Estimates show that there are over one million unfilled cybersecurity jobs. The U.S. Bureau of Labor Statistics projects that employment of information security analysts will grow 28 percent from 2016 to 2026, "much faster than the average for all occupations."
This presents a massive opportunity for people looking to break into the industry. If you want to join the next generation of cybersecurity professionals, Springboard has done all of the research for you in building the Cybersecurity Career Track. Here's what you need to know:
Key Roles in Cybersecurity
First, we have to drill down to the different roles and specialties within cybersecurity so you know which might be the best fit for you. There are three broad categories of roles here, analysts, engineers and architects.
Security analysts will typically look and test for cyber vulnerabilities. They may also help implement security solutions.
Security engineers will typically create systems for automated logging, respond to incidents, and create and implement new technologies to fight an ever-evolving litany of cyber threats.
Architects will design a major part of a security system—or maybe the entire thing.
For security analyst positions, you often will be asked to have one to five years of relevant work experience in IT or technology fields, and will typically need a bachelor's degree, ideally in a related field like computer science.
Engineer positions pay slightly more than analyst positions, on average, but they'll often require more than a bachelor's degree—oftentimes, you'll need a master's degree with a focus in IT. You'll also need more work experience, with senior security engineer positions demanding upwards of 10 years of relevant work experience.
Finally, the security architect positions usually demand the most work experience and degree requirements of the three categories; however, they are also the most highly compensated.
Where you want to go with your cybersecurity career will often boil down to the category and roles you choose.
Cybersecurity Salaries Are On the Rise
According to 2018 data from Payscale, the median salary for security architects is $120,269, which is about a 10 percent increase from 2014, when it was $109,794. As you can see, security architects are well paid, and compensation is trending upward.
Security engineers have a median salary of $88,445 in 2018, compared to $85,177 in 2014, about a 5 percent increase. While not growing as much as a security architect, there is still plenty of financial upside in the role.
Security analysts earn a median salary of $67,079 as of 2018, up from $65,621 in 2014.
Overall, job opportunities in cybersecurity keep on growing, and so do the levels of compensation.
If you want to get an overview of the different roles out there, the different job descriptions and requirements, this CSO article is an excellent curated overview. It's a perfect place to start diving deeper into different job descriptions, and the skills you need to learn.
You should then look into absorbing the foundations of cybersecurity: understanding what the threat environment is like and how companies are currently dealing with it.
Then you might consider narrowing down to a specific role you want to play. For example, you could consider the unique training and resources needed to become a software security analyst, which will involve looking at common tools and methodologies to analyze and mitigate risks.
Paths Into Cybersecurity
Most cybersecurity professionals start off with a background in technology and IT. They will often work for the IT department of larger companies or smaller startups to get acquainted with new technologies, and they often have bachelor's advanced degrees in technical fields such as computer science.
Many cybersecurity professionals will start off understanding the fundamentals of data networks and operating systems, and knowing a scripting language such as Python or Bash.
Perhaps the easiest path to transition into a cybersecurity role is working with a company that deals with data and networks in an IT capacity, and brushing up on network security and endpoint hygiene. Then, you become seen as a security expert in the office—and can quickly leverage that position to gain relevant cybersecurity experience.
5 Valuable IT Certifications You Need for Cyber Security Careers
You don't need a degree to get into cybersecurity. You can also get industry-recognized certifications. This email course will help you identify the best certifications for your projected career path.
You might want to focus on these five popular certifications:
- The Network+ Certification from CompTIA will measure your knowledge of how networks communicate data and the foundations of your IT knowledge. It will help you open the door to entry-level IT opportunities.
- The Security+ Certification, also from CompTIA, is probably the most important cybersecurity certification you can get, as it shows that you understand the foundations of security, from cryptography to risk management.
- The Certified Ethical Hacker certification puts you in the mindset of an attacker, allowing you to reinforce your cyber security skills and competence. It usually requires about two years of experience in IT before you can take the exam. Bolstered with the Security+ certification, you can demonstrate a valuable and varied skill set that will propel you further into cybersecurity roles.
- Becoming a Certified Information Systems Security Professional (CISSP) will help you with advanced cybersecurity roles. You do need at least five years of relevant work experience before attempting to get this certification—however, it is one of the top professional cybersecurity certifications.
- Licensed Penetration Tester (LPT) is arguably the pinnacle of cyber security certifications, allowing you to legally and ethically hack into company systems to test their defenses. Getting this certification means you've mastered many advanced cybersecurity concepts.
There are different certifications for different phases of your cybersecurity career: you should choose whatever makes sense in your current phase to get a job or advance your career.
Cybersecurity Job Interview Advice
In order to ace the cybersecurity job interview—whether for a new opportunity as a cybersecurity professional, or your first cybersecurity job—you'll need lots of practice to make sure you're on top of domain-specific knowledge and technical challenges.
You'll also want to make sure you nail down your story of why you want to grow a cybersecurity career and pass the standard HR/behavioral screens. Make sure you come prepared, ready to evaluate your fit with the company you're interviewing with.
It always helps to be prepared with research on the role you're interviewing for, and smart questions for your interviewer that show you've thought through their problems and needs.
Here's a selection of technical interview questions you can use to practice and refresh your knowledge.
Finally, while the huge job sites include cybersecurity postings, it's helpful to check cybersecurity-specific job boards. Here are a couple of places to start:
I hope this guide has been helpful! If you want to train toward a cybersecurity career with the help of personalized career coaching and one-on-one guidance from a cybersecurity expert, Springboard's Cybersecurity Career Track might be the perfect match for you.