Our partner Springboard, which provides online courses to help you advance your cybersecurity career with personalized mentorship from industry experts, recently researched current cybersecurity salaries and future earning potential in order to trace a path to how much money you can make.

Here’s what they found were the most important factors for making sure you earn as much as possible:

1) Choosing the right type of cyber security role and building your skill set

The cyber security role you’re in clearly makes a difference: the average salary for penetration testers is $55,000 according to U.S. data from Glassdoor. But cyber security engineers should expect to earn about $140,000—and engineers have a more natural path to becoming architects, who can earn even more. Cyber security analysts are somewhere in between, averaging about $80,000 a year.

Of course, becoming a cyber security engineer requires more skills and experience than becoming a penetration tester, but you should know what path you are on.

Building on your cyber security skill set and that you’re aiming for the right role within cyber security can make a difference of tens of thousands of dollars in terms of your annual earnings, so make sure you’re picking the right role for your skills.

Typically, engineers and architects will require more coding knowledge and the ability to take their security knowledge and scale it out through large-scale products.

You have to be ready to design systems rather than simply testing them. That requires experience, a deliberate foundation in both security and programming knowledge and systems thinking about vulnerabilities and threat.

Make sure you’re in the right role and focused on how to advance to the next one if you want to maximise your earnings. Here, it can be very helpful to get guidance from somebody working in the industry or a career coach.

2) Experience

Once you’ve chosen the right role, the years of experience significantly impact how much you can earn. For example, entry-level cyber security analysts earn on average $8,000 less than a component of all cyber security analysts according to pay scale data. This curve goes up as your career progresses.

3) Location

Many lucrative cyber security jobs are located in the United States, where this analysis is focused. You’ll want to get work eligibility in the United States if you want to take full advantage: this can be done with employer-sponsored visas or work/study visas.

Cyber security practitioners in certain cities will earn much more than others, pay scale data shows. In Seattle, a thriving ecosystem for cyber security hires means you’ll earn on average 19 percent more than the national average—the highest average bump we’ve seen.

You could see 15+ percent increases to your salary if you worked in New York City or Washington, DC. Where you live and work could have compounding returns to your cyber security career, and even within America, regional variations and city-by-city differences can add up to tens of thousands of dollars over the course of a few years.

4) Certifications

Certifications can bump up your salary quite a bit. Springboard found using pay scale data, that a CISM certificate can mean a $25,000 difference in yearly salary between information security analysts and a CISSP can make a $15,000 difference for information security analysts.

Across the board, certifications can help boost your yearly salary by between 5% to 25%—a huge difference if you can compound that difference across your career. Getting a CISM, CISSP, CISA or CEH certification can help your cyber security career immensely.

5) Portfolio

The amount of work you’ve done in cyber security certainly helps you secure positions with hiring managers. The more you can demonstrate that you have detected vulnerabilities and worked to address them in production-level settings, the better.

This can be the first obstacle between somebody and starting a cyber security career: the chicken and egg problem of needing cyber security experience in order to get a cyber security job.

If you’re interested in making sure you’re on the right path in your cyber security career or looking into practical, personalised training to advance or start that career and bridge the gap between theory and career outcomes, look no further than our partner Springboard’s Cybersecurity Career Track.