5 Cyber Security Career Paths With Job Roles and Salaries
Many people are intrigued by movies where hackers try to get into the mainframe of advanced computer systems. However, there’s more to this industry than cracking passwords and retrieving data. Cracking passwords is the tip of the cyber iceberg, as there’s a variety of careers to follow. Large organizations have teams of people protecting the important data of companies and preventing any future hacks or solving the mystery after a cyberattack. Organizations have advanced “Red Teams” and “Blue Teams” designed to detect, prevent and eliminate vulnerabilities.
Take for example the cyber attack of data breaching. In 2005 there were 136 report data breaches. In the latest numbers, from 2017 there were a staggering 1,579 data breaches. Now there are more data breaches than ever. Experts estimate a 4,300% increase in annual data generation by 2020. A single data breach costs a company around $8.1 million in the U.S. These companies need to hire quickly to produce layers of security against cyber attacks. In this blog, we discuss five of the top professions to consider in cybersecurity to work your way into a six-figure high paying position. Students can receive hand-on IT training by visiting our in-house facility.
Path #1 – Information Security Analyst (ISA): Safeguarding Digital Networks & Systems
Every day, organizations face an assortment of cyber threats. An ISA is tasked with implementing protective programs, such as anti-virus software and firewalls to ward off attacks. They also develop contingency procedures to ensure the quick retrieval of the network and recovery of data in the event of a cyber attack being launched. To take this path, you can enroll for an undergraduate degree in computer science or a related field, then specialize. Many companies can’t wait for an individual to finish a 4-year degree. They are looking for trained and talented people to fulfill these roles. At Intellectual Point, we have a cybersecurity pathway as shown in the image below. <image>
According to USNews, Information Security Analysts rank #4 in the best technology jobs.
Entry-level position for an information security analyst (ISA) in the DC-MD-VA area and salary expectations are about $50,000 or $18-$26 per hour. Using system administration and networking technologies, design and develop custom cloud infrastructure for clients.
Junior-level job responsibilities include the following:
- Write cybersecurity policies and procedures.
- Create configuration inventories and collect network baselines.
- Perform network assessments
- Vulnerability scans, and writes reports of findings.
- Maintain network and security equipment and services.
- Install new servers/workstations/other devices and connect to the network.
- Troubleshoot issues with networks, security, hardware, operating systems, and applications from end to end.
Mid-level position for an information security analyst (ISA) in the DC-MD-VA salary is expected to be up to $76,000 in the DC-MD-VA area. Most mid-level IT cybersecurity requires 2 years or more of experience.
The position requires individuals with:
- Knowledge of security issues, techniques, and implications across computing platforms.
- Knowledge of ISO 27001:2013 control framework.
- Experience with vulnerability scanning tools.
- Knowledge of information security policy, standards, and industry best practices.
An advanced career position salary as an information security analyst (ISA) in the DC-MD-VA area is between $100k-$130k per year. These specialists keep upgrading their IT credentials and have 5+ years of experience.
The job description states the following tasks:
- Assisting in the development, implementation, and maintenance of the data mapping look back project
- Managing communications with the application owners
- Supporting the completion of the data mapping and privacy impact assessments
- Providing reporting on the status of the project.
- Apply knowledge of basic security and privacy principles and regulations.
Path #2 – Systems Administrator: Keeping Track of User Accounts on a Network
This is one of the most common branches of cybersecurity. These are the people who put cybersecurity measures into action on a daily basis. They are usually the first point-of-contact for users when they experience problems with the network. Creating user accounts, backing up data, and deleting unnecessary content are among the activities that are part of an administrator’s duties.
A common progression in the career path of a system administrator is to move on to become a systems engineer and then a systems architect.
According to Wikipedia, a system engineer “deals with work-processes, optimization methods, and risk management” in large and complex projects. The discipline includes “control engineering, industrial engineering, organizational studies, and project management.”
A systems engineer develops systems from the ground up, like some of our HPC work, whereas systems administrators tend to be closer to hardware and systems analysts tend to deal with applications. The common theme is that businesses in Northern Virginia, D.C, and Maryland are urgently hiring!
Path #3 – Ethical Hacker: Testing Protective Integrity to Spot Shortcomings
It may sound like an oxymoron, but ethical hacking is an essential measure for finding flaws in computer applications, systems, and networks. The correct term for this profession is “penetration testing” and what it entails is applying the same methods as hackers to test the integrity of cybersecurity systems. The Ethical Hacking training course at Intellectual Point covers a wide range of these required skills.
A penetration tester is required for the following tasks:
- At least annually, conduct perimeter network vulnerability scans
- Analyze scan results and coordinate with Cyber Security Operations staff to assist in identifying mitigation strategies
- Conduct a minimum of one complete penetration test for all Department networks and outsourced capabilities
- Interface and coordinate with third-party organizations performing penetration testing and vulnerability scanning for the Department
- Interface and coordinate with the OCIO information Assurances Services Directorate to establish targets for testing, test schedule, test goals, and rules of engagement supporting Security Authorization activities
- Plan and coordinate White Cell participation in support of each specific penetration test
Perform Independent Verification and Validation activities to include:
- Update/create entries within the current vulnerability management tool
- Security configuration compliance verification;
- Application configuration verification;
- Vulnerability scanning/assessments;
- Network/systems security evaluations
A penetration tester average base pay is $84,482 in the Washington, DC area according to glassdoor.com.
Further research shows that many companies are hiring the right candidates at a six-figure annual salary. This shows that no matter what cybersecurity career path you seek, it all depends on what is your area of specialty and how current are your advanced IT certifications.
Path #4 – Security Architect: Building & Improving on Network Security Measures
A Security Architect designs builds and oversees the implementation of network and computer security for an organization. It is usually a senior-level employee or an independent contractor hired to create and carry out security programs. The individual is responsible for creating complex security structures – and ensuring that they work.
Along with dealing with handling defense and response issues, they will often be building security infrastructures, providing technical guidance, assessing costs & risks, and establishing security policies and procedures.
- Acquire a complete understanding of a company’s technology and information systems
- Plan, research and design robust security architectures for any IT project
- Perform vulnerability testing, risk analyses, and security assessments
- Research security standards, security systems, and authentication protocols
- Design public key infrastructures (PKIs), including the use of certification authorities (CAs) and digital signatures
- Prepare cost estimates and identify integration issues
- Test final security structures to ensure they behave as expected
- Provide technical supervision for (and guidance to) a security team
- Define, implement and maintain corporate security policies and procedures
- Oversee security awareness programs and educational efforts
- Respond immediately to security-related incidents and provide a thorough post-event analysis
- Update and upgrade security systems as needed
The security architect’s average salary is $121,000 per year and can go as high as $160,000 per annum.
We’re living in a digital age and it only makes sense to acquire a skill that will still apply in the future. If you’re looking into a cybersecurity training apply now for a course at Intellectual Point using our Course Catalog.
Path #5 – Cybersecurity crime investigator. Taking a bite out of cybercrime!
A cybercrime investigator performs investigates a digital crime after it has happened to an organization.
There are many names for this position including:
- Information Security Crime Investigator
- Digital Forensics Expert,
- Digital Forensics Analyst
- Cyber IT/Forensic/Security Incident Responder
- Cyber Forensics Analyst
- Digital Forensics Technician
- Cyber Security Forensic Analyst
One thing is clear, there is an enormous increase in cybercrime with experts estimate that it will hit record levels, with an expected $7 trillion USD to be made from cybercriminal activity by 2021. Large companies like Apple know that the investigations can be lengthy and vital to an organization. Apple, the technology company, is hiring for cybersecurity crime investigators and the posted salary is $187k-$207k. They know the importance of fighting cybercrime. The department of defense near the Washington-DC-Maryland region the pay is $58-$64 per hour.
The mid-level and advanced roles of these positions have several pathways to choose from including Cybersecurity Analyst and Cybersecurity Consultant. They are hired by large companies, the FBI, and the government as a full-time employee or independent contractor.
Cybercrime covers a myriad of areas, and the cybercrime investigator may specialize in one or more of these areas. A cybercrime investigator will often work as part of a consultancy, offering services to both enterprises and law enforcement.