Employers are competing for skilled cyber security professionals, which is driving up salaries for people with the requisite skills and qualifications.
IT professionals in particular are in a good position to develop their career in information and cyber security as they already have an understanding of technical subject matters, but do not necessarily have the comprehensive knowledge and skills to deal with the vast range of security challenges.
If you are exploring opportunities to join this growing sector, here are a few things to consider:
What is cyber security?
Put simply, cyber security refers to the technologies, processes and mechanisms designed to protect systems, networks and data from attacks, damage and unauthorised access.
Rarely a week goes by without news of a major company or website being hacked. Cyber risks are increasing and cyber criminals use ever more sophisticated methods to attack businesses and state entities. This requires that organisations consider measures that stretch beyond technology, and that are informed by robust cyber security strategies and management systems.
Why join the sector?
The cyber security sector is relatively young and is still evolving, so it can be an exciting place to be. Salaries in the sector are high (if you have the right qualifications and experience) and jobs usually come with a lot of responsibility and opportunities to develop new skills, both technical and managerial. Despite being quite demanding, a job in the sector can also be very rewarding as you are helping organisations stay safe. Best of all, demand for skilled professionals isn’t likely to go away any time soon, so you can grow with the industry.
Job market – what jobs are available?
The jobs can range widely from ethical hacking and risk analysis roles that focus more on technical abilities, to information security management roles that require a broad range of skills from process management to understanding business needs and customer relations.
A brief look at a few prominent job sites suggests that penetration testers, technical security consultants and information security managers are among the most advertised positions.
Qualifications – what should I go for?
Naturally, the qualifications you need will depend on the career path you choose. CISSP and ISO 27001 are among the most desirable qualifications in the sector, according to the UK Government’s Cyber Security Skills report and recruitment sites.
If you are looking to land a job as an information security manager, a relevant qualification in ISO 27001 is a must. If you will be helping an organisation comply with the Payment Card Industry Data Security Standard (PCI DSS), you will also need to develop PCI DSS implementation skills.
As you develop your career and accumulate experience, you can consider more senior qualifications such as CISA, CISM and CISMP. The CISSP qualification will suit mid- and senior-level managers who are working towards, or have already attained positions as, CISOs, CSOs or senior security engineers.
CompTIA qualifications have also become important for a career in information security management, with more than 45,000 IT professionals from 147 countries holding a CompTIA qualification.
To find out more about the above qualifications, please visit the following information pages:
- ISO 27001 Learning Pathway
- PCI DSS Learning Pathway
- CISA Certification
- CISM Certification
- CISSP Certification
You can see the IT Governance training course schedule here.