Cyber security careers.
Every day, hackers and cyber criminals launch new, sophisticated computer viruses, malware, and scams that threaten the data our society relies on. The industry is looking for individuals who can troubleshoot systems, reverse engineer malware, review hundreds of lines of firewall configuration, and create scripts in many languages.
We partnered with LinkedIn and researched various elements of the cyber security job market including:
- Employee and skill shortages
- Drivers of growth
- Salaries
- Job culture
- Required skills
- Experience needed
*Note: Cyber security is a booming industry with large potential. However, when considering the naming convention for the degree, academia uses' cybersecurity' as one word. Thus, our degree utilizes one word 'cybersecurity' but any other references to the field will use two word 'cyber security.'
Have you ever wondered what it would be like to be a cyber security professional? Better yet, do you know how to get there? Do you have to know how to program, take apart malware, be a master at ethical hacking, and have experience with penetration testing? Actually, you probably already have what it takes: curiosity.
While many cyber security professionals have technical skills, you might be surprised to hear that many of them got there from other fields such as law enforcement, customer service, and project management. They made the switch to cyber security armed with nothing more than their curiosity, a drive to learn, and some combination of university degrees and certifications.
As the field expands, these areas of expertise become even more crucial—and more in-demand. In fact, hundreds of thousands of cyber security jobs go unfilled every year because employers can’t find the talent they are looking for.
What experts have to say about cyber security degrees and jobs.
Western Governors University and LinkedIn also worked in partnership with other organizations to complete this study, including IT solutions and staffing firm Dash2. Experts from these organizations observe the cyber security industry and give insight into what they have seen happening.
Cyber security experts agree that this field is continually growing, and there are huge opportunities for those who are ready to jump in and grab them.
“Cyber security is in dire need of really good people. You can learn security, as long as you have an aptitude for it, and an interest and a passion for it.”
—Randall "Fritz" Frietzsche, Chief Information Security Officer for Denver Health
"Securing your business is not a one-and-done investment, and more companies are beginning to realize this. Hackers know that many companies don't do the foundational-level work, so they automate these attacks to target small to mid-sized businesses."
— Greg Larsen, Director of IT Services at Dash2
"Now, because of automation that allows hackers to target larger numbers of businesses, it's more enticing to go after 10,000 vulnerable small to medium-sized businesses than one whale."
—Brandon Knotts, CEO of Dash2
"The IT programs at WGU are effective in laying solid foundations and providing on-ramps into a place of understanding, where students can become creators in IT rather than merely consumers."
—David Ricker, Director of Enterprise Analytics and Business Systems at Dartmouth College
"I can unequivocally say that the caliber of IT programs that WGU offers is among the best. The variety of courses and disciplines within IT alone allow students to explore different areas to determine what they like best, while giving them the real-life practical skills they need to be successful in their future careers.”
—Mischel Kwon, Founder and CEO of MKACyber
What the cyber security industry looks like today.
Job market overview, shortages, and drivers of growth.
As a subdomain of IT, cyber security pays some of the highest salaries and has tremendous growth potential. But the industry is facing a massive skills shortage as the demand for qualified professionals continues to grow.
In some U.S. metropolitan areas, this shortage of skilled workers has reached an alarming level. For example, there were over 25,000 cyber security job postings in the Washington D.C. area in 2017, yet LinkedIn only identified about 7,200 cyber security professionals located in the region. That means there were 3.6 potential job offers for each qualified professional. The Greater New York City area saw the same ratio, with nearly 9,000 job openings and only about 2,500 cyber security professionals in the region. In fact, many metro areas showed similar shortages, including Baltimore, Chicago, Boston, Atlanta, Philadelphia, and Los Angeles, which all had over 2.8 times more job openings than qualified cyber security professionals living there.
Where is all this demand coming from? Of course, most big companies have cyber security departments, but many small and medium-sized organizations are also realizing that their business runs on data and depends on information technology (IT). They’re also finding that new rules and regulations, such as the European Union’s (EU) General Data Protection Regulation (GDPR), are requiring them to improve their data protection strategies.
“Some of our smaller clients say, ‘Why in the world would we spend any money on security? We’re a small town newspaper,’” noted Brandon Knotts, CEO of IT solutions and staffing firm Dash2. “In the past, who would target a company like that? You’d go after companies like Walmart or Sony. But now, because of automation that allows hackers to target larger numbers of businesses, it’s more enticing to go after 10,000 vulnerable small to medium-sized businesses than one whale.”
And don’t forget about cyberattackers, who are dedicated to trying to infect machines, hold data for ransom, and siphon money right out of bank accounts. These threats are becoming more sophisticated and widespread with the rise of the Internet of Things (IoT), artificial intelligence (AI), and other emerging technologies that make valuable data increasingly accessible to malicious actors.
As the technology landscape continues to evolve, these threats will only multiply and grow increasingly complex. So too will the cyber security skills shortage, which is why the search for qualified talent is more urgent than ever for businesses of all sizes.
“Securing your business is not a one-and-done investment, and more companies are beginning to realize this,” said Greg Larsen, Director of IT Services at Dash2 and a graduate of WGU’s MBA program. “Hackers know that many companies don’t do the foundational-level work, so they automate these attacks to target small to midsized businesses.”
As the technology landscape continues to evolve, these threats will only multiply and grow increasingly complex. So too will the cyber security skills shortage, which is why the search for qualified talent is more urgent than ever for businesses of all sizes.
The cyber security lifestyle: great salaries, cool job duties.
There is an extremely high demand for cyber security professionals and a shortage of qualified candidates. Partially due to this high demand, cyber security salaries are higher than many other IT jobs. In fact, according to data from LinkedIn, the median base salary of a cyber security professional in the U.S. is about $92,500 per year.
53% of cybersecurity-related job listings were for entry-level positions.
But are all these jobs reserved for senior-level professionals, or is there room for newcomers? LinkedIn data from 2017 shows 53 percent of cyber security-related job listings were for entry-level positions, while 40 percent were for associate-level roles and 7 percent for mid- to senior-level positions.
As companies expand their security teams, there will also be room to grow into mid- and top-level management positions over time. By all accounts, now is a good time to start thinking about a cyber security career.
Cyber security is about protecting and serving the organization, and keeping the business running. It makes sense, then, that many people in the field have transitioned from military and law enforcement careers. Cyber security professionals often talk about a sense of mission and the satisfaction they get from protecting their colleagues and customers, and the data and systems that run the business.
“What really makes people shine is when it’s clear that they love this—they eat, sleep, and breathe it,” said Greg Larsen, Director of IT Services at Dash2 and a graduate of WGU’s MBA program. “That’s going to make you the absolute best candidate that we can possibly find.”
This sense of mission makes for a highly collaborative, collegial environment of professionals who are fighting a common enemy. “There’s really no competition in cyber security,” said Randall “Fritz” Frietzsche, Chief Information Security Officer (CISO) for Denver Health and a graduate of WGU’s Master of Cybersecurity Security and Information Assurance program. “We’re all fighting the same good fight.”
There are a number of different cyber security roles and job titles. Some people have more business-facing or analytical responsibilities, often reporting and translating cyber issues into business-level concerns, while others build, test, and configure systems. The former tend to have “analyst” in their job description, and the latter tend to be called “engineers.” According to LinkedIn, the most common job titles related to cyber security are information security analyst, network security engineer, information security engineer, cyber security analyst, information security specialist, cyber security engineer, and senior versions of those roles.
While many of these cyber security positions require specific technical skills, others also rely on soft skills, such as customer service, communication, and project management. This opens the door to the profession to candidates with a variety of backgrounds and skill sets.
Required skills and experience.
What’s the best way to get started in a cyber security career, and how valuable are certifications compared to a traditional four-year degree?
According to LinkedIn, 71 percent of professionals who transitioned from other careers into entry-level cyber security jobs had a bachelor’s degree. That number rose to 73 percent for associate-level roles and 76 percent for mid- to senior-level positions. This data shows that a four-year degree is valuable for professionals trying to transition into cyber security. In their previous careers, according to LinkedIn, some of these people held titles such as network engineer, network administrator, consultant, intern, project manager, and manager or program manager, but LinkedIn’s data suggests, above all, that there is no single pathway to cyber security, and that the majority come to the profession from a wide variety of different backgrounds.
What if you’re already working in cyber security? Would a formal degree help with a promotion? According to LinkedIn, of the people who were promoted in the past two years, over 70 percent of entry- and associate-level employees and 77 percent of mid- to senior-level employees had traditional degrees. For middle and senior positions, 77 percent of those who were promoted in the past two years had a four year degree.
What about certifications? Like a degree, a certification is highly valuable because it shows that you’ve mastered a set of critical technical skills, and that you are committed to furthering your education, investing in yourself, and challenging yourself. The more credible the source is, the more valuable a certification will be. And at the end of the day, the best candidates will have some combination of formal education, certifications, and innate skills.
But while technical skills are certainly important in the cyber security field, some positions rely just as heavily on soft skills such as customer service, communication, and project management. In fact, according to LinkedIn, 28 percent of entry-level cyber security professionals listed customer service as a skill. “If you’re a help desk person, a desktop person, or even a server/network type of a person, the first step is to really recognize that you’re already doing security,” said Randall “Fritz” Frietzsche, Chief Information Security Officer (CISO) for Denver Health and a graduate of WGU’s Master of Cybersecurity Security and Information Assurance program.
Ultimately, there are many paths that lead to a successful career in cyber security. For those currently in IT, you are closer than you think. With the right degree, you can leverage the security work you already do to gain new knowledge and bolster your cyber security aptitude. For aspiring cyber security professionals transitioning from nontechnical careers, IT isn’t the only path. Anyone with strong soft skills, people skills, or experience in product management can make the switch and flourish in a cyber security career. As Frietzsche put it, “If you can learn to drive a forklift, you can learn security, as long as you have an aptitude for it, and an interest and a passion for it.”
Put simply, the cyber security industry is in dire need of candidates who are committed to professional development, willing to work, and eager to learn. And it’s safe to say that this is only the beginning for the rise in cyber security roles. Luckily, the field is extremely welcoming to professionals from a broad range of backgrounds and skill sets. So if you’re looking for a mission-driven profession that provides a collegial environment, the cyber security field might be right for you.
IT degrees to reach your goals.
Your curiosity is piqued. Now is the time to look at degree programs to prepare you best for the field of cyber security. Our programs are packed with quality and value—certifications included.
M.S. Cybersecurity & Information Assurance
B.S. Cybersecurity & Information Assurance
B.S. Network Operations & Security
Related news and articles.
Why getting an IT degree is essential.
See how an IT degree can help you get started on a path to a successful and rewarding career.
What does a cyber security analyst do?
Here's a look at some of the traits you will need when making the switch to cyber security.
Women in IT succeed by doing these 8 things.
Read about women in the IT industry and see what helps them find success.