In the last year, numerous reports have shared that the demand for cyber security professionals in the United States exceeds the actual number of skilled and trained professionals able to fill these roles.
Just recently, it was announced that the Pentagon is planning on recruiting 4,000 additional civilian and military personnel for the Department of Defense’s Cyber Command over the next several years, according to Computerworld’s Jaikumar Vijayan (January 29, 2013).<!- mfunc feat_school ->
In the Fall 2012, WANTED AnalyticsTM reported that there were 19% more online job ads for cyber security professionals posted in September 2012 compared to September 2011. (Among the over 4,500 job ads posted in September 2012, some of the most commonly used job titles were cyber security analyst, cyber security engineer, software engineer, systems engineer, senior cyber security analyst and information technology security analyst, stated WANTED AnalyticsTM.)
The demand for cyber security professionals is not limited to federal government employers, such as the Department of Defense (DOD), the FBI, the National Security Agency (NSA) or the Department of Homeland Security (DHS). “Experts said that financial service firms and utility companies have recently ramped up their focus on cybersecurity,” wrote Sarah Halzack for The Washington Post (September 30, 2012). “Law firms and health care organizations also would benefit from better cyber protection, given their troves of private client records…The need for cyber professionals across all industries is likely to continue to surge in the near future, hiring professionals say, and so, too, is the imperative to vie for talent.”
Obviously the job outlook looks very promising for those interested in entering an IT field related to security. But how does one go about starting their cyber security career path?
In an interview with M-Unition (December 6, 2012), a principal consultant with the information security company MANDIANT, Jed Britten, shared that he has observed three possible career paths for those interested in a cybersecurity profession. One possible path is formal and continuous education, which is what Britten did. Britten recommends that while pursuing a relevant degree, students should remain focused on their career goals. This can help students pick beneficial courses, network and complete internships related to their future career.
Britten added that joining the military and receiving cyber security training while in service is another successful career path. The third career path Britten describes as “follow[ing] your passion”. “They may have formal education, but it may not be in the career that they’ve chosen within security, so they get active in the community and push themselves into what they want to focus on,” stated Britten. “Having a mentor to look up to with this path is crucial as they can guide you and offer support.”
Lance Spitzner, cyber security expert and certified instructor with the SANS Institute, recommends that those looking to get into such a field should explore which sub-discipline they are most interested. “First, remember that information security is a very broad field with many different areas you can get involved in, such as network security, application security, system security, database security, human security, penetration testing, forensics, or even higher level policy issues,” he stated in an EDUCAUSE blog. “Passion is key here, if you are not passionate about an area you will not be good in it.” Determining which area you are most passionate about will certainly help you along your career path as it will define which degree, courses or continuous education you should complete, which forums to join, which conferences to attend and which certifications to gain, all leading to the skills and qualifications that will make you a successful employee. Spitzner also recommends volunteering your time to gain experience. “For example if there are any key tools in your field, offer to help coding patches, writing documentation or testing the tools and providing feedback,” said Spitzner. “As you learn more start publishing whitepapers or tools that can help others, perhaps help with and even present at security conferences.”
Additionally while completing your cyber security, computer information systems, information security, computer science or another related degree, DeVry University, in its cyber security career roadmap, recommends joining a relevant campus club and completing an internship.
There is not one single career path to becoming a cyber security professional. However, sheer determination and passion will help you research, network and learn the skills and steps necessary to becoming a successful leader in the field.