Gone are the days when internet threats involved someone poking around on your router or stealing the CEO’s password. Today’s hackers are organized, well-trained, politically aligned, and intent on stealing the information of millions. In the past few years, large corporations, banks, and even government systems have been breached.
Cyber Security training requirements can vary from one sector to another. But what does not change is your ability to adapt and learn new technologies as this is an ever evolving field to be in.
What is Cyber Security
Today, and in the foreseeable future, cyber security professionals are required in all sectors of the economy. Public, private, and government organizations (a prime example is the Navy) all need expert IT professionals to help them stay on top of the latest digital threats from around the world.
The severity of the threat calls for information technology (IT) professionals trained to combat cyber crime. And if you’re looking for an IT career that has high growth potential, a high salary potential, and interesting work, then this anti cyber crime career might just be perfect for you.
We won’t go as far back as pluto such that Professor Ed Felten did in his remarkable article, What’s the Cyber in Cyber Security?. Suffice it so say cyber stands for a territory (cyberspace) and that it must be protected and secured from outside and insides threats.
As far as what is cyber security, to put it in a nut shell, it is the field of IT focused on malicious threats that occur against organizations and governments. The term is used interchangeably with information security, or “infosec”, by professionals within the field. Information Security professionals analyze systems and networks for vulnerabilities, prevent cyber attacks, and safeguard access to sensitive data.
InfoSec experts often disagree on the best way to attract and educate these security professionals. Some say that a generalized degree and on-the-job experience is the best; others say that specialized training and certifications are king.
Some say more college programs, some say invest in bootcamps. What they won’t disagree on is that the need for qualified professionals is growing exponentially around the world and in every sector of the economy.
Jobs & Career Outlook
According to the Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2014-15 Edition on Information Security Analysts, the projected percent change in employment from 2012 to 2022 are expected to grow much faster than the average jobs in the United States at a whopping 37%.
Compare that to occupations in the same field, such as computer programmers, which are only expected to grow as fast as the average at about 8%. Cyber security jobs will grow in demand as threats continue to evolve and threaten larger and larger organizations.
This profession allows for plenty of room to grow in your career. Entry-level security professionals can work a security analyst or systems tester performing basic network troubleshooting and penetration testing. As professionals advance, the scope of work increases as well, and with it your financial compensation.
More experienced professionals who are considered advanced level practitioners, may advise entire companies as a Chief Security Officer or become an independent consultant that specializes in one system or type of threat.
Or, you could move into IT management or project management and grow your non-technical skills and be the leader of these departments as you are now both adapt at information security and managerial duties.
The opportunity to find work at various levels of education, experience, and skill are available in cyber security. So if you’re looking for a challenging and well-paying job in the IT field, then look no further than a career in fighting cyber crime.
Salary & Pay
As with other IT jobs, a cyber security salary is quite generous. According to the Bureau of Labor Statistics (BLS), the job of a security professional pays very well at all levels. For example an Information Security Analysts earns a median wage of $86,170.
Below is a state by state table in both hourly and early income of an information securities analyst. The occupation title officially referenced at the BLS.
|State||Jobs||Hourly Avg. Pay||Annual Avg. Salary|
|District of Columbia||690||$50.69||$105,440.00|
For a comparison of this occupation to other computer and IT related jobs we also organized the table below.
|Occupation||Employment||Hourly Avg. Pay||Annual Avg. Salary|
|The data above was updated May 2014 by the BLS and extracted on July 2016.|
|Computer and Information Research Scientists||$24,210.00||$54.42||$113,190.00|
|Computer and Information Analysts||$608,500.00||$42.25||$87,890.00|
|Computer Systems Analysts||$528,320.00||$41.98||$87,320.00|
|Information Security Analysts||$80,180.00||$44.04||$91,600.00|
|Software Developers and Programmers||$1,492,040.00||$45.81||$95,280.00|
|Software Developers Applications||$686,470.00||$47.85||$99,530.00|
|Software Developers Systems Software||$382,400.00||$50.98||$106,050.00|
|Database and Systems Administrators and Network Architects||$617,680.00||$40.85||$84,970.00|
|Network and Computer Systems Administrators||$365,430.00||$38.35||$79,770.00|
|Computer Network Architects||$140,080.00||$48.42||$100,710.00|
|Computer Support Specialists||$738,030.00||$26.42||$54,960.00|
|Computer User Support Specialists||$563,540.00||$24.76||$51,500.00|
|Computer Network Support Specialists||$174,490.00||$31.80||$66,140.00|
|Computer Occupations All Other||$212,510.00||$41.12||$85,520.00|
According to the InfoSec Institute, the average cyber security pay range runs from about $54,000 to $154,000! Most jobs in the field are salaried and provide insurance benefits, retirement benefits, and further training opportunities.
Schools & Masters Degree
Secondary education is required for entry into this profession. Most jobs require a bachelor’s degree in Computer Science or a related field for entry level roles and more advanced education or certifications for higher-paying positions.
There are fortunately many specialized programs to meet the demand for security professionals. At the undergraduate level, many schools offer specialized cyber security degree programs.
Both Western Governors University (WGU) and Colorado Technical University (CTU) offer a Bachelor of Science in Information Technology with a Security concentration.
Robert Morris University offers an online Bachelor in Cyber Forensics & Information Security and Southern New Hampshire University (SNHU) has a Bachelor of Science in Information Technologies – Cybersecurity. Both are well known as top cyber security schools in the industry and are well worth their investment.
University of Maryland University College (UMUC) has an online Computer Science Bachelor’s Degree, as does Franklin University and Boston University.
Any of these undergraduate programs should provide a strong foundation in computer science with extra courses geared toward this field. Expect to take classes on networking foundations, operating systems, object-oriented programming, database management, and hardware troubleshooting.
Ensuring that you have a strong base knowledge in all areas of computing is a great way to prepare yourself for a long-term career in InfoSec, because it will mean that you have the big-picture view of computer systems needed to understand the why behind the how.
Do you already have a bachelor’s degree completed? If so, a graduate program is one way to gain the specialized knowledge needed to enter or advance in the anti cyber crime profession.
Many schools offer specialization at the graduate level. WGU also offers a Master’s program in Information Security and Assurance. Purdue University in Indiana offers an interdisciplinary Cyber Security Master Degree.
Admission for these programs includes a completed undergraduate degree in computer science or related experience, a passing GRE score, and letters of recommendation.
Online Training Programs & Courses
Traditional schooling isn’t the only way to gain knowledge and experience in this field. Many organizations have popped up to meet the intense demand for professionals knowledgeable in this area. There are two main formats for these courses: self-paced courses and online instructor-led courses.
Self-paced cyber security training courses allow you to access material and study on your timeline. There is usually a limit to the amount of time allotted to access these courses, averaging from 60 days to one year in most cases. At the lower end of the spectrum, there are providers that offer monthly access to videos such as:
- Safari Books
- CBT Nuggets
These programs grant access to an entire library of IT courses at a fixed monthly price. For example, Pluralsight offers courses such as their 11-hour “Introduction to Business Information Technology” and their 7-hour “Linux Networking, Service Management, and Security Fundamentals“.
Lynda.com is a popular counterpart to Pluralsight and has hundreds of shorter security-related courses such as “IT Security Fundamentals” and “Understanding SSH” .
CBT Nuggets is comparable to Pluralsight and has certification-focused training that each run from 7 to 14 hours long. These four cyber security training online course providers cost between $40 and $99 per month.
You can also find self-paced and instructor-led courses from training organizations such as:
- The SANS Institute
- The InfoSec Institute
- New Horizons
The SANS Institute offers dozens of online security training courses in three formats: OnDemand, vLive and Simulcast. Their OnDemand courses “gives you four months of access to a SANS course via standard books, online courseware, hands-on video labs, quizzes for topic reinforcement, and MP3s of lectures by SANS’ top instructors.”
Their vLive courses offer “live, evening online training”. Simulcast is the daytime version of the vLive courses and is offered over the course of a week. The SANS Institute has recommended tracks in:
- Cyber Defense
- Penetration Testing
- Digital Forensics and Incident Response
The InfoSec Institute is another training provider for aspiring and current Information Security professionals. They offer two formats: Self-Paced Mentored Online Training and Live Training.
Their cyber security programs and courses are more a la carte than the SANS Institute. You can train in Ethical Hacking, Advanced Hacking, Reverse Engineering, Advanced Reverse Engineering , Computer Forensics , SCADA Security, Data Recovery, CISSP Boot Camp, Security+ Online , ISSEP Online, ISSAP Online, ISSMP Online, OWASP TOP 10 Training, and Web App Pen Testing Online.
New Horizons Computer Learning Centers across the nation and online are another alternative. The training company offers a handful of courses in Information Security in self-paced and mentored learning formats. Their exam-focused coursework covers exam vendors such as Cisco,CompTIA, (ISC)² and EC-Council.
Finally, you can look to MOOC provider Coursera for a low-cost blended solution. Their Cybersecurity Specialization costs only $245 and covers Usable Security, Software Security, Cryptography, Hardware Security, and a Capstone Project.
You’ll have access to a mentor for each course as well as a large group of peers going through the specialization alongside you. For those looking for a lower-cost solution to SANS or the InfoSec institute but a more structured solution than Pluralsight or Lynda, Coursera’s program would work well.
Whether a self-paced or instructor-led cyber security courses works for you is entirely based on individual factors. If you are a highly motivated student with the free time available to train, then self-paced might work well for you.
If you are someone with less free time or motivation, then the structure and concise schedule of a mentored learning option might work best. The only right way is the way that gets you through the material and on your way toward the job you want.
Top Certifications & Certificate Programs
Entry into this lucrative IT field also requires at least one certification. Top cyber security certifications are a type of qualification based on a rigorous exam and, in some cases, a certain level of experience as well. They range in cost from $150 to nearly $1000 each and can take years to complete.
Certifications tell employers that a candidate is committed to the field and that he or she likely has the hands-on experience necessary to perform the job. They range from entry-level generalized certs to advanced niche certifications.
The premier entry-level cert is the CompTIA Security+, one which is approved by the U.S. Dept. of Defense and used by government contractors such as General Dynamics and Northrop Grumman. The exam does not have any experience or educational requirements and costs between $170 and $200 for the voucher.
It is expected that a security professional have a complete knowledge of networking concepts and technologies. That’s one reason that a common companion to the Security+ exam is the CompTIA Network+ exam, another vendor neutral entry-level cert.
After these two exams, another requested credential is the GIAC Security Essentials (GSEC). According to GIAC, this credential requires candidates “to demonstrate an understanding of information security beyond simple terminology and concepts.”
The GSEC covers domains ranging from common types of attacks and cryptography concepts to firewalls and network protocols. This is a more expensive exam at $1,099 per attempt.
Intermediate professionals tend to specialize. For example, those looking to pursue jobs in ethical hacking pursue the Certified Ethical Hacker (CEH) credential. The CEH is an intermediate-level cyber security certificate program which is offered by the EC-Council that will train you to think like a hacker in order to better secure your own networks.
Advanced professionals often obtain rigorous exams such as the six hour-long Certified Information Systems Security Professional (CISSP) credential.
According to the CISSP certifying body, “the vendor-neutral CISSP cyber security certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks.”
The exam costs around $599 and covers the eight domains of the CISSP common body of knowledge:
- Security & Risk Management
- Asset Security
- Security Engineering
- Communications & Network Security
- Identity & Access Management
- Security Assessment & Testing
- Security Operations
- and Software Development Security
Top Companies & Firms to Work For
There are many top cyber security companies, large and small, that need qualified InfoSec practitioners. This means that no matter where you live, you’ll be able to find companies wanting to you hire professionals like you.
In the private sector, look for IT consulting companies that are rapidly growing. This includes Rook Security in the midwest, SPHERE Technology Solutions in the south, and Defense Point Security in the east.
Other companies to seek out are companies that provide anti-virus software, networking platforms, or which subcontract to the government:
- BAE Systems PLC – A defense company specializing in advanced air and naval electronics and security solutions.
- Dell Inc – With it’s acquisition of SonicWall, Dell is now one of the main providers of network security and IT solutions.
- Checkpoint – Without a doubt, the number one innovators in firewall technology with their stateful packet inspections beginnings. This Israeli based tech company is a well regarded one in the infosec community.
- Leidos – This cyber security company’s vision is simple: Solve critical national security problems for its customers. They hire smart forward thinkers and recognize that their true worth is in its employees.
- Raytheon Company – A defense leader, Raytheon is one of the few largest companies in this list that also starts their about us page with cybersecurity in the first sentence.
- Symantec Corporation – Known throughout the world as a leader in antivirus, Symantec has been slowly establishing themselves as an enterprise security corporation.
- Thales Group – Whether you want to protect your air-space, ground-space, or cyber-space, Thales helps its clients create a safer world.
- Trend Micro Inc – Focused mainly on cloud security, Trend Micro has the right track records to keep all forms of software thereat at bay and away from its client’s servers and digital information.
The list of cyber security firms now specializing in cybercrime and computer security has grown exponentially. Finding a job or starting your career in any one of these will be a great start regardless of your position and job title.
Internships & Entry Level Jobs
Obtaining entry-level cyber security jobs is a little bit easier than obtaining an internship position, especially if you are interested in working for a federal, local government agency, or one of the military branches such as the Army.
For cyber security internships, you must be currently enrolled in an undergraduate program related to Computer Science or Information Security and have good grades and recommendation letters from your professors or related faculty members.
You will often have to fill out an application with the company you are interested in and compete in a competitive interview process. Most of the companies in the above listed top firms will have an internship program, since it provides them with a chance try you out at a low pay, and if they like you and see potential in you, have a sort of first dibs in hiring you before graduation.
Some internships are paid and some are unpaid depending on local laws and practices. Either way the knowledge, experience, and industry networking opportunities you gain are well worth the time investment on your part.
Your school may either facilitate these opportunities or provide credit for them. To find internships, visit your college career department or check online job boards. If you really want to be resourceful you can contact individual companies yourself.
For entry level jobs, the advice is the same. Entry-level jobs require secondary education and a security or networking certification at the very least. The work is likely to be the least glamorous, such as overnight systems analysis, technical support, and preventing and aiding in malware removal.
The pay will run between $45,000 and $60,000 but should provide full benefits. If you have hands-on experience working on Linux servers, white hat hacking, or setting up networks, be sure to mention it when you are being interviewed.
A Career In Security
To put it in laymen’s terms, a cyber security career is the equivalent of a security guard’s career such as one if you were employed by Securitas. You are in-charge of an organization’s virtual perimeter instead of physical perimeter. You are responsible in keeping the company you work for safe from outer and inner cyber crime attacks. Similar to how a security guard is in charge of keeping the company they work for protected from inside and outside intruders.
Have more questions regarding this career? Watch this short video for more information and post any questions you might in the comments below: