Network World - This is a great time to consider a new career as a cybersecurity professional. According to CIO magazine, experts in cybersecurity are among the most sought-after professionals in the tech sector, with demand for workers in that field outpacing other IT jobs by a wide margin.
According to a recent report from Burning Glass Technologies, the demand for cybersecurity professionals has grown more than 3.5 times faster than the demand for other IT jobs over the past five years and more than 12 times faster than the demand for all other non-IT jobs. Current staffing shortages are estimated between 20,000 and 40,000 and are expected to continue for years to come.In a recent Network World blog post, John Oltsik of The Enterprise Strategy Group (ESG) confirms the severe shortage of skilled people in this field. ESG just completed a survey on 2014 IT spending intentions, and results show that 42% of responding organizations intend to increase headcount in information security. This is the highest percentage of all IT skillsets in demand.
Moreover, 25% of all organizations surveyed claim to have a “problematic shortage” of information security skills. The shortage is especially acute in the government, manufacturing, financial services, retail/wholesale, and healthcare industries. This is not surprising, given the vast amount of sensitive (and monetizable) data in those organizations, and the high regulatory pressure to secure that data.
(For more insight from Oltsik on this topic, also see What CISOs can do about the cybersecurity skills shortage and Cybersecurity Skills Haves and Have Nots.)
As the law of supply and demand dictates, people with good cybersecurity skills have great earning potential. A new survey by Semper Secure, a public-private partnership in Virginia formed to advance the cybersecurity profession, reports the average salary for U.S. security professionals to be $116,000, or approximately $55 per hour. That's nearly three times the national median income for full-time wage and salary workers, according to the Bureau of Labor Statistics.
Of course, salaries vary according to skills, experience, geographic location and employer, but even junior level cybersecurity professionals can earn good pay. Here are just three examples of compensation from the Cyber Security Salary Calculator:
• Deputy CIO/CISO/CTO
o 15 to 19 years of experience
o Metropolitan Washington, DC area
o Doctorate or Post-Doctorate degree
o Five or more relevant certifications
o Average salary: $142,826
• Mid-Level Cybersecurity Manager
o 5 to 9 years of experience
o California
o Bachelor’s degree
o Two relevant certifications
o Average salary: $111,529
• Junior Level Non-IT Management professional
o Less than 1 year of experience
o Minnesota
o Associate’s degree
o No relevant certifications
o Average salary: $91,124
When it comes to professional certifications, the most popular (in terms of what people hold, not what employers demand) are:
• CISSP: Certified Information Systems Security Professional issued by (ISC)2
• CCNP Security: Cisco Certified Network Professional Security issued by Cisco Corporation
• CEH: Certified Ethical Hacker issued by EC-Council
If you already have some entry-level skills and want to find a job in the cybersecurity field, consider participating in the first National Cybersecurity Career Fair (NCCF) presented by Cyber Aces. Taking place June 18 and 19, 2014, NCCF is an innovative virtual meeting place for the top cybersecurity employers and cybersecurity jobseekers in the United States. The purpose of this event is to bring people and employers together in a virtual meeting setting in order to help fill some of the many open cybersecurity positions all across the country. The career fair is co-sponsored by SANS Institute, the US Cyber Challenge, the Council on Cyber Security, the Center for Internet Security and SC Magazine.
There is no cost for individuals to participate; you simply need to register and provide a profile of your work experience and upload a resume.
Though the career fair spans two days, you can come and go for the activities you choose to attend. The main page of the website will direct you into a networking lounge. From there you can look at a national job board, apply for jobs, and check the schedule for employer web and video chats. Employer participants have their own booths where they can meet virtually with candidates for employment, show videos about the company, and post materials specific to the organization or their available jobs.
As a special incentive to get people to participate in the NCCF, SANS Institute is giving each job candidate the opportunity to stand out by taking theSANS Cyber Talent exam for free. This exam usually costs $2,500 and is a way to measure your aptitude for work as a cybersecurity professional. If you do well on the exam, you can upload your score to your career fair profile to attract more attention to yourself.
If you are novice enough to cybersecurity that you don’t feel ready to put yourself out there for the June career fair, then consider taking online training from Cyber Aces starting this fall. Cyber Aces is a non-profit organization dedicated to identifying and encouraging individuals with an aptitude for information security to refine their skills and talent. While SANS Institute serves people with advanced level cybersecurity skills, Cyber Aces caters to people who are still learning the core fundamentals of cybersecurity, with a special focus on veterans who are just entering the job market, college students, and adults who want a career change.
The organization’s main program is called Cyber Aces Online, and it involves three training modules covering operating systems, networking, and system administration. Each of these modules designed by SANS Institute involves some video, some online study materials as well as being able to conduct study practices online. These tools can help you learn the fundamentals to start you on your way to becoming a cybersecurity professional. Once you’ve gone through the Cyber Aces Online program, you can choose to continue your education or look for an entry-level position. With as many as 40,000 open positions in this country alone, the opportunities are endless.
Linda Musthaler is a Principal Analyst with Essential Solutions Corp.) which researches the practical value of information technology and how it can make individual workers and entire organizations more productive. Essential Solutions offers consulting services to computer industry and corporate clients to help define and fulfill the potential of IT.
