- There is no one linear path to a successful career in cybersecurity. Some people enter the security field straight out of college, while others transition from another IT role.
- No matter where you start, all cybersecurity careers begin with general IT experience.
- You need to understand how technology works before you can learn how to secure and protect it.
Entry-level IT jobs that pave the way for a cybersecurity career include:
- Systems administrator
- Database administrator
- Web administrator
- Web developer
- Network administrator
- IT technician
- Security administrator
- Network engineer
- Computer software engineer
- You’ll also need to supplement what you learn on the job with outside training and education. In fact, 35 percent of cybersecurity jobs require an industry certification, compared to 23 percent of IT jobs overall.
- Most management-level cybersecurity jobs are highly specialized.
- The more you can focus your expertise by seeking out specific industries and certifications, the more attractive you’ll appear to companies looking for those particular skill sets.
- If you’re passionate about problem-solving and creating big-picture strategies, the security architect career path is for you.
- A security architect is tasked with designing, building and implementing network and computer security for an organization.
- Security architects are responsible for creating complex security structures and ensuring that they function properly. They design security systems to combat malware, hacker intrusions and DDoS attacks.
- In the United States, the average salary for this position is $118,681. Security architects are expected to have 5-10 years of relevant experience, with 3-5 of those years dedicated to security.
- To become a security architect, you might follow a career path similar to this:
- Earn a bachelor’s degree in computer science, information technology, cybersecurity or a related field. Or, gain equivalent experience with relevant industry certifications.
- Enter the IT field as a security administrator, systems administrator or network administrator.
- Get promoted to a mid-level role as a security engineer or analyst.
- Enter a security architect role.
As a security architect, you’ll be required to:
- Plan, research and design durable security architectures for various IT projects.
- Develop requirements for networks, firewalls, routers and related network devices.
- Perform vulnerability testing, security assessments and risk analysis.
- Research and implement the latest security standards, systems and best practices.
Recommended Training for Security Architects
- Because the security architect role is a senior-level position, employers will look for accredited security certifications on your résumé.
- Professional cybersecurity training and certifications will help you accelerate your career path and stand out to potential employers.
- These certifications reinforce the essential skills required for the security architect role, such as network security and architecture, vulnerability testing and risk management.
Beginner:
- CompTIA Security+
Intermediate:
- Certified Ethical Hacker (CEH)
Advanced:
- EC-Council Certified Security Analyst (ECSA)
Expert:
- Certified Information Systems Security Professional (CISSP)
- Penetration testers (also known as ethical hackers) look for weaknesses in IT systems, networks and applications using the same knowledge and tactics as criminal hackers. Penetration testers use a series of tools to simulate real-life cyberattacks, identify weak spots and help organizations improve their security posture.
The average salary for a penetration tester is $79,000.
Many penetration testers and ethical hackers follow a career path that looks like this:
- Earn a bachelor’s degree in computer science, information technology, cybersecurity or a related field. Or, gain equivalent experience with relevant industry certifications.
- Pursue an entry-level role as a security administrator, system administrator or network engineer.
- Master specialized ethical hacking skills with training and certifications.
- Enter a penetration tester or ethical hacker role.
- Get promoted to a senior penetration tester role, security consultant or security architect.
As a penetration tester, you’ll be expected to:
- Perform penetration tests on web applications, networks and computer systems
- Uncover security holes and pinpoint the methods attackers could use to exploit system weaknesses
- Research, document and discuss findings with management and IT teams
- Design and implement new penetration tools and tests
- Recommended Training for Penetration Testers
- Cyberattacks are always evolving, so your knowledge should be, too.
- These training courses will teach you everything you need to know about modern ethical hacking practices, operating systems, software, communications and network protocols.
Beginner:
- CompTIA Security+
Intermediate:
- Certified Ethical Hacker (CEH)
Advanced:
- CompTIA Advanced Security Practitioner (CASP)
- EC-Council Certified Security Analyst (ECSA)
Expert:
- Certified Information Systems Security Professional (CISSP)
Learn more about what it takes to become an ethical hacker.
Cybersecurity Job TypesSince the demand for digital protection is massive, it’s not surprising that the job outlook for cybersecurity professionals is excellent. According to the 2018 ICS2 Cybersecurity Workforce Study, there was a shortage of 454,800 cybersecurity professionals to fill open jobs in the U.S. alone.
Globally, that number was 2.93 million. Fortunately for technology job seekers, the cybersecurity field encompasses many unique roles and career paths. Let’s look at some of the possible roles in cybersecurity:
- Security generalist
- Network security engineer
- Cloud security engineer
- Application security
- Identity and Access Management (IAM) engineer
- Security architecture
- Penetration tester
- Malware/forensics analyst
- Incident response analyst
- Cryptographer
- Security trainer
- Security auditor
- Governance, Risk and Compliance professional
Keep in mind, these are only a handful of careers available in cybersecurity. The possibilities are nearly endless. Additionally, there are many other technology fields that are not security-focused but will benefit from having the knowledge of a security professional in key roles.
Getting Started in a Cybersecurity Career- So, what does it look like to get started in a cybersecurity career?
- Whether you are thinking about making a total career change or you’re in the technology industry already and are looking to gain the knowledge needed to do a little course correction, you will need to do some planning and training.
- The short answer to this question is: no. While a college degree may be helpful, it isn’t always required. In fact, the whole cybersecurity industry was really started by people who worked hard and had IT experience but didn’t have college degrees.
- Many of the people you find in cybersecurity roles today don’t have degrees, but they do have knowledge and experience. You can easily get the education you need to get started in cybersecurity through training and earning certifications in various security-related areas.