The constantly evolving threats from both hackers and state-sponsored actors, along with the expanding attack surfaces seen in the widespread adoption of IoT (internet of things devices), has led to a huge shortage of labor in the cyber security field. “The demand for the (cybersecurity) workforce is expected to rise to 6 million (globally) by 2019, with a projected shortfall of 1.5 million,” noted Symantec CEO Michael Brown. Now is the perfect time to be exploring options in cyber security careers.
According to Steve Morgan, Editor-In-Chief of the Cybersecurity Market Report, the demand for cybersecurity will result in over a million job openings in 2016 alone as the growing cyber security market continues to soar with a projected growth from $75 billion in 2015 to a $170 billion by 2020.
Increasingly common cases of state-sponsored corporate espionage and the growth of cloud computing have had a growing impact on the need for more security professionals to secure the data. As a result, organizations of all verticals are rushing to improve and increase their security stacks as new platforms, operating systems and devices emerge and need to be integrated into their business fold. Careers in cyber security, which has been a traditional concern for finance, federal and security verticals, will be exploding as the ease of payments and universal logins expands to every application and service outside of the traditional security focal points.
According to the Bureau of Labor Statistics by Peninsula Press, a project of the Stanford University Journalism Program, over 200,000 cybersecurity jobs in the United States remain vacant as the amount of cybersecurity posting has increased 74% over the previous 5 years. With this massive demand for security professionals, what skills are companies looking for and what salaries can be expected for developers willing to put on a cape and become cybersecurity champions?
Jobs in the field of cyber security are outpacing job creation in all other aspects of cybersecurity and can pay up to $6,500 USD more annually, or almost 10% more, than the average salary of average IT workers. While many job positions in cybersecurity will require additional certifications, such as the CISSP, it’s far from impossible to migrate into a security position from other IT focuses. For newcomers to the IT field, there is also room to start out on a cybersecurity career path beginning with an entry level role as a security analyst.
Certified Information Systems Security Professional (CISSP) certification requires at least 5 years of direct work in the information security domains which keeps it out of reach for newcomers to the cybersecurity field. CISSP certification is definitely worth pursuing for anyone looking to begin a career in cyber security as it is one of the best-paid credentials in IT.
For developers who want to augment their careers by switching into the field of cyber security, there are many resources and certifications available. A great place to start is by browsing Dark Reading’s 10 Security Certifications To Boost Your Career. Here, you can quickly assess which certifications are within your toolset and attainable as some cyber security certifications, such as the CISSP, require years of prior experience in the field of information security.
The field of cyber security is broad and continues to expand. Here is a sample of some of the possible career paths for IT folks who are thinking of moving from building code to defending it. More information can be found on this security career thread on StackExchange:
As a legal hacker, a penetration test works to find security threats in web applications, networks and systems. Day to day tasks for penetration testers include pinpointing potential attack vectors that could be used by hackers, simulating cyber attacks that are found in the wild, working with organizations to find and address security issues and other tasks critical to helping organizations find and fix possible exploits.
CyberDegrees.org lists the following as possible future career paths for pen testers:
Read about 13 Helpful Pentesting Resources here.
Security analysts work to implement and upgrade security measures, recommend third party tools, maintain data and monitor security access, work to reduce security threats and manage numerous other security related projects and initiatives. As opposed to systems administrators, who ensure that the IT systems are running properly, security analysts analyze data and may recommend changes to protocols, tools and methodologies, but would not be the ones that implement them.
Possible future career paths for security analysts:
Other possible career paths include security consultant, security code auditor, cryptographer and more.
For a list of cyber security career opportunities working with us at Checkmarx, click here.
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.