5 Things You Should Know About a Career in Cybersecurity
By Will Erstad on 04/06/2017
Subverting international espionage. Protecting invaluable data. Defending computer networks from nefarious groups.
These may sound like scenes from your favorite prime time thriller. But believe it or not, a career in cybersecurity could put you in the position to do these things on a regular basis. It may sound exhilarating and glamorous on the surface, but there’s a lot more to it.
If you’re truly interested in pursuing a career in cybersecurity, there are some important factors you should know before making your decision. What does the career path look like? How do people get started in the field? What does a typical day actually look like?
We connected with cybersecurity professionals to gather some insight on what you can expect from a cybersecurity career.
Before pursuing a career in cybersecurity, you should know …
1. There is no “standard” career path
“Cybersecurity is in the Wild West stages, and that creates a lot of blue sky for those interested in shaping their career,” says Carlos Pelaez of Coalfire Systems Inc.
Compared to many industries, the information security field is still relatively less-established. This means there isn’t a strictly defined path to enter the industry. Information security has rapidly grown into its own career specialization as an offshoot from the world of information technology (IT), so it’s common to find experienced analysts who got their start working in an entry-level IT job like network administration or programming.
The good news for newcomers? The less-established nature of this field can create an environment that favors merit and technical knowledge over experience. That’s not to say experience isn’t important—it assuredly is—it’s just that a lack of it isn’t necessarily a deal-breaker for employers.
2. You’ll need to go above and beyond
Whether you’re just looking to break into an entry-level position or climb your way up the career ladder, you’re going to need to be proactive. This isn’t the type of field where you can just earn a degree, land a job and sit back in cruise control. You’ll need to find ways to stick out in a positive way.
One of the best and most notable ways for you to prove your value to employers is to earn industry certifications. The CompTIA Security+ certification as well as the Certified Information Systems Security Professional credential are both great options to start with.
Beyond certifications, Michael Gregg of Superior Solutions Inc., says it’s important for newcomers to build experience.
“Get all of the experience you can,” Gregg urges. “If you cannot find an opening, look for opportunities to volunteer your services to gain experience.” Gregg suggests looking into local organizations dedicated to information security, like the Information Systems Security Association (ISSA), to begin building your experience and professional network.
3. Security clearance can be a big deal
The United States government and the contractors who work for it represent a sizable portion of the cybersecurity labor force. But to work in one of these positions, you’ll almost certainly be required to obtain a security clearance to be permitted to work with government systems that may contain sensitive information. From the perspective of an information security professional, the security clearance system can be both a blessing and a curse.
“Maintaining a clearance can mean adherence to a rather strict personal lifestyle,” says Mike Meikle of SecureHIM. “Depending on clearance level, individuals will have to report who they speak to, when and where they travel, management of finances and debt as well as a host of other factors that could jeopardize their clearance.”
There’s certainly a lot of work and high standards for earning a security clearance, but earning one could be the key to opening the door to a wide array of exciting and in-demand government jobs.
4. The demand is strong
As the awareness of cybercrime and privacy breaches grows, professionals who can protect digital space with vigilance are sought after in nearly every industry. In fact, information security jobs are expected to increase by 28 percent through 2026, according to the Bureau of Labor Statistics(BLS). That’s four times the 7 percent average growth rate for all occupations.
The field is in need of professionals at the entry level and mid-level, according to Palaez. “Executive slots are already taken,” he explains, “so the real challenge is finding seniors and managers who know how to both do the work and coach the new staff.”
5. The learning never stops
You cannot rest on your laurels and hope to be successful in cybersecurity. New threats—and the measures to counter them—appear quickly, so it’s important for information security professionals to stay up to date. Gregg says this continual learning process is a factor of the job that cannot be ignored.
“Things change so quickly that the cyber field requires continual learning,” Gregg says. “I spend a considerable amount of time each week keeping up with what’s new and what the current attack vectors are.”
In this career you’ll need to find valuable resources to read up on. Fortunately, there are several helpful online resources and cybersecurity blogs to help you keep a pulse on new techniques, technologies and trends in the field. Palaez says that while it may seem overwhelming at first, the key is to find a specialized area of interest and dive deep into learning the tool, tactics and specific threats in this field. Government sources and industry events can also help you keep up to date throughout your career.
“I am a member of the FBI InfraGard and find that avenue to be great for receiving updates in a way where I can quickly absorb the information,” Palaez says. “I try to attend at least one event a month to hear from others in the field [about] what is new, as well as to gauge incoming trends.”
Join the defense
A career in cybersecurity clearly has its allure. There’s a significant demand for security professionals, and the work you do can be incredibly important. You’re on the front lines of defending private information from all kinds of trouble.
But it’s important to know that it takes a strong drive to not only learn the basics, but also keep up on new and emerging information security threats. If you think you have what it takes to make a difference, your first step is acquiring the skills and training needed to succeed in the field. Learn the importance of this in our article, Is a Cyber Security Degree Worth it? 3 Facts You Can’t Ignore.