As the role of technology grows in businesses around the world, it brings an urgent need to staff IT security jobs. The more digitalization spreads through the workplace, companies face higher risk of their online systems — and the sensitive information on them — falling prey to hackers and data breaches. And employers are more aware of this than ever.
In a Robert Half survey, 54 percent of CIOs polled said they plan to add new personnel to combat increasingly sophisticated cyberattacks.
If you’re thinking about pursuing a career in this field, now is a great time. Job seekers with the right experience and certifications can find numerous employment opportunities, which include the chance to earn a lucrative IT security salary.
Starting down the IT security career path
It’s difficult to acquire an IT security job without prior experience, so this isn’t a decision that can be made overnight. Obtaining some of these roles involves a significant amount of planning and effort.
To start, the vast majority of employers require a bachelor’s degree in a relevant discipline, such as IT, computer science or business. Those who have fulfilled that criteria can follow the career path mapped out by the National Institute for Cybersecurity Education (NICE), an independent group established to address the shortage of skilled workers needed to meet the demand for these positions. NICE recommends starting in one of the following feeder careers to later obtain the best roles:
- Financial analysis and risk
- Security intelligence
- Software development
- Systems engineering
If you already have experience in any of these areas, you still need to pursue the certifications relevant for the position you have in mind before applying.
Here are five of the top IT security jobs that companies are looking to hire for — and what you need to land them. Plus, we’ve included their midpoint starting salaries, all based on data from the Robert Half Technology 2020 Salary Guide.
1. IT auditor
There are various echelons of this position, starting with the entry-level junior IT auditor, in which you’re required to run tests and perform analysis of existing security measures. Mid-level IT auditors are responsible for identifying potential risks within an organization’s infrastructure by performing extensive penetration testing. Experienced IT auditors are tasked with preparing reports and making recommendations to eliminate risks.
Requirements: To start down the IT auditor path, you need excellent problem-solving and communication skills, plus solid knowledge of system architecture. These roles are great for learning the ropes in the tech sphere — and can be a springboard to commanding a higher IT security salary.
Credentials: CompTIA Security+
Midpoint salary: $114,250
2. Systems security administrator
This may be a blended role in small or midsize companies, involving systems administrator duties and the management of software and networking hardware. In larger organizations, you’ll focus entirely on security, including the installation and maintenance of firewalls, virus protection and other measures. In both scenarios, you’ll help define best practices, report to management and coordinate penetration testing in order to identify vulnerabilities.
Requirements: A background in networking is a plus when seeking a job as a systems security administrator. You’ll also need excellent knowledge of TCP/IP, routing and switching, network protocols, firewalls and intrusion prevention.
Credentials: GIAC Certifications
Midpoint salary: $116,000
3. Network security engineer
These professionals are tasked with building an organization’s security infrastructure. In some situations, this requires designing an infrastructure from scratch, but it can also involve modifying an existing network to respond to emerging threats. You’ll manage regular penetration testing, and you may also work with automated testing tools. In addition, you’ll monitor detection and response activities and conduct routine analyses of security events, alerts and notifications.
Requirements: A network security engineer must be proficient in security tech and very familiar with the nature of cybersecurity threats. You must also know how to create and document security policies.
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP), which requires a minimum of five years’ experience in IT security jobs
- Cisco Certified Network Professional Security (CCNP Security)
Midpoint salary: $119,750
4. Information systems security manager (ISSM)
As the ISSM, you’ll have ultimate accountability for an organization’s security measures. This means overseeing the creation of a security infrastructure; implementing policies and best practices; managing testing and analysis; and staying updated on trends, innovations and regulations. You may also be responsible for developing disaster recovery plans. Additionally, this job entails a great deal of general management responsibility, such as hiring, employee performance evaluation, running professional development programs and motivating team members.
Requirements: Most employers want someone with an extensive background in systems and network security — at least five years of previous experience. As this IT security job is a management position, strong leadership and interpersonal skills are also a must.
- CompTIA Security+
- GIAC Management and Leadership Certifications
Midpoint salary: $143,250
5. Chief security officer (CSO)
The pinnacle of IT security jobs, the CSO is a C-level position that focuses on information security and risk management. CSOs collaborate with fellow C-suite members to manage security on a strategic level, advising corporate leadership as to the potential cyber risks associated with business decisions, as well as compliance issues and disaster recovery. Most often, you’ll work directly with the chief operations officer and other relevant executives, such as the chief technical officer, chief information officer and chief digital officer.
Requirements: To become a CSO, you’ll need at least 10 years’ experience, with a focus on information security, compliance and privacy. This role also necessitates business acumen and an aptitude for long-term strategic thinking, along with the ability to plan, create and maintain complex security systems.
Credentials: This will vary depending on your experience and the requirements of individual employers.
Midpoint salary: $187,250
IT security jobs come with a lot of responsibility. Whether you’re entry-level or sitting in the board room, you’re tasked with keeping your company’s data safe. If you have the nerve and the know-how to face such a challenge, this is an exciting and lucrative career path to follow.