As technology continues to play a fundamental role in our day-to-day lives, it’s critical to protect the technology that we use, including data, applications, networks, and devices. It’s also increasingly important to educate technology end-users about the steps they should take to keep themselves safe, as well as to effectively plan a response for when—not if—something bad happens.
Cybersecurity careers allow individuals to help public and private organizations protect their information and assets from a broad range of cyberattacks. According to TechTarget’s technology dictionary WhatIs.com, these types of attacks include (but are not limited to) the following:
- Ransomware: Taking a victim’s computer files, often through an insecure network or device, and demanding a ransom payment to get them back.
- Malware: Installing malicious software, such as virus or worm, on a victim’s computer.
- Social engineering: Tricking victims into breaking security policies in order to provide access to sensitive information.
- Phishing: Sending fraudulent emails that appear to come from reliable sources in order to get users to give up sensitive or personal information.
The Impact of Cybersecurity Professionals
When cyberattacks happen, organizations are fined, executives lose their jobs, customers may take their business elsewhere, and an organization’s credibility and public perception takes a hit. By maintaining an organization’s security strategy and operations, cybersecurity experts help a company avoid the headaches that come with a cyberattack.
In 2017, for example, the WannaCry ransomware attack shut down parts of the United Kingdom’s National Health Service, and the Equifax data breach impacted nearly half of Americans. Early 2018 saw the Meltdown and Sceptre attacks, which exposed vulnerabilities in smartphones as well as desktop computers.
Interestingly, organizations are not only under attack from external hackers. Internal cyberthreats, in the form of data leaks or employee sabotage, also pose a large risk for businesses. Cybersecurity professionals are responsible for protecting an organization’s valuable information, customers, and brand reputation and brand by preventing these data breaches.
Beyond just reputation damage, cybercrimes significantly impact the global economy. According to The Center for Strategic and International Studies, close to $600 billion (nearly one percent of global GDP) is lost to cybercrime each year—a number that is swiftly increasing as cybercriminals adopt new technologies and leverage the latest digital currencies. Cybersecurity professionals are constantly searching for novel ways to anticipate and respond to these crimes.
Skills and Education Needed for a Successful Cybersecurity Career
Cybersecurity careers come with a lot of responsibility, as they involve protecting an organization’s information assets and complex IT systems. Professionals in these roles need to know the basics of IT and security. Experience with data analysis and engineering, especially in multiple programming languages, is also a plus.
Cybersecurity professionals also need to stay on top of industry trends. Cybersecurity trends for 2018 and beyond include focusing on specific attacks on internet-connected devices and outdated operating systems, which are particularly vulnerable, and proactively planning a disaster recovery response in the event of an incident.
Most jobs in cybersecurity typically require a bachelor’s degree in cybersecurity, information technology, or computer science.
Advanced degrees, such as a Master of Science in Cybersecurity, provide more specialized training in vulnerability analysis, criminology, social science, planning security strategy, and effectively communicating with management about key cybersecurity trends. These degree programs benefit cybersecurity professionals who seek management or executive positions, as well as anyone who wants to develop security products.
In addition, cybersecurity certificate programs can benefit anyone seeking more specialized instruction in network security, digital forensics, risk management, or the legal and ethical challenges of cybersecurity. This education can help professionals to advance their cybersecurity careers in their current roles, or to begin the process of obtaining a Master of Science degree.
10 High-Paying Cybersecurity Careers
If employees are willing to take on the responsibility to defend organizations against cyberattacks, then employers are willing to compensate them well. According to the U.S. Bureau of Labor Statistics (BLS), the median pay for an information security analyst, a common cybersecurity career, is more than $95,000.
Depending on the type of cybersecurity role, and the level of specialization the role requires, average salaries can vary. Here’s a look at some of the highest-paying cybersecurity careers, along with a description of the type of work you can expect to do in these roles.
Salary estimates are based on figures provided by IT staffing firm Mondo and research firm PayScale. Job descriptions come from Mondo and Tripwire, a vendor of security and compliance software products.
Salary Range: $50,000 to $120,000
These cybersecurity professionals help organizations understand the malicious software threats that they face, identify software products and services that can prevent intrusions, and work quickly to detect and mitigate intrusions when they do happen.
Salary Range: $55,000 to $125,000
This role analyzes information taken from an organization’s computers, networks, and connected devices to detect potential intrusions. Professionals in this role should be comfortable collaborating with law enforcement agencies to assist with investigations; knowledge of cryptography is also beneficial.
Salary Range: $80,000 to $130,000
In this role, an employee designs tests to identify security vulnerabilities and evaluate overall cybersecurity effectiveness. According to Mondo, this role is in high demand, so average salaries should rise over time.
Salary Range: $85,000 to $155,000
This role builds and maintains the computer and network security infrastructure for an organization. This requires extensive knowledge of security frameworks, which can be obtained through certificate programs or other professional development efforts.
Salary Range: $85,000 to $195,000
In this role, employees implement IT security measures, allocate resources to a security department, create employee and end-user security education campaigns, and assist law enforcement in the event of an external incident investigation.
Information Systems Security Engineer
Salary Range: $90,000 to $150,000
These cybersecurity professionals perform security tests, keep networks free of viruses and malware, and set security system protocol for a company.
Network Security Analyst
Salary Range: $90,000 to $150,000
This role manages the security of a company’s computer network and information systems. In industries that rely on the safety of Internet-connected devices— including healthcare, transportation, and energy— organizations often look for more experienced professionals.
Salary Range: $90,000 to $185,000)
This is a generalist role focused on protecting against the wide range of cyberattacks, based on data-driven analysis of present and future trends. The senior roles that command a higher salary typically involve strategic planning.
Application Security Engineer
Salary Range: $100,000 to $210,000
This cybersecurity role monitors all the software applications that an organization uses, making sure that privacy and compliance policies are up to date. Organizations that use automated software for analytics or operations, as well as organizations that use software hosted on cloud servers, look for more experienced engineers.
Chief Information Security Officer (CISO)
Salary Range: $105,000 to $255,000
The CISO oversees the IT security department. This role requires a background in IT strategy, security architecture, management, and communication. The wide salary range for this role stems from factors such as the size of the organization and its security team to the executive bonus and profit-sharing structures, which can add more than $85,000 to a base salary.
Information Systems Security Manager
Salary Range: $120,000 to $180,000
Cybersecurity professionals in this role command a high salary because they manage the systems that contain an organization’s exclusive or proprietary information, which is often of particular interest to hackers.
Another possibility for a cybersecurity career is that of a consultant. Organizations hire these outside experts to help implement security products and develop security strategies. Cybersecurity consultant salaries vary from $50,000 to $150,000, according to PayScale; some may do this work on a part-time basis as part of a career or life change.
Cybersecurity Careers Are Everywhere
It’s also important to consider where to find a job in cybersecurity. You might think that most domestic cybersecurity careers are found only in technology hubs like Silicon Valley and the Boston area. However, a recent analysis by the job posting site Indeed found that those metro areas rank number seven and eight, respectively, in U.S. job postings for cybersecurity roles, meaning there are cybersecurity roles to be found no matter where you are located.
The Washington, D.C. metro area topped the list, which is not surprising when you consider the importance of protecting data for the Department of Defense, other federal agencies, and third-party government contractors. Baltimore ranked number four for similar reasons, as the city is home to large offices for the Social Security Administration and the Centers for Medicare & Medicaid Services.
Meanwhile, the other metro areas in the top five (New York, Dallas/Fort Worth, and Chicago) are home to the headquarters of many Fortune 500 companies. This shows that cybersecurity careers are not just technology jobs—they are jobs in industries such as government, finance, healthcare, energy, and transportation.
What’s more, the U.S. Bureau of Labor Statistics expects the number of all cybersecurity jobs to grow by 28 percent between 2016 and 2026. That’s four times the national average for all industries over the same 10-year span.
Interested in helping protect global organizations from cyberthreats? Explore Northeastern’s graduate programs in Cybersecurity and learn how a degree can help you advance your career.