As more and more people come online, we also become more vulnerable to cyber attacks and security breaches. The recent cyber attacks on giants such as Ashley Madison, Sony, and JP Morgan indicate that cyber security is not just an issue for governments to be concerned about. Various other industries such as healthcare, retail, and finance are looking to hire cyber security professionals to safeguard their data. Corporations are waking up to the importance of securing sensitive business and customer data. This calls for more security professionals to be added to the workforce.
In this article, we examine in detail how you can build a career in cyber security, right from education and initial experience to employers’ expectations.
Growth in Cyber Security Jobs
Cyber security is one of the fastest growing fields in the world. A report by the U.S. Bureau of Labor Statistics states that information security analyst jobs are expected to grow 18 percent from 2014 to 2024. This is more than the average for other occupations.
In the Global Economic Crime Survey 2016 by PricewaterhouseCoopers, cyber crimes were found to be the second most reported types of economic crime. What’s more, the same report stated that only four in 10 respondents have trained professionals to respond should they be targeted by cyber crime. The price to pay for this is heavy. A third of the survey respondents reported that they had incurred losses of more than $100 million.
The need for cyber security professionals is growing, but supply won’t meet demand anytime soon. An article by CSO quoted CEO of Symantec Michael Brown as saying, “The demand for the [cybersecurity] workforce is expected to rise to 6 million [globally] by 2019, with a projected shortfall of 1.5 million.”
If you’ve always had a passion for computers and you’re considering getting into cyber security, there won’t be a better time!
Education: How to Get Into Cyber Security
The importance of a degree in cyber security, or a related field such as IT, has been emphasized by experts. In an article in Computer World, President of Secure Mentem Ira Winkler states, “If you want to advance your career, the absence of a college degree will impede promotions and make it more difficult to get the jobs you want. That degree on your résumé is a baseline that recruiters and hiring managers are going to be looking for.”
Most jobs in cyber security require a bachelor’s degree at a minimum, and some require more advanced certifications and a master’s degree. Some jobs in cyber security, such as positions in a government organization, require candidates to obtain necessary security clearances.
It is important to choose a degree that meets your long-term career goals and is accredited. Here is a list of degrees available in cyber security, along with the courses and skills acquired in each of the programs:
Associate Degree in Cyber Security
This is a two-year program which teaches students fundamental cyber security concepts such as detecting intrusion and security administration. It also covers network technologies and the vulnerabilities of software and hardware systems. For students looking to appear for certification exams such as CompTIA Security+ and ISC2 Certified Information Systems Security Professional (CISSP), an associate degree is a good choice. These certifications are key in finding full-time employment.
Some of the courses offered in an associate cyber security program include:
- Introduction to Computer Forensics and Cyber Crime
- Database Security
- CompTIA Security+
An associate program equips students with the following skills:
- Recovering image files
- Investigating emails
- Processing crime scenes
- Understanding database security
- Building a defense for common attacks
- Using cryptography
- Applying access control models
An associate degree can prepare students to seek entry-level jobs in the role of a computer support technician as well as related roles. It can also serve as a stepping stone to a four-year degree in cyber security.
Bachelor’s Degree in Cyber Security
A bachelor’s program is for four years and is considered an ideal route for getting into cyber security. However, it is not necessary for students to pursue bachelor’s in cyber security alone. It is also possible to get into the field with a four-year degree in computer engineering, computer science, and mathematics.
A bachelor’s degree lays a foundation for students in key topics such as database application, programming, and security. Further, it explores advanced topics such as ethical hacking, artificial intelligence, and cryptography.
Some of the courses offered in the bachelor’s cyber security program include:
- Fundamentals of Networking
- Installing and Configuring Windows Server
- Ethical Hacking
A bachelor’s degree equips students with the following skills:
- Using networking and security protocols
- Configuring core network services
- Administering active directory
- Managing group policy
- Defending computers against cyber security attacks
- Protecting an LAN against security attacks
- Remaining safe on the internet
A bachelor’s degree in cyber security or a related field can help students find employment in roles such as computer forensic analyst, cyber security analyst, and information security analyst.
Master’s Degree in Cyber Security
This is a two-year program which delves into technologies such as cryptography, digital forensics, and biometrics. It teaches students how to protect electronic networks and infrastructures from an attack.
Some of the courses offered in the master’s cyber security program include:
- Penetration Testing and Vulnerability Analysis
- Applied Cryptography
- Digital Forensics
A master’s degree equips students with the following skills:
- Analyzing vulnerabilities in networked applications
- Using modern cryptography
- Applying forensic science principles
- Presenting digital evidence
Students completing the master’s program are prepared to seek employment in roles such as penetration tester, security-application programmer, security architect, security product developer, and vulnerability analyst.
Cyber Security Certificates
Certificate programs in cyber security help students develop further expertise in areas such as computer system security, cryptographic techniques, network perimeter defense, digital forensics, and legal issues. Most certificate programs offer 12-18 credits.
Some of the courses offered in a cyber security certificate program include:
- Technology and National Security
- Introduction to Penetration Testing
- Cyber Risk Management for Decision Makers
Cyber security certificate programs equip students with the following skills:
- Gathering intelligence
- Understanding national policy on security
- Examining risks of technological innovations
- Understanding threat vectors
- Identifying high-level risks
- Knowing ethics, legal issues, and standards
- Mapping impact
Certificate programs help students add credentials to their resume. They can then apply these credits to a master’s degree, if they wish to pursue one.
D.Sc. Degree in Cyber Security
The doctorate program in cyber security is for three-five years, including a dissertation. It is meant for those students who have a strong base in cyber security and wish to pursue applied research in IT. Students examine specialized techniques such as data collection, reverse engineering, exploitation of software, and analyzing malicious code.
Some of the courses offered in the D.Sc. cyber security program include:
- Full Scope Security Testing
- Advanced Malware Analysis
A D.Sc. in cyber security equips students with the following skills:
- Learning processes of penetration testing
- Defending software systems
- Using reverse engineering tools
- Using IDA pro
Students completing the D.Sc. degree in cyber security are prepared to seek work in intelligence, law enforcement, and military organizations. They may also find employment in data-driven fields.
Certifications in Cyber Security
Apart from the degrees mentioned above, there are also various certifications available in cyber security which help you boost your resume and delve deeper into a topic of your choice.
Here is a list of some of the most popular certifications offered in cyber security:
- Certified Information Systems Security Professional (CISSP) – Covers implementation, management, and engineering of information security programs.
- EC-Council Certifications – Certifications include Licensed Penetration Tester, Certified Ethical Hacker, Certified Security Analyst, and Certified Chief Information Security Officer.
- Global Information Assurance Certification (GIAC) – Offers certifications such as Audit, Security Admin, Forensics, Software Security, and Legal.
- ISACA Certifications – Certifications available include Governance, IT Audit, and Risk.
While formal education in cyber security is important, it is also recommended you read as much as you can on the subject. This keeps you informed about the latest trends in the field and the skills you need to develop. It’s good practice to delve into past cyber security attacks to learn about how the breaches took place and how they were resolved.
Careers in Cyber Security
There are various job roles assigned to cyber security professionals. Some deal with developing an infrastructure for security, while others test the company’s security for vulnerabilities. A number of these roles do not necessarily require cyber security degrees.
Let’s take a look at some of the most popular cyber security career paths.
Chief Information Security Officer
The Chief Information Security Officer, or CISO, is an executive position, overseeing the IT security division of a company. CISOs are expected to have a firm grasp in IT security architecture and strategy, along with communication and management skills.
The minimum educational requirement for this position is a bachelor’s degree, either in cyber security or a related field such as computer science and information technology. Some organizations may also require a master’s degree or an MBA.
Forensic Computer Analyst
Forensic computer analysts are called in when there is a security breach to review computer-based information. They deal with financial and personal information and are expected to follow privacy procedures.
In order to find employment as a forensic analyst, candidates need a bachelor’s degree in forensic computing, computer security, or related subjects. They may be also be required to have prior experience.
Information Security Analyst
The Information Security Analyst protects the computer systems and networks of a company. They are required to stay in touch with latest trends in the industry and research new security technologies.
The minimum qualification for this role is a bachelor’s degree in computer science or related field. Candidates can also pursue specialized degrees in information security. Large organizations tend to require candidates to have an MBA as well.
The potential entry-level salary for this position is about $64,000 per year.
The role of a penetration tester is to figure out the vulnerabilities in the security of an organization. They work as part of the IT team. They need to have a firm grasp on security measures as well as relevant tools and software.
Penetration testers are generally required to have a bachelor’s degree in IT or cyber security. In some cases, the candidates may also need relevant certifications.
IT Security Architect
Like the name suggests, the IT security architect plans and designs the structure of security for the company, delegates tasks to team members to prepare that framework, and tests that framework. The security architect is also responsible for determining policies for use and implementation of the security structure.
This role generally requires a bachelor’s degree in computer science, computer security, or a related subject.
IT Security Engineer
An IT security engineer approaches cyber security with a specialized engineering techniques. They are required to have a strong background in mathematics and communication, as well as knowledge of operating systems and languages.
This role requires a bachelor’s degree in engineering — preferably electrical — or computer science. Some employers may also require prior experience and certifications.
IT Security Administrator
An IT security administrator manages IT-related safety issues of the company. The job requires coordination with a security analyst for implementing policies.
Candidates are required to have a bachelor’s degree in computer science or IT security. They may also be required to have experience working in IT security at a junior level.
This position has an average potential salary of about $56,000 for an entry-level position.
IT Security Consultant
An IT security consultant advises clients on how to meet their cyber security goals in a cost-effective manner. They are generally hired by small companies, but may also be hired by large business organizations to work in tandem with their security team and provide an unbiased view of the company’s security.
This role requires candidates to have a bachelor’s degree in information technology, computer science, or cyber security. Some clients may also require them to have professional certifications.
What Employers Look for in Cyber Security Professionals
Apart from a bachelor’s degree, recruiters want to see that you have real-world IT skills which will help them safeguard the security of their company. They also appreciate candidates that are well-versed with professional communication and demonstrate leadership qualities.
Here are the main factors employers consider important in cyber security professionals:
- Technical expertise: This refers to a strong background in fundamentals such as operations and database management, network protocols, detection of intrusion, and proxy server knowledge. You also need to be well-versed with programming languages such as C++, Java, Python, assembly language, and disassemblers. Always keep yourself updated with the latest technologies and procedures.
- Soft skills: While cyber security is a technical field, soft skills are essential for any and every job. Good communication skills help you get your point across tactfully. It is also important to communicate with non-technical colleagues in a way they’ll understand. Employers also desire candidates that have a sound understanding of business procedures and are aligned with the company’s overall mission.
- Specializations: Like in any field, it’s important to carve a niche for yourself and have a specialty. Some of the specializations which candidates can pursue include Microsoft technologies, cloud computing, wireless, cryptography, Cisco networks, and open-source applications.
Gaining Initial Experience in Cyber Security
While a degree and skills will get your foot in the door, nothing beats real-world experience and self-directed learning. If you’re about to start your career in cyber security and want to get a head-start in the field, consider ways to gain real-world experience in the field. Employers love candidates who take initiatives.
Here’s how you can gain some initial experience in cyber security:
- Practice on your own machines: If you have old, discarded computers, put them to good use. Build your own home network, secure it, and then try hacking it. You can try hacking with different configurations and learn so much more about penetration testing. If you only have one computer, partition the hard drive to run Windows as well as Linux.
- Volunteer your time: There’s no better way to gain experience than offering to protect an organization’s security for free. This could be for a local NGO, charity, or small businesses which cannot afford a professional. You can also offer to help your professors in their work, or volunteer at cyber security and IT conferences. Another good option is to examine open-source projects for vulnerabilities and sites which offer big bounties.
- Learn as much as you can: Teach yourself as many new technical skills as possible to stay on top of your game. Learning to code should be a priority, and there are various online classes to help you do this. Take as many free MOOCs in cyber security as possible to supplement your college education.
- Network with fellow professionals: Networking with others in the field opens new avenues for employment and learning. Attend local meetings and events related to cyber security. You can also join LinkedIn groups and security organizations online. A good way to meet fellow enthusiasts is through cyber security contests such as Wargames and Capture the Flag competitions.
We hope this article provided you with some insights into the field of cyber security. If you’re looking to start your career in cyber security, check out some helpful courses to begin your education!