As companies large and small struggle to keep hackers out of their organizations and blocked from their data, the demand for new hires for cyber security jobs continues to skyrocket. As we discussed in an earlier post, information security advocacy group ISACA forecasts a global shortage of 2 million cyber security professionals by 2019. This skills gap is disputed by no one.
What do the opportunities for cyber security pros look like today? What kind of job titles are out there and what kind of skills are needed to land cyber security jobs? Here are a few of the most interesting positions open right now:
1. Cyber Threat Intelligence Analyst – Linkedin – Sunnyvale, CA
LinkedIn is looking for a Threat Intelligence Analyst to gather intelligence and investigate key strategic threats against both the site and its members. This person will conduct research and analysis on high priority strategic cyber threats, set up and monitor daily alerts, produce threat actor reports and identify actionable remediation.
- 1 year of work experience in cyber threat technology
- Strong background in technical investigations, open-source intelligence collection and operating in deep/dark web, account take-over, phishing and SPAM
- Degree in Criminal Justice, Computer Science, Cyber Security, International Affairs, or other relevant forensic-oriented education
2. Security Engineer Intern – EA – Austin, TX
As a Security Engineer Intern, your primary job will be to discover vulnerabilities in EA’s games and gaming infrastructure.
You’ll need to determine the business risk posed by the vulnerabilities you discover and be able to communicate your findings across teams to both technical and non-technical audiences. You will also assist in EA’s anti-cheating, anti-fraud, and anti-piracy efforts.
The ideal candidate has a deep understanding of security principals and a passion to learn new technologies, challenge assumptions, and find new ways to solve problems.
Required skills and experience:
- Fundamental understanding of CWE Top 25 and OWASP Top 10 vulnerabilities, and ability to discover these vulnerabilities in assessment targets
- Knowledge of operating systems internals for Windows, Linux, iOS, and Android
- Network infrastructure security knowledge for both traditional networks and cloud
- Ability to read and understand unfamiliar code and to identify new security vulnerabilities in C++, Java, C#, and common scripting languages
- Experience with security assessment tools such as Burp Suite, Nessus, nmap, Qualys, and Wireshark
- Excellent verbal and written English skills, interpersonal skills, and professionalism in dealing with all levels of management and staff
- Trustworthiness, as you will be trusted to handle sensitive assets
3. Cyber Security Professional – Department of Homeland Security (DHS) – Multiple Locations
The primary goal of Department of Homeland Security is clear – keeping America safe. DHS regularly recruits experienced, qualified cyber pros to detect, prepare for, prevent, protect against, respond to, and recover from terrorist attacks; enhancing security and safeguarding and securing cyberspace. There are multiple positions open for this cyber security job.
Skill sets include: Cyber Incident Response, Cyber Risk and Strategic Analysis, Vulnerability Detection and Assessment; Intelligence and Investigation; Networks and Systems Engineering; Digital Forensics and Forensics Analysis and Software Assurance.
4. Ethical Hacking Penetration Tester – Procter & Gamble
– Cincinnati, OH
Maybe you ‘d like to join an Ethical Hacking Team to help safeguard consumer heavyweight, P&G from cyber attacks? To help prevent security breaches, the person in this position will proactively identify security vulnerabilities for remediation, AKA, “stop the bleeding”, by performing penetration testing.
- Experience in Windows and Linux environments as well as programming or scripting languages such as Python, BASH, Perl or Ruby.
- The hired applicant must have, or be willing to obtain within 1 year, the Certified Information System SecurityProfessional (CISSP) certification. Additionally, they must have, or be willing to obtain, within 2 years, at least 1 other ethical hacking related certification. P&G provides study preparation and exam cost coverage.
5. Cyber Security Consultant — AT&T – Austin, TX
AT&T is looking for a sharp penetration tester for the position of cyber security consultant to be a part of a dynamic team of experienced security professionals with varied experience. Many might not know that AT&T consulting clients range from some of the largest networks in the world to small businesses requiring security consulting expertise.
- Certified ethical hacker credential or equivalent
- Actively performing pen tests for a minimum of 3-5 years
- Qualys experience for vulnerability scan and web applications vulnerability scan
- Ability to pass Criminal Justice System background check
- Information Security experience of a minimum of three years
- Other industry certifications relating to IT security and program management preferred (GIAC, CEH, TNCP, ITILv2 PMP
Skills in information and data security are highly valued by employers everywhere, in every industry. The trouble is there aren ‘t enough qualified people to fill the open cyber security jobs. In response to this chronic problem, Harvard Business Review recently wrote, “security is truly everyone ‘s problem; virtually every aspect of personal and professional data is at risk. So why are we limiting security positions to people with four-year degrees in computer science when we desperately need varied skills across so many different industries? Businesses should open themselves up to applicants whose nontraditional backgrounds mean they could bring new ideas to the position and the challenge of improving cyber security.”
If you ‘re considering a career in the upwardly mobile field of cyber security, consider getting a jump start with Woz U ‘s new, 24-week cyber security online program. And the Woz U career services team will be happy to help you land an exciting cyber security job, complete with data tracking, system hacking, and cyber criminal crackdowns.