Should You Become a Cybersecurity Engineer?
Should You Become a Cybersecurity Engineer?
Demand in the cybersecurity job market is soaring while supply is running critically low. According to the New York Times, industry experts report that there will be 3.5 million unfilled cybersecurity jobs globally by 2021. Quite simply, there aren’t enough qualified and skilled cybersecurity professionals to fill the growing need. And among the most sought after in the field are cybersecurity engineers.
According to the Wall Street Journal, “The demand is making it harder for chief information security officers to attract and retain seasoned engineers who can detect and neutralize threats.” As a consequence of the strong demand for engineers and the shortage of qualified professionals, salaries, the career outlook, and job opportunities are outstanding.
In fact, “One of the hottest jobs in information security today is that of cybersecurity engineer,” according to the InfoSec Institute. “It utilizes some of the most in-demand information security and IT skills, pays well and is very much a role that many organizations are desperately trying to fill.” So, if you have an engineering background and are interested in this burgeoning field, a job as a cybersecurity engineer can be an enticing and lucrative career move.
What is a Cybersecurity Engineer?
Cybersecurity engineers, sometimes called information security engineers, identify threats and vulnerabilities in systems and software, then apply their skills to developing and implementing high-tech solutions to defend against hacking, malware and ransomware, insider threats and all types of cybercrime. They’ll often serve as a go-to team member for security policies and procedures.
Cybersecurity Engineer Job Responsibilities
Developing/engineering secure, trusted systems. Performing assessments and penetration testing. Managing security technology and audit/intrusion systems. Developing and fielding secure network solutions to protect against advanced persistent threats.
If these all sound like tasks you are capable of, your interest in launching or advancing a career as a cybersecurity engineer is well worth exploring. The following list of job responsibilities comes from a cybersecurity engineer’s job description published by the employment website betterteam.com
- Planning, implementing, managing, monitoring and upgrading security measures for the protection of the organizations data, systems and networks
- Troubleshooting security and network problems
- Responding to all system and/or network security breaches
- Ensuring that the organization’s data and infrastructure are protected by enabling the appropriate security controls
- Participating in the change management process
- Testing and identifying network and system vulnerabilities
- Daily administrative tasks, reporting and communication with the relevant departments in the organization
Cybersecurity Job Opportunities
Job opportunities in the cybersecurity engineering field are plentiful, with unemployment in the field hovering around zero percent. Overall, demand for cybersecurity professionals is booming, according to Indeed.com.
- Additionally, cybersecurity engineer tops a recent list of the “5 Most In-Demand Cyber Security Jobs,” by industry blogger Philip Casesa, who has ranked it the most in-demand security position for three straight years (2018, 2019, 2020). At its essence, according to Casesa, the position involves “applying an engineering approach to designing and implementing security systems to stop advanced cyberattacks.”
- Similar or related positions include:
- Network Security Engineer
- IT security engineer
- Information Security Engineer
- Information Assurance Engineer
- Information Systems Security Engineer
People with cybersecurity engineering skills and experience may also want to explore or position themselves for such connected positions as:
- Cybersecurity architect
- Cybersecurity manager
- Cybersecurity consultant
- Cybersecurity director
- Chief Information Security Officer (CISO)
A recent search for “cybersecurity engineer” job openings on LinkedIn revealed thousands of listings at a wide variety of companies across the nation, some of which are cited below. You can see similar LinkedIn search results here:
- Cybersecurity Policy Leader; IBM; Armonk, NY
- Senior Cybersecurity Engineer; Visa; Austin
- Senior Cybersecurity Engineer; Liberty Mutual Insurance; Portsmouth, NH
- Cybersecurity Engineer; Booz Allen Hamilton; Chicago, Tampa, Washington, D.C., and elsewhere
- Cybersecurity Senior Engineer – Endpoint Security; The Home Depot; Austin
- Cybersecurity Engineer; The Motley Fool; Alexandria, Vir.
- Principal Software Engineer – Global Cybersecurity; Liberty Mutual Insurance; Portsmouth, NH
- Cybersecurity Systems Engineer; CACI International Inc.; Tampa
- Cybersecurity Operations Engineer; Endeavor; New York, NY
- Senior Engineer, Industrial Control Cybersecurity; FM Global; Norwood, Mass.
- Senior ICS Cybersecurity Systems Engineer; MSi (Mission Secure, Inc.); Houston
- Cyber Security Data Engineer; NCT Corporation; New York, NY
- Cybersecurity Engineer; Discover Financial Services; Riverwoods, Ill.
Cybersecurity Engineer Salaries
The average annual salary for a cybersecurity engineer is in the $120,000 to $133,000 range, according to employment website Ziprecruiter. Mondo, the nation’s largest staffing agency specializing in high-end tech talent, lists two engineering positions among its top-paying cybersecurity jobs (application security engineer: $100,000 to $210,000; and IS security engineer: $90,000 to $150,000).
Of course, cybersecurity engineering salaries will vary depending on a number of factors, including:
- Employer (including whether they are in the private or public sector)
- Geographical location
- Education (both level attained and alma mater)
Experience Required for Cybersecurity Engineer Jobs
Some experience is definitely required for this role. In his report on in-demand cybersecurity positions cited above, industry blogger Casesa notes that, “Most cybersecurity engineer roles require at least three years of professional experience (depending on the quality and depth of the skillset).”
Cybersecurity Engineer Hard Skills
According to the job description cited above, “To ensure success, a cybersecurity engineer must display an excellent understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy and Security Audits.”
Additional sought-after hard skills for an IT security engineer may include:
- Secure coding practices, ethical hacking and threat modeling
- Proficiency in Python, C++, Java, Ruby, Node, Go and/or Power Shell
- IDS/IPS, penetration and vulnerability testing
- Firewall and intrusion detection/prevention protocols
- Windows, UNIX and Linux operating systems
- Virtualization technologies
- MySQL/MSSQL database platforms
- Identity and access management principles
- Application security and encryption technologies
- Secure network architectures
- Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
- Experience with advanced persistent threats, phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication
Cybersecurity Engineer Soft Skills
“Soft skills also play an essential role in this position since Cybersecurity Engineers are often asked to communicate their findings to executive leadership and may be asked to collaborate with a wide variety of stakeholders,” according to Casesa. “The ability to communicate complex ideas quickly and clearly is critical to the success of this role.”
In addition to an analytical mind and a deep understanding of cybersecurity methodologies, cybersecurity engineers also benefit from having outstanding problem-solving skills and the ability to thrive under pressure and deliver on tight deadlines.
Cybersecurity Engineer [Industry Certifications]
Industry certifications are a common and well-respected way to gain skills and demonstrate aptitude both generally and in specific areas of expertise. These include:
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- GIAC (Global Information Assurance Certification) certifications
It’s a good idea to check job listings for positions you may be interested it to determine whether there are any specific certifications that might help you connect with those opportunities. Additionally, some organizations such as Microsoft, Cisco and others also develop and administer their own certifications.
Cybersecurity Engineer Education
According to the Infosec Institute, “Organizations are increasingly looking for candidates with a master’s degree in a related field, especially when it comes to senior cybersecurity engineering roles, look for organizations requiring master’s degrees to become more commonplace for this role in the future.”
When it comes to the advantage of having an advanced degree, Casesa confirms that “a master’s degree is expected to become more commonplace, especially for senior-level engineering roles.”
If you are interested in learning more about a career in cybersecurity engineering or want to advance your information security skills, consider learning more about the Master of Science in Cyber Security Engineering degree program offered both online and on campus at the University of San Diego.