Forrester Report: Why to automate AppSec now.

Cyber Security Today: Career Paths, Salaries and In-Demand Job Titles

The constantly evolving threats from both hackers and state-sponsored actors, along with the expanding attack surfaces seen in the widespread adoption of IoT (internet of things devices), has led to a huge shortage of labor in the cyber security field. “The demand for the (cybersecurity) workforce is expected to rise to 6 million (globally) by 2019, with a projected shortfall of 1.5 million,” noted Symantec CEO Michael Brown. Now is the perfect time to be exploring options in cyber security careers.


According to Steve Morgan, Editor-In-Chief of the Cybersecurity Market Report, the demand for cybersecurity will result in over a million job openings in 2016 alone as the growing cyber security market continues to soar with a projected growth from $75 billion in 2015 to a $170 billion by 2020.

Increasingly common cases of state-sponsored corporate espionage and the growth of cloud computing have had a growing impact on the need for more security professionals to secure the data. As a result, organizations of all verticals are rushing to improve and increase their security stacks as new platforms, operating systems and devices emerge and need to be integrated into their business fold. Careers in cyber security, which has been a traditional concern for finance, federal and security verticals, will be exploding as the ease of payments and universal logins expands to every application and service outside of the traditional security focal points.

The Bottom Line: The Advantage of being a Developer with Security Knowledge


According to the Bureau of Labor Statistics by Peninsula Press, a project of the Stanford University Journalism Program, over 200,000 cybersecurity jobs in the United States remain vacant as the amount of cybersecurity posting has increased 74% over the previous 5 years. With this massive demand for security professionals, what skills are companies looking for and what salaries can be expected for developers willing to put on a cape and become cybersecurity champions?

cyber security careers: appsec champion
Become an application security champion by upgrading your IT career into the security field.

In Demand Cyber Security Job Titles  

Jobs in the field of cyber security are outpacing job creation in all other aspects of cybersecurity and can pay up to $6,500 USD more annually, or almost 10% more, than the average salary of average IT workers. While many job positions in cybersecurity will require additional certifications, such as the CISSP, it’s far from impossible to migrate into a security position from other IT focuses. For newcomers to the IT field, there is also room to start out on a cybersecurity career path beginning with an entry level role as a security analyst.  

Top salaries for Cyber security careers

Certified Information Systems Security Professional (CISSP) certification requires at least 5 years of direct work in the information security domains which keeps it out of reach for newcomers to the cybersecurity field. CISSP certification is definitely worth pursuing for anyone looking to begin a career in cyber security as it is one of the best-paid credentials in IT.


The Top 10 in-demand roles in Cyber Security:


  1. Security Engineer
  2. Security Analyst
  3. Information Security Analyst
  4. Information Security Engineer
  5. Network Security Engineer
  6. Information Technology Security Analyst
  7. Information Security Manager
  8. Information Assurance Engineer
  9. Senior IT Auditor
  10. Security Administrator

Top Recruiters for Cyber security careers

How to upgrade your IT Career with Cyber Security Awareness

For developers who want to augment their careers by switching into the field of cyber security, there are many resources and certifications available. A great place to start is by browsing Dark Reading’s 10 Security Certifications To Boost Your Career. Here, you can quickly assess which certifications are within your toolset and attainable as some cyber security certifications, such as the CISSP, require years of prior experience in the field of information security.


Choosing which is the right IT Cyber Security Career Path.


The field of cyber security is broad and continues to expand. Here is a sample of some of the possible career paths for IT folks who are thinking of moving from building code to defending it. More information can be found on this security career thread on StackExchange:


Penetration Tester (Ethical Hacker)

As a legal hacker, a penetration test works to find security threats in web applications, networks and systems. Day to day tasks for penetration testers include pinpointing potential attack vectors that could be used by hackers, simulating cyber attacks that are found in the wild, working with organizations to find and address security issues and other tasks critical to helping organizations find and fix possible exploits. lists the following as possible future career paths for pen testers:


  • Senior Penetration Tester
  • Security Consultant
  • Security Architect


Read about 13 Helpful Pentesting Resources here.


Security Analyst

Security analysts work to implement and upgrade security measures, recommend third party tools, maintain data and monitor security access, work to reduce security threats and manage numerous other security related projects and initiatives. As opposed to systems administrators, who ensure that the IT systems are running properly, security analysts analyze data and may recommend changes to protocols, tools and methodologies, but would not be the ones that implement them.  


Possible future career paths for security analysts:

  • Security Architect
  • Security Engineer
  • Security Manager
  • Security Consultant


Other possible career paths include security consultant, security code auditor, cryptographer and more.


jumping 1

For a list of cyber security career opportunities working with us at Checkmarx, click here.

Jump to Category