Sections

Cybersecurity Career Guide

The cybersecurity industry is a new and quickly growing industry. There is a huge job market and therefore an abundance of career pathways and roles which can be progressed into, all offering competitive salaries and benefits packages.

The decisions we make about communication security today will determine the kind of society we live in tomorrow.

Whitfield Diffie

Cybersecurity Career Ratings

8/10

Income

7/10

Career
Growth

4/10

Personal Growth

5/10

Contribution

3/10

Influence

Job Profiles

Real-Life Cybersecurity Job Profiles

Below is a list of links to anonymous job profiles of REAL PEOPLE who have filled out our survey and offered to share their insights with our users about their job in the Cybersecurity field.
ID Job Title Gender Age Earnings City & State Date
33947 Systems Analyst II Female 50 $38,000 Cedar Creek, TX 01/01/2010
33539 Network Engineer Male 25 $30,000 sterling heights, MI 01/01/2010
33474 Network Engineer Male 27 $70,000 Evans, GA 01/01/2010
33198 Systems Analyst Female 44 $82,000 Farmington Hills, NY 01/01/2010
33065 Network Engineer Male 30 $35,000 Huntsville, AL 01/01/2010

Overview

What a cybersecurity professional actually does

Cybersecurity professionals work to defend, build and operate computer servers, mobile devices, electronic systems, networks and data from malicious cyber-attacks.

Cybersecurity professionals typically work in the following fields:

  • Network security, which is the practice of securing a computer network form intruders, targeted attackers or opportunistic malware.
  • Application security, which focuses on keeping software and devices free of threat.
  • Information security, which involves protecting the integrity and privacy of data, both in storage and in transit.
  • Operational security, which includes the processes and decisions for handling and protecting data assets.
  • Disaster recovery and business continuity, which is the part of cybersecurity that defines how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate how the organization resorts its operations and information to return to the same operating capacity.
  • End-user education address the most unpredictable cybersecurity factor: humans. End-user education teaches people how to detect threats, emails or faulty USBs.

Why they are needed

The world is getting more and more technology reliant and there is no sign of this trend slowing down. Due to this, there is an ever-increasing need for cybersecurity professionals to help protect our computer systems and networks.

By some estimates, there are only 1000 cybersecurity specialists capable of effectively operating in cyberspace. However, it is predicted that there is a need for 10,000 to 30,000 of these professionals as cybersecurity breaches are on the rise.

Here are some figures to show the importance of the work the cybersecurity professionals do:

  • Security breaches have increased 11% since 2018 and 67% since 2014
  • Hackers attack every 39 seconds which is, on average, 2,244 times a day
  • The average cost of a data breach is $3.92 million as of 2019
  • Approximately $6 trillion is expected to be spent globally on cybersecurity by 2021
  • Data breaches exposed 1 billion records in the first half of 2019
  • 62% of business experienced phishing and social engineering attacks in 2018

As well as the huge economic cost associated with cybercrime, organizations will lose their reputation, consumer trust and current and future customers. Businesses could also face high regulatory fines or sanctions as a result of cybercrimes.

The increasing cybersecurity threat is driven by increased global connectivity and usage of cloud services. These cloud services often have poor configuration which, when paired with increasingly sophisticated cybercriminals, can lead to catastrophic security breaches. This means that everyone, at any level of a business, is constantly under threat and needs experience professionals to fight these crimes.

However, there is actually a huge lack of trained and skilled professional. Thus, we need cybersecurity professionals (and we need more of them) because they encompass everything that pertains to protecting our sensitive data, personally identifiable information (PII), protected health information, personal information, intellectual property, data, and governmental and industry information systems from threat and damage.

Pros and cons of a career in cybersecurity:

Pros:

  • The future is digital, which means that the demand for cybersecurity professionals will only ever increase.
  • There are opportunities to work in the private sector, public sector or as a freelancer/consultant.
  • A career in cybersecurity will provide you with lots of opportunity to switch roles and progress. This changing and progression of roles also means that you will gradually evolve to encompass new skills.
  • Since the talent gap is large, companies are typically offering competitive salaries and great compensation packages to entice prospective candidates.
  • The job market is excellent and there are jobs everywhere as nearly every company needs an experienced cybersecurity professional (e.g., banks, investment firms, the government, universities, schools? the list is endless).
  • Cybersecurity professionals are in demand and the unemployment rate for cybersecurity professionals is less than 1%.
  • There is a lot of opportunity to advance and progress into different positions. The cybersecurity industry is also an unregulated industry, so there are many ways to advance your career.
  • Lots of companies provide on the job training, which provides the experience needed for further progression.

Cons:

  • It is only recently that business have begun to offer proper and formal training. In general, organizations do little to help their cybersecurity staff as many management teams do not completely understand what they do or how is best to help them.
  • Cybersecurity professionals can often be on-call and sometimes have to work demanding hours. This is because cybersecurity attacks are a critical problem that can happen at any time, so professionals are expected to be accessible at any time, including weekends or evenings.
  • Like any job, some cybersecurity tasks are repetitive and boring. For example, there is a lot of tasks that involve writing and formatting documentation or checking log files.
  • It is typically a very high-pressured job because a cyberattack can happen at any point, which cybersecurity professionals must be able to resolve efficiently.
  • You will never completely be an expert due to the fast and dynamic pace of the cybersecurity industry. Sometimes, it can be hard to keep up and you will find that you always need to learn new skills and adapt to new roles and situations.
  • Despite the lack of talent in the field, employers still often look for skills, experience and qualifications, which can make it difficult for people looking to enter the industry.

Career success factors

Due to the cybersecurity industry being a relatively new industry, little is actually known on the career success factors. However, a recent 2017 study found that successful cybersecurity professionals typically demonstrated humility, positive attitudes, optimism, critical thinking, adaptability and innovativeness.

The same study also found that successful cybersecurity professionals were also able to effectively build and maintain relationships with others, often displaying high levels of empathy. The final success factor of cybersecurity professionals that was found was their contextual awareness and their need and want to understand the ?why? behind things.

Employability

Job market

Jobs in the cybersecurity industry grew 74% from 2007 to 2013, which is more than twice the growth rate of all information technology jobs.

In general, the job market for cybersecurity roles is large and growing. Due to the increasing threat of cyber-attacks, there are a lot of jobs available. However, due to the lack of talent, companies are struggling to fill these positions, making it a good profession to consider.

What?s more, is that a Global Information Security Workforce Study by (ISC)2?? revealed that only seven percent of cybersecurity professionals surveyed were under the age of 29, and only a small 13 percent were between the ages of 30 and 34, with the average age of cyber professionals is 42.

Not only is the field failing to attract the millennials it needs, but there is a severe gender gap, with females constituting only 11 percent of the world?s information security workforces. This means that the job market is more accessible to females or younger employees as business work to diversify their workplaces.

There used to be a big problem with education for cybersecurity professionals as many employers look for highly skilled individuals with college degrees. However, fortunately there has been advancements in technology which means that getting a degree and gaining experience in the field is easier than ever.

Career paths

The career path of a cybersecurity professional will depend on exactly what job title they are aspiring to reach. Some job roles require nothing more than completing a certificate program, while other, more advance positions, require college degrees in computer science, mathematics or a similar science related topic.

Even without a degree, you will need to have a solid understanding of the fundamentals of IT. One way to achieve the certificates and knowledge required to be successful is to enroll in some Cybrary courses. Some courses offered by Cybrary are free, whereas others you have to pay for. Nonetheless, Cybrary is the fastest growing and fastest moving catalogue in the industry. The site prides itself on working with an elite community of instructors, experts and leaders in the field to provide users with the best possible education and resources.

Cybrary offers a huge range of guided and job-specific career paths for beginners, intermediate or advanced cybersecurity professionals. The Cybrary courses are designed to give you the real-world concepts and skills that you need to be successful on the job. The courses allow you to practice the skills you learn and offer you industry recognized certificates upon being completed.

To conclude, for the most part, college degrees are helpful. However, in all honesty, the whole cybersecurity industry was started by people with no college degree; they just had IT experience and worked hard. In fact, many cybersecurity professionals start out in information technology (IT) careers and progress to cybersecurity careers.

After getting the relevant qualifications, it is typical to start at an entry level and then to progress fairly quickly to move advanced and senior positions as you learn on the job.

Example Job Titles for Cybersecurity

Below is a list of common job titles in the Cybersecurity field. Click the links below for more information about these job titles, or view the next section for actual real-life job profiles.

Benefits & Conditions

Income and benefits

Due to the extreme drought in cybersecurity professionals, salaries in the cybersecurity industry are often very high. According to CNBC, the average annual salary for a cyber security professional with a bachelor?s degree is $116,000. For more advanced positions, that typically require a master?s degree or years of experience, the salaries can almost double.

Autonomy and Flexibility

To begin with, working in cybersecurity may not feel like it provides too much flexibility or autonomy as it is typical to start off in entry-level positions and report to more senior roles. The hours can also sometimes be long in the event of a cybersecurity attack.

However, as you progress into more senior positions, you quickly receive more autonomy, responsibility and flexibility. With more experience, there is the option to become self-employed or to work as a consultant, which gives you the ultimate flexibility and control.?

Locations and commute

According to TechRepublic, the five best cities in the United States overall for high cybersecurity salaries are Minneapolis, Seattle, San Francisco, Dallas and Denver.? We’d add that Washington DC and then any major cities (especially financial hubs) like New York and Chicago also have very strong job demand and typically salaries that also reflect that.

However, wherever there are businesses that use cybersecurity systems, there is a need for cybersecurity professionals. Due to this, your location doesn?t typically matter for cybersecurity professionals. Of course, as with any job, there are more opportunities and the chance to earn more money in bigger cities.

Work environment

The Bureau of Labour Statistics concluded that 28% of cybersecurity professionals work in computer systems industry. Other cybersecurity professionals were found in finance and insurance industries, company management industries or in administration and supportive roles.

Most cybersecurity professionals work the typical 8 to 5 pattern. However, they may have to work outside of these business hours in the unfortunate event a cybersecurity attack, or other kind of emergency. Occasionally security upgrades or updates may also be pushed live at off-hours.

Cybersecurity professionals typically tend to work as part of a teams, or they at least have to report to management and other IT teams. In the time of a crisis, the work environment can become high-pressured and stressful.

Career Satisfaction

Common Matching Personality Types

Which personalities tend to succeed and thrive in Cybersecurity careers? Based on our research, there is a relatively strong positive correlation between the following personality types and Cybersecurity career satisfaction. This doesn’t mean that there aren’t many exceptions, of course, but if you fit into one of the following personality types then we suggest you give strong consideration to a career in Cybersecurity.

16 Types (Myers-Briggs)

  • None

Big Five (OCEAN)

  • None

DiSC

  • None

Enneagram

  • None

Holland Codes (RIASEC)

  • None

Personality types

Due to cyber security being a fairly recent and growing profession, little is known about what personality traits professionals typically have. One study, which is the only one to examine the personality type of cybersecurity professionals specifically, found that, when compared to professionals in information technology careers, cyber security professionals scored higher on agreeableness and openness.

Cybersecurity professionals were found to have lower scores on trust, but higher scores on intellect than other professionals. They also, perhaps surprisingly, scored higher on the facets of assertiveness and adventurousness.

However, despite not knowing too much on what personality characteristics lead to successful and satisfied cybersecurity professionals, an (ICS)2 study found that job satisfaction is high among cybersecurity professionals in North America, with 71% of respondents saying they are satisfied. Overall, it was found that cybersecurity professionals take pride in the fact they are defending people and organizations against cybercrime.

Accomplishment and mastery

The sense of accomplishment and mastery in cybersecurity professionals is typically very high as they are always learning and advancing their skill set. Due to the industry constantly changing, there is a lot of progression and advancement available. As you learn new skills, you will feel a great sense of accomplishment and mastery of new skills and resources.

Meaning and contribution

There is a lot of meaning in cybersecurity work as cyber security professionals work to protect people, stop money being wasted and to prevent criminals! In fact, an (ICS)2 study found job satisfaction was very high amongst cybersecurity professionals because they take great pride in the fact that they are defending both people and organizations against cybercrime.

Cybersecurity professionals also make a huge impact, as every business has a need for and is helped by the work and knowledge of cybersecurity professionals.

Life fit

For the most part, cybersecurity jobs provide an excellent life fit for most people. In fact, many cybersecurity professionals like their job because they can provide for their family whilst still being able to have a good work/life balance.

However, some cybersecurity roles will require for individuals to be on call and work out of normal business hours in case of security attacks, which can sometimes be hard for people who have many other commitments.

Who will thrive in this career?

  • People who are enthusiastic about answering technical questions and getting to the route of the problem.
  • People who like change and show adaptability and flexibility.
  • Those who like to constantly learn and advance their skill set.
  • Those who have a genuine interest in cybersecurity and what measures can be used to protect the society.
  • Those who work exceptionally well under pressure and can handle when things go wrong.

Who will struggle in this career?

  • People who don?t like change as cybersecurity can often be chaotic and professionals need to keep up with the change.
  • People who aren?t fond of continuous education as cybersecurity professionals need to learn new skills all the time and there is a constant state of change to implement new protection strategies.
  • People who don?t work well under pressure as the industry is chaotic and requires continuous change and continuous learning. With this, comes the pressure to keep up and make sure security systems are always protected.
  • Those who can?t accept failure as nothing that is done is always going to be correct in such a complicated and ever-changing industry.

Requirements

Skills and talents

The typical skills and talents required for cybersecurity professionals include ?.

  • Problem-solving skills. As a cybersecurity professional, problem-solving will play a major role in day-to-day work as they need to work to address complex challenges.
  • Attention to detail. Working to defend organizations and people against cyber breaches requires individuals to be vigilant and have an excellent eye for detail. Often, missing things will have chaotic consequences, and thus, attention to detail is a key skill.
  • Communication skills. Cybersecurity professionals will need to work closely with individuals in other roles and departments, so it is crucial to be able to effectively communicate and explain findings, concerns and solutions to others.
  • Knowledge of the fundamentals of information technology. Employers will look for this as often management know little about cybersecurity so look for individuals who know what they are doing.

Education

Employers do still look for college degrees in computer science, information technology, mathematics or other related fields. However, these are not essential as recent development mean that all the skills, knowledge and resources required can be accessed online.

Certifications

IT professionals looking to hone their skills may find it beneficial to take some courses. This helps candidates to stand out and shows strong commitment to the profession, which may boost career advancement and earning potential. Popular certificates to obtain include that can help you get hired, or progress your career further down the line, include:

  • CompTIA Security+
  • Certified Ethical Hacker (CEH)
  • Network+
  • Certified Information System Security Professional (CISSP)
  • Licensed Penetration Tester (LPT)

How to Become

Summary

The cybersecurity industry is a new, quickly growing and ever-changing industry. The job market for cybersecurity professionals is large and growing. However, there is a lack of talent to the field, but due to this, employers often offer competitive salaries and benefits packages.

Cybersecurity professionals tend to have excellent job satisfaction because they feel a great sense of meaning and pride in the fact that they protect businesses and individuals from cyberattacks.

Individual?s will thrive if they have a genuine interest in cybersecurity and what measures can be used to protect society. Individuals who are enthusiastic about answering technical questions, who work well under pressure, who like change, who like to learn and show adaptability will also thrive in the cybersecurity industry. Employers will also look for problem-solving, communication, attention to detail and technical skills in recruitment processes.

Immediate action (so what can you do)

To kick start a career in cybersecurity, you can use Cybrary to complete online courses that will enhance your resume and show employers your passion and determination to work in the industry.

Some beginner courses include an ?Introduction to IT & Cybersecurity?, which you will receive a certificate from to demonstrate your participation. Cybrary also offer courses focused on teaching you skills which employers are looking for, such as introductions to Java or Digital Literacy.

Education and learning

Whilst degrees in computer science or mathematics are preferable, these are not the only option. As mentioned, there are great online courses that can aid you in gaining the skills, experience and certificates needed to kickstart your career in cybersecurity.

Once you have your foot in the door, learning in the cybersecurity profession is continuous as the field is constantly changing and progressing.

Skill development

Whilst working as a cybersecurity professional, there is a lot of opportunity for skill development and career progression. Many professionals continue to take courses, such as the Certified Information System Security Professional (CISSP) or the Licensed Penetration Tester (LPT), to advance their skills and knowledge of the field.

Semi-pro options

As cybersecurity professionals develop their knowledge and skills, they may decide to become a consultant or a freelancer. However, at an entry-level position, freelance work is hard to come across due to the knowledge and skills require in the field.

FAQs

Ask a Question

Have a question about Cybersecurity careers? If so, our mentors would love to help! Just click on a mentor’s profile below and then fill out the “Ask a Question” form on that page. Your question will then be emailed to the mentor, who can then email you a reply.

ID Job Title Gender Age Earnings City & State Date
33947 Systems Analyst II Female 50 $38,000 Cedar Creek, TX 01/01/2010
33539 Network Engineer Male 25 $30,000 sterling heights, MI 01/01/2010
33474 Network Engineer Male 27 $70,000 Evans, GA 01/01/2010
33198 Systems Analyst Female 44 $82,000 Farmington Hills, NY 01/01/2010
33065 Network Engineer Male 30 $35,000 Huntsville, AL 01/01/2010

Resources