Cybersecurity professionals are in demand. According to a study by the cybersecurity professional organization (ISC)², there are some 3.1 million unfilled positions worldwide . Cybersecurity jobs take an average of 20 percent longer to fill than other IT jobs. They also pay 16 percent more on average, according to data from Burning Glass Technologies .
Working in the cybersecurity field also gives you the chance to work in a fast-paced environment where you continually learn and grow. Cybersecurity might be worth considering if you’re already in the world of information technology (IT) or looking to make a career switch.
This article will look at some of the many roles available to cybersecurity professionals. We’ll also discuss how to get started in cybersecurity and what your career path might look like.
All salary data represents average annual salaries in the US, according to Glassdoor (July 2022).
In the context of cybersecurity, “entry-level” can be a bit of a misnomer. For some roles, the National Security Agency (NSA) defines entry-level as requiring a bachelor’s degree plus up to three years of relevant experience—less with higher-level degrees. With a high school diploma or GED, you’ll likely need between four and seven years of relevant experience on your resume.
Most cybersecurity professionals enter the field after gaining experience in an entry-level IT role. Here are a few of the most common entry-level jobs within the bigger world of cybersecurity.
Average salary: $114,238
Feeder role: Network or systems administrator
As an information security analyst, you help protect an organization’s computer networks and systems by:
Monitoring networks for security breaches
Investigating, documenting, and reporting security breaches
Researching IT security trends
Helping computer users with security products and procedures
Developing strategies to help their organization remain secure
This is among the most common roles on a cybersecurity team and an excellent entry point into the world of information security.
Common certifications: CompTIA Security+, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH)
Related job titles: Cybersecurity analyst, IT security analyst
Start building the job-ready skills you need for an entry-level role as an information security analyst with the IBM Cybersecurity Analyst Professional Certificate. Learn from top cybersecurity professionals at IBM, and earn a credential for your resume in less than six months.
Average salary: $110,505
Feeder role: Networking, IT support, systems engineering
In this role, you’re the company’s point person for security, ensuring that data remains secure against unauthorized access and cyberattacks. Responsibilities for security specialists vary from organization to organization but may include:
Testing and maintaining firewalls and antivirus software
Implementing security training
Researching new security risks
Suggesting improvements for security weaknesses
Common certifications: CompTIA Security+, Systems Security Certified Practitioner (SSCP), GIAC Security Essentials (GSEC)
Related job titles: Cybersecurity specialist, information security specialist
Average salary: $83,643
Feeder role: IT support, risk analyst
If you enjoy seeking clues to solve a puzzle, this role might be for you. Digital forensic investigators retrieve information from computers and other digital devices to discover how an unauthorized person accessed a system or to gather evidence for legal purposes. Day-to-day tasks might include:
Collecting, preserving, and analyzing digital evidence
Recovering data from erased or damaged hard drives
Documenting the data retrieval process and maintaining chain of custody
Assisting law enforcement in criminal investigations
Providing expert testimony in court proceedings
Common certifications: GIAC Certified Forensic Analyst, EnCase Certified Examiner (EnCE), AccessData Certified Examiner (ACE)
Related job titles: Computer forensic specialist, cyber forensic specialist, digital forensics analyst
Average salary: $103,465
Feeder role: Network administrator, risk analyst, IT support
As an IT auditor, you’ll assess your organization’s technology for potential issues with security, efficiency, and compliance. Some of your regular tasks might include:
Planning and performing audits
Documenting and presenting audit findings
Providing guidance on recommended and mandatory security measures
Designing plans to fix any security risks
Identifying opportunities for better efficiency
Common certifications: Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA)
Related job titles: Internal IT auditor, security auditor
As you gain experience in cybersecurity, several paths can open up for advancement into more specialized roles. These are just a few options for mid-level and advanced cybersecurity professionals.
Average salary: $104,281
Feeder role: Systems administrator, information security analyst
In this role, you’re typically put in charge of the day-to-day operations of an organization’s cybersecurity systems. Your responsibilities might include:
Monitoring systems and running regular backups
Managing individual user accounts
Developing and documenting security procedures for the organization
Collaborating with security teams to respond to unwanted intrusions
Participating in company-wide security audits
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
Related job titles: Security administrator, cybersecurity administrator, information security officer
Average salary: $109,097
Feeder role: Information security analyst, incident responder
As a penetration tester (pen tester for short), you’ll help businesses identify their security weaknesses before malicious hackers can do the same. You do this by attempting to breach computer networks with the company’s permission. Tasks might include:
Planning, designing, and carrying out penetration tests
Creating reports on test results and offering recommendations to security decision-makers
Developing scripts to automate parts of the testing process
Conducting social engineering exercises (attempting to get company employees to disclose confidential information)
Providing technical support during incident handling
Common certifications: Certified Ethical Hacker (CEH), CompTIA PenTest+, GIAC Certified Penetration Tester (GPEN)
Related job titles: White hat hacker, ethical hacker, vulnerability assessor
Average salary: $117,249
Feeder role: Information security analyst, penetration tester
In this role, you design the systems to keep a company’s computers, networks, and data safe from cyber attacks to natural disasters. These security systems might include elements like firewalls and intrusion detection systems. Day-to-day tasks might include:
Developing security standards and best practices
Recommending security enhancements to management
Ensuring new security systems are installed and configured correctly
Testing security solutions
Leading incident response teams
Develop programs to automate vulnerability detection
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)
Related job titles: Cybersecurity engineer, network security engineer, information security engineer
Average salary: $166,531
Feeder role: Security engineer, information security analyst
As a security architect, you set the vision for a company’s security systems. This role combines programming, threat research, and policy development to keep an organization a step ahead of threats. Your responsibilities might include:
Building and maintaining security networks and systems
Preparing budgets and overseeing security expenses
Coordinating security operations across IT and engineering departments
Improving systems in response to security incidents or vulnerabilities
Conducting breach of security drills
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CSA Certificate of Cloud Security Knowledge (CCSK)
Related job titles: Cybersecurity architect, information security architect
Average salary: $117,862
Feeder role: Computer programmer, information security analyst, systems administrator
Working in cryptography involves securing data for communication and information exchange. Cryptologists create encryption algorithms, ciphers, and other security protocols to encrypt data. Cryptanalysts decrypt information that has been coded. Common tasks in this role include:
Developing new cryptographic algorithms
Analyzing existing algorithms for vulnerabilities
Implementing encryption solutions
Testing new encryption techniques and tools
Common certifications: EC-Council Certified Encryption Specialist (ECES)
Related job titles: Cryptologist, cryptanalyst, cryptography engineer
Average salary: $138,642
Feeder role: Information security analyst, security administrator
In this cybersecurity leadership position, you’re responsible for overseeing the security infrastructure at your organization. This might include:
Managing human and technological resources
Tracking changes to internal and external security policy
Ensuring compliance with security rules and regulations
Sourcing cybersecurity tools for the organization
Leading risk mitigation efforts
Common certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
Related job titles: Information security manager
While requirements for cybersecurity jobs vary widely from company to company, you might notice some common trends. Let’s take a closer look at some of the requirements and how you can go about meeting them to get your first cybersecurity job.
Many jobs in security list a bachelor’s degree in computer science, information technology, or a related field as a requirement. While degrees are common among professionals in the cybersecurity industry, they’re not always required. An (ISC)² survey of 1,024 cybersecurity professionals in the US and Canada found that more than half felt that an education in cybersecurity is “nice to have” but not “critical.” About 20 percent of those surveyed with less than three years of experience had only an associate or technical degree .
Having a bachelor’s or master’s degree can often create more job opportunities, make you a more competitive candidate in the cybersecurity job market, or help you advance in your career. Some degree programs, like the Online Master of Computer Science from Arizona State University (available on Coursera), let you concentrate your studies in cybersecurity.
According to a study on cybersecurity hiring by Burning Glass Technologies, more than half of all cybersecurity job postings request at least one certification . You’ll find more than 300 different certifications, and the quality isn’t always the same.
If you’re new to cybersecurity, consider starting with a more foundational certification, like the CompTIA Security+. From there, you can begin gaining the necessary work experience to earn more advanced certifications.
Read more: 10 Popular Cybersecurity Certifications
With so many cybersecurity positions to fill, having the right skills can go a long way toward securing you a job. To prepare for a cybersecurity role, start building your technical and workplace skills through online courses, boot camps, or self-study. These skills are a good place to start:
Programming (especially scripting) languages
More than half of the security professionals surveyed by (ISC)² got their start in cybersecurity through an entry-level role in IT. Getting started as an IT support technician or network administrator allows you to establish yourself within an organization and build up your technical skills before taking on the added responsibilities of a security role.
The National Security Agency (NSA) also offers Development Programs in Cybersecurity Operations and Cybersecurity Engineering. These three-year, full-time, paid roles help participants build their skills or switch to a new career.
When you’re ready to start looking for jobs in cybersecurity, expand your search beyond the usual job sites (LinkedIn, Indeed, ZipRecruiter, etc.). You’ll find a couple of sites that specialize in cybersecurity and tech job postings, including:
If you’re interested in a high-demand career in cybersecurity, start building the skills you need with the IBM Cybersecurity Analyst Professional Certificate on Coursera. Get hands-on experience through virtual labs and real-world case studies. Learn from industry experts, and earn a credential for your resume in less than six months.
Get ready to launch your career in cybersecurity. Build job-ready skills for an in-demand role in the field, no degree or prior experience required.
78,302 already enrolled
Average time: 8 month(s)
Learn at your own pace
Skills you'll build:
information security analyst, IT security analyst, security analyst, Junior cybersecurity analyst, Information Security (INFOSEC), IBM New Collar, Malware, Cybersecurity, Cyber Attacks, database vulnerabilities, Network Security, Sql Injection, networking basics, scripting, forensics, Penetration Test, Computer Security Incident Management, Application Security, threat intelligence, network defensive tactics, cyber attack, Breach (Security Exploit), professional certificate, cybersecurity analyst
Demand for cybersecurity professionals has been consistently high in recent years, according to an analysis from Cybersecurity Ventures, and because of a lack of qualified candidates, the number of cybersecurity job openings remains high . This is good news for qualified cybersecurity job seekers, as it means that getting a job in their chosen field might not be as difficult as it might be for someone facing a job market with fewer openings than qualified job seekers.
However, while there are millions of career opportunities for qualified cybersecurity professionals , gaining the necessary job skills can be challenging. About 89 percent of cybersecurity jobs require a bachelor’s or graduate degree in addition to a few years of relevant experience. Many cybersecurity professionals gain entry into the field by working in an entry-level IT position and elevating their credentials with certifications. You can also consider a professional certificate, such as the IBM Cybersecurity Analyst Professional Certificate, available on Coursera, designed to help learners become job-ready.
Cybersecurity is a concern for any company that utilizes computer systems, so there are opportunities for cybersecurity professionals to find jobs across a wide range of industries. One major employer of cybersecurity specialists is the government. Every federal agency in the US employs cybersecurity professionals, including and especially the Cybersecurity & Infrastructure Security Agency (CISA).
Outside of the government, cybersecurity professionals might look for jobs at technology companies such as Apple and Intel; software companies such as Cisco; banks such as the Federal Reserve Bank of New York and Capital One; and health centers such as Patient First; manufacturers such as Lockheed Martin and General Motors.
Remote work is becoming more common, and cybersecurity roles are well positioned for it. Most job descriptions will state whether remote work is an option.
If working from home is a priority for you, you can find listings on Dice and NinjaJobs. Dice refers to this option as “remote,” while NinjaJobs uses “telework” and “telecommute.” Both terms have the same meaning.
While you may be able to enter the field of cybersecurity without knowledge of programming languages, it is considered a valuable skill set, particularly as you seek to advance your career. Research shows that Python is among the key skills needed for a career in cybersecurity .
Browse job descriptions to determine whether programming will be necessary to obtain your desired role. If you are able to secure an entry-level position without programming skills, you may want to consider gaining that knowledge over time.
1. (ISC)². “A Roadmap to Building Resilient Cybersecurity Teams, https://www.isc2.org/Research/CareerPursuers.” Accessed July 14, 2022.
2. Burning Glass Technologies. “Recruiting Watchers for the Virtual Walls: The State of Cybersecurity Hiring, https://www.burning-glass.com/research-project/cybersecurity/.” Accessed March 4, 2022.
3. Cybersecurity Ventures. “Cybersecurity Talent Crunch To Create 3.5 Million Unfilled Jobs Globally By 2021, https://cybersecurityventures.com/jobs/.” Accessed March 4, 2022.
This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.