We’re happy to share a three-part guest blog series from writer Tricia Hussung on behalf of Russell Sage Online. As formal education becomes integral to the cybersecurity industry, more and more colleges and universities are establishing programs of study focused on digital culture and technological security. Russell Sage Online offers both a Bachelor of Science in Information Technology and Cybersecurity and an undergraduate Cybersecurity Certificate. Here’s more from Tricia on the latest trends in cybersecurity careers.

It may be surprising to learn that, despite their status as some of the most sought-after professionals in the tech sector, cybersecurity experts tend to remain employed at the same organizations for relatively long periods of time. The Semper Secure survey reports that 65 percent of cybersecurity professionals said they have worked at two or fewer organizations throughout their career. Industry insiders agree: Lee Vorthman, CTO of NetApp’s Federal Civilian Agencies unit says that, “These people aren’t jumping from job to job looking for salary bumps and signing bonuses. Many of them want to work for federal agencies and most of them tend to stick with employers for the long term. For companies, that means they better get them early or risk not getting them at all.”

This means that many of those interested in cybersecurity careers are passionate about technology itself, rather than the high salaries and growth potential they can expect upon graduation. As Jum Duffey, secretary of technology at the office of the governor of Virginia, puts it, “For top talent, cybersecurity isn’t about just a job and a paycheck. It is about the hottest technology, deployed by honorable organizations, for a purpose that in inherently important.”

What Makes a Paycheck?
Professionals in cybersecurity earn well above the national average for U.S. workers. In a recent survey by the SANS institute, 49 percent of responders said they earned $100,000 or more per year— mostly for management roles. The largest single group of responders (23 percent) selected the $80,000 to $99,999 range. This group was comprised mostly of engineers and administrators. There was a considerable between the overall average for management ($121,376) and that of non-management categories ($95,149).

Understandably, cybersecurity salaries are higher based on experience. The average professional starts out at around $74,000 per year, while those with 20 years of experience earn more than $123,000 per year. That difference across 20 years amounts to raises of about $2,500 for each year of experience gained. For both managers and non-managers, progressive salary increases can be expected, but management income remains over 20 percent higher than non-management income regardless of experience.

Education is an important factor in determining salary levels. The same SANS report states that those holding bachelor’s degrees and 7 to 10 years of experience earn average incomes of over $100,000. Those with more advanced degrees “achieve this level of pay sooner.” The opposite is also true, with associate-level respondents earning $64,302 and bachelor’s degree holders earning $71,564.

When education and experience are combined, salary is affected further. Those who have been in the industry for over 10 years and hold advanced degrees have a significantly higher salary than their less educated, less experienced peers. As cybercrime threats continue to become more widespread and security becomes more vital, “the need for advanced degrees is predicted to continue to be in high demand,” according to SANS.

While formal education remains a central factor in the employability of cybersecurity professionals, certifications are another leading contribution to successful careers. The SANS survey reports that, in 2008, a majority of hiring managers “felt that certifications were an important (or key) requirement for hiring. And demand for certified experts is only growing, as more and more organizations require specialized skills in incident handling and response, audit and compliance, and firewall/IDS/IPS/SIEM. Currently employed cybersecurity professionals agree with this assessment: 85 percent of survey respondents said that they hold a professional certification such as the Certified Information Systems Professional (CISSP).

Want more information about careers in cybersecurity? Read more at Russell Sage Online.

We’re happy to share a three-part guest blog series from writer Tricia Hussung on behalf of Russell Sage Online. As formal education becomes integral to the cybersecurity industry, more and more colleges and universities are establishing programs of study focused on digital culture and technological security. Russell Sage Online offers both a Bachelor of Science in Information Technology and Cybersecurity and an undergraduate Cybersecurity Certificate. Here’s more from Tricia on the latest trends in cybersecurity careers.

The work environment for cybersecurity professionals is largely dependent on whether an organization is experiencing a security attack. During these times of crisis, workload priorities shift dramatically from a “steady-state operating environment” to a surge capacity. To adjust, cybersecurity professionals need the knowledge and skills to quickly respond to threats as soon as they arise. The ability to quickly and effectively counter security threats is vital, as the stakes are dangerously high. However, during maintenance periods in which no threats are imminent, these individuals must maintain high performance. This means that there is no such thing as an ‘average work day’ for cybersecurity professionals. They must be prepared with a wide range of technical abilities to perform a wide variety of activities while remaining collaborative.

Though it is often considered a subset of information technology, the Institute of Electrical and Electronics Engineers (IEEE) reports that daily cybersecurity work goes beyond the scope of IT. It includes “the analysis of policy, trends and intelligence to better understand how an adversary may think or act — using problem solving skills often compared to those of a detective.” Because of this, the IEEE recommends that prospective cybersecurity professionals be “those who can see themselves in fast-paced environments” with unpredictable working hours. However, one of the advantages of the field is that it is constantly evolving. Professionals in the developing cybersecurity workforce come from different educational backgrounds and are prepared for varying career paths such as those mentioned above.

Salary Information
In general, the salaries for cybersecurity careers are high. The Wall Street Journal reports that the salary for engineers, analysts, architects and other types of trained cybersecurity professionals averaged $101,000 based on advertised information. The same article states that this is “well above” the expected salary for IT professionals, which according to the Bureau of Labor Statistics is $86,000.

Though these broad numbers are certainly encouraging, salary data for specific cybersecurity careers is even more impressive. It is important to note that these salaries are estimated and can vary based on experience and specific skill area.

• Data security analysts earn anywhere from $89,000 to $121,500 according to Robert Half Technology, a national provider of IT professionals. Modis, a global provider of IT staffing services, reports that analysts at entry-level earn an average of $70,500, while those in supervisory and management roles earn from $93,300 to $110,100.
• Security administrators have a wider range of earning potential, from $49,400 to $114,500 per year according to Modis. Robert Half categorizes security administrators into two groups: systems security and network security. By their estimate, a systems security administrator can earn $85,250 to $117,750 per year, while network security administrators earn from $85,000 to $116,750 annually.
• Information systems security managers earn from $103,500 to $143,500 per year according to Robert Half, while Modis projects annual earnings to be from $78,300 to $142,000. These numbers include base pay and incentives.
• Systems/application security analysts can expect to earn $85,800 per year for base salary, according to Modis. With incentives, this number rises to $89,200.
• Network security engineers earn anywhere from $89,500 to $116,750 annually according to Robert Half.

Want more information about careers in cybersecurity? Read more at Russell Sage Online.

We’re happy to share a three-part guest blog series from writer Tricia Hussung on behalf of Russell Sage Online. As formal education becomes integral to the cybersecurity industry, more and more colleges and universities are establishing programs of study focused on digital culture and technological security. Russell Sage Online offers both a Bachelor of Science in Information Technology and Cybersecurity and an undergraduate Cybersecurity Certificate. Here’s more from Tricia on the latest trends in cybersecurity careers.

It’s no secret that cybercrime is a serious global issue. More than 1.5 million people a day are victims of cybercrime and the global cost has reached $100 billion. Facing data like this, the federal government has recently ranked cybercrime as a top security threat. In fact, the U.S. Director of National Intelligence pointed to cybercrime as a top security threat, “higher than that of terrorism, espionage and weapons of mass destruction.”

President Barack Obama also noted that “developing effective cybersecurity measures and capabilities is one of the most serious economic and national security challenges we face as a nation.” Recent security breaches affecting Target, Home Depot, JP Morgan Chase and Sony Entertainment brought cybercrime into the mainstream media, but these attacks are nothing new. One recent report identifies inferior skill levels as a contributing factor to this issue, pointing out that “the cybersecurity programs of U.S. organizations do not yet rival the persistence, tactical skills and technological prowess of their potential cyber adversaries.” For these reasons, trained cybersecurity professionals are more in demand than ever before.

Why Cybersecurity?
Qualified cybersecurity professionals are the main defense against cybercrimes, protecting networks and creating secure environments for organizations of all types. As experts, they use highly technical tools and skills to audit systems. These specialized competencies are the reason that businesses hire cybersecurity professionals: they monitor networks for attack traffic and deploy countermeasures to protect sites of all kinds. And, organizations are taking the development of security seriously. In fact, the global cybersecurity market is expected to grow to $120.1 billion by the year 2017.

The demand for cybersecurity professionals is growing at 3.5 times the rate of overall IT jobs and 12 times faster than the job market overall. This growth is a continuation of an ongoing trend; the demand for cybersecurity experts grew 73 percent between 2007 and 2012. Especially in fields like health care, education and public administration, this growth will no doubt continue in the coming years.

The Cybersecurity Workforce
The National Initiative for Cybersecurity Education (NICE) recently partnered with the Federal Chief Information Officer’s Council to develop a workplace assessment for the cybersecurity workforce. A total of 22,956 participants from more than 50 federal departments and agencies completed this assessment, which collected demographic information, pay grade, age range, experience, education and certifications. One important finding of this report is that the majority of participants (78.5 percent) are above the age of 40, while participants aged 30 or younger account for just over five percent.

This disparity in age demonstrates part of why there is such a demand for cybersecurity professionals in today’s workplace — many of the current trained, experienced professionals are approaching retirement age. In addition, participants indicated a strong need for trained specialists in information assurance (IA) compliance, vulnerability assessment and management, and knowledge management. All of these skill areas are part of the modern cybersecurity curriculum for most degree programs.

Want more information about careers in cybersecurity? Read more at Russell Sage Online.