You want a career in Cyber Security… but you have questions. You’ve heard that there may be a shortage of Cyber Security professionals, but it’s still hard to find a job.
Then, there’s the question of education. Do you need a four-year degree? What about certifications? If you spend money to acquire the skills, will you be able to find a job?
Finally, will the salary be enough to offset the education costs? You need answers to make an informed decision.
What Does a Cyber Security Professional Do?
Cyber Security Professionals work in a field that is highly diverse. Because the information security field is so diverse that it’s difficult to know exactly what a professional may work on. However, some of the common efforts of cyber security experts includes:
- network security
- endpoint protection
- application security
- threat intelligence
The list could go on and on. You could specialize in one sub-field of Cyber Security or work as a generalist.
In addition to the technical diversity, security professionals can work in operational or leadership roles. They can be instructors or consultants. Cyber professionals work in the private and public sectors, helping to protect organizations. They work for security companies developing countermeasures to new cyber attacks. The options are almost limitless.
Today, a career in Cyber Security focuses on:
- Security Operations. Real-time analysis of network activity.
- Threat Management. Monitoring news, groups, and social media sites.
- Penetration Testing. Ethical hacking
- Governance. Interpreting or working on policies, legal compliance, and risk management.
Because cyber criminals never rest, the field of Cyber Security is continually changing. That’s why keeping on top of what’s happening in the field is also essential to finding a job.
What Skills Does a Cyber Security Professional Need?
The skills a cyber security professional needs includes a broad range of technical and functional skills. Of course, with a wide field of sub-disciplines, the skills required to work in the field depend on the chosen field, discipline and the industry.
You will need to have a broad set of technical, professional, and functional skills, as well as the specific cybersecurity skills.
However, here are a few areas that will prove beneficial no matter what career in Cyber Security you select.
- Networking.Cyber criminals live on networks, so knowledge of how networks operate is essential. Being familiar with tools to assess vulnerabilities is needed to defend against attacks.
- Cryptography. Encryption algorithms are used to transmit, store, and use data to prevent unauthorized access. A security specialist should understand how these algorithms work and how to apply them to account and access management.
- Monitoring. Different applications produce different security logs that are used for monitoring network activity. A professional must be able to analyze and interpret these logs, which is a basic skill for forensic analysis.
- Programming. Cyber Security professionals need some programming skills. Whether you need low-level languages such as C or C++ or high-level languages such as python or java depends on the sub-discipline.
- Security. Much of Cyber Security is learned on the job; however, a basic understanding of security concepts, threat actors, and associated frameworks is required to develop a common language within the field.
- System Security. System administration entails configuring network components, understanding vulnerabilities, and threats, and designing systems to counter possible attacks.
- Web Security. Whether or not you are a developer, you should understand the practices and methodology for software security in a development environment.
- Threats. Cyber attacks come from anywhere, using whatever vulnerabilities a hacker has at hand. A professional must identify the different types of threats and their potential impact on an organization.
In addition, Cyber Security professionals need soft skills that allow them to communicate technical aspects of security to nontechnical stakeholders. These soft skills also become more crucial as a career in Cyber Security progresses.
How Do I Start a Career in Cyber Security?
To start a career in cyber security, having training in the industry and gaining up-to-date skills as well as knowledge is essential. The employed Cyber Security workforce in the United States is about one million people, with about 500,000 unfilled positions.
However, the shortage of security professionals is only expected to grow. Because there is such a shortage of Cyber Security professionals, nontraditional paths are more common than you may think.
Some experts suggest that Cyber Security is a skill that is best taught on the job. Others believe a degree in information or computer science is required. Employers may hire people from disciplines, such as finance, risk management, law, and governance, and train them in Cyber Security.
No matter what path you take, most employers want professionals with Cyber Security certifications. Certifications for Cyber Security professionals include:
- Certified Ethical Hacker (CEH)
- Certified Information Security Manager (CISM)
- CompTIA Security +
- Certified Information Systems Security Professional
Other certifications are available, depending on the sub-discipline. To acquire these certifications, you do need to have some basic Cyber Security skills. As a result, employers look to certifications as a way to determine your knowledge of the field.
Once you have the knowledge, you need experience, which is the infamous Catch-22. Some companies are starting to offer internships or apprenticeships to give people experience in the field. Additionally, other ways to gain experience are volunteering to help a local organization with its security. Take your training projects seriously so you can use them as examples of your work. Network whenever possible.
Bounties are yet another way to gain testing experience. A bounty site such as BugCrowd or HackerOne can give you valuable experience. To do so, you register on the site, find a program, and begin testing. Just be sure to read the instructions.
An intangible that most employers look for is passion. They are looking for people who are driven to find the answer in addition to fixing the problem, or creating a solution. Organizations need employees that have an innate curiosity to learn because a Cyber Security profession has to be a life-long learner.
How Much Do Cyber Security Professionals Earn?
What a Cyber Security specialist makes depends on the sub-discipline, the industry, and location. Based on data from Payscale.com, the following list shows the top in-demand positions and their average salaries in 2020.
- An Ethical (white hat) hacker earns an average salary is $91,000.
- Information Security Analyst may receive bonuses and profit-sharing opportunities in addition to an average salary of $71,000.
- Penetration Tester or Vulnerability Analyst averages about $82,000 per year.
- Digital Forensic Analyst’s average annual salary is $72,000.
- Security Software Developer earns about $88,000 per year.
- Chief Information Security Officer may receive as much as $171,000 per year.
- Network Engineer averages $86,000 per year.
- Incident Handler receives an annual salary of about $79,000
Because different security positions can be created daily, be sure to actively engage in online forums. You’ll also want to network with other professionals, and read as much about the field as possible. That’s the only way to stay current on job opportunities.
You are in control of your career in Cyber Security. Therefore, you need to decide on the direction you want to go and map out a plan.
Gain the knowledge you need to acquire certifications because that is the best way to demonstrate your abilities. Let your passion show through as you continue to network with other professionals.
Rely on the power of Woz U’s knowledge of the Cyber Security field to help you take control of your life.