity Ventures. "2021 Report: Cyberwarfare in the C-Suite,” Accessed September 26, 2023.

Keep reading

Updated on
Written by:

Editorial Team

Coursera’s editorial team is comprised of highly experienced professional editors, writers, and fact...

This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.