The Ultimate Guide to Cybersecurity Careers

Find the cybersecurity course best for you.

Take the Quiz

If you’re looking for a new career to inject more meaning and challenge into your work, starting a cybersecurity career is an exciting option. Cybersecurity specialists work on the front lines of a growing and flourishing global industry, tackling advanced cyber threats, protecting companies and their customers, and mastering deep technical expertise along the way. 

Starting a Cybersecurity career also offers a future-proof career path. Cybersecurity specialists have one of the most in-demand skillsets in the U.S., and the number of cybersecurity jobs in America is growing exponentially — but there are not enough trained professionals to fill these cybersecurity jobs. In fact, there are predicted to be 3.5 million unfilled cybersecurity jobs globally by 2021, according to the Cybersecurity Ventures 2019 Cybersecurity Almanac. With an ever-expanding scope, the cybersecurity industry offers significant potential both for entry-level cybersecurity jobs as well as seasoned professionals — it's also a pathway toward meaningful and rewarding work.

The Coronavirus also increased the demand for cybersecurity skills. According to one report, 80% of cybersecurity threats are now using COVID-19 as leverage, and coronavirus themes have been used across nearly all types of cyber attacks, including business email compromise (BEC), credential phishing, malware, and spam email campaigns. Cybersecurity specialists have never been more important than they are today, to protect businesses, people and their data during this global crisis. 

But it’s not always clear how to get into cybersecurity — or what it means to enter the cybersecurity industry.

There are plenty of questions swirling around the cybersecurity industry.

What do people with cybersecurity jobs do? What kind of skills do you need to be a cybersecurity analyst? Where should you start your job search? What are entry-level cybersecurity jobs? How much do entry-level cybersecurity jobs pay? Better yet, what do experienced cybersecurity jobs pay?

And why is cybersecurity important?

In this Cybersecurity Careers Guide, we’ve compiled insights, tips, and everything else you should know about cybersecurity with our Head of Education, Dr. Bret Fund — formerly of SecureSet Academy — based on his years of experience in cybersecurity.

What skills do you need for cybersecurity?

Person on computer with dots on screen

If you’ve got a technical background, there are some great opportunities for you in cybersecurity. For example, IT professionals and military security specialists often transition into cybersecurity when they’re looking for a fresh challenge, and a fulfilling, stimulating — and sometimes more lucrative! — career.

But if you don’t have a technical background, it doesn’t mean this career field is not available to you. In fact, it’s very much available, and the cybersecurity industry needs you! Many cybersecurity career paths don’t require a technical skillset for an entry-level cybersecurity job, and you can build technical skills as you progress in the field. 

Companies will recruit individuals to cybersecurity roles because they have the specific skills needed, and that becomes more important than having an advanced university degree. 

The best advice is to start by identifying which career path you’re aiming to enter, and then equip yourself with the cybersecurity skills that are important for that path. 

Cybersecurity career paths

When most people think about cybersecurity, the first thing that springs to mind is the kind of hacker that you see in movies – a rogue character in a hoodie typing furiously at a glowing screen in a dark room, trying to break into a government or company computer system.

In reality, there are “hacker” jobs in the cybersecurity industry — and they’re known as Pen Testers. These roles are essentially “ethical hackers” who are hired to try and penetrate an organization’s systems, and detect vulnerabilities so they can predict and prevent future threats. Companies hire Pen Testers into “red teams” to assess their systems, so they can mitigate future cyber attacks and prevent a serious loss of assets or data breach.

This is an exciting and important cyber career path, but it’s not the only one! There are many more cybersecurity jobs in the industry.

In the broadest terms, there are two overarching categories that cybersecurity jobs can be mapped into: analysts and engineers

To understand the fundamental differences between cybersecurity analysts and engineers, imagine a company’s computer network as a Formula 1 race car. 

Cybersecurity analysts are like the F1 drivers — they’re paying attention to how the car is working, and everything going on around it. They know if something’s not right with the car (i.e. the computer network), and if there’s an issue with the way it’s functioning, but they don’t know how to get under the hood and fix it. 

Cybersecurity engineers are like the F1 engineers — they understand all the nuts and bolts of how the system within the car operates. They design the systems that make the car (i.e. the computer network) function as efficiently as possible, and have a technical understanding of how to fix issues, and make sure that the system is fine tuned and functioning correctly. 

The great thing about the cybersecurity industry is that you can start at different points, and then pivot later. For example, you might want to start as a cybersecurity analyst because you don’t have a technical background, and then later move into engineering after some additional education. Cybersecurity offers the flexibility and the freedom to transition and try new things as you progress in your career.

So how do you get into cybersecurity? You can make your decision based on the type of work you’re interested in doing, and the skills you have now.

Cybersecurity analyst careers

Person working on cybersecurity problem

What do cybersecurity analysts do?

Cybersecurity analysts focus on research, data analysis and creative problem solving. Day-to-day work can include scanning internal datasets to detect system vulnerabilities and cyber attackers, and drawing on external intelligence to predict and prepare for future cyber threats. They’re also great communicators and managers, as they play a pivotal role in connecting the dots with other functions in their organisation.

As analysts grow in their careers, they have a lot of options. They can take a manager track leading a security team, or they can become a Chief Security Officer heading up the security function for the entire organization. 

Alternatively, they can switch into a more technical track, and build skills in engineering or system architecture as they move further along. This means they will continue to do analytical work, and start to introduce some limited engineering work on their own, as well as working with engineers at a more advanced level. 

Skills needed for cyanalyst jobs:

First and foremost, cybersecurity analysts need strong research, analytical and problem-solving skills. They also need an understanding of information systems, and a sound grasp of information security — if you work in security, you should understand exactly what security is and means. 

Project management skills are also very important. This is not a technical skill, like the engineer working on a car — it’s about managing time, people and data. This type of management skillset is really important for entry-level cybersecurity analyst jobs.

Our 12-week Cybersecurity Analytics course gives students from any background the skills to launch a career in cyber analytics. 

Common cybersecurity analyst job titles:

Incident Analyst: Responds to cyber crimes that have occurred, and pieces together a narrative to understand how the crime was committed. They gather evidence to clarify the events that occur when a hacker has broken into a system.

National average salary for Cybersecurity Analyst: ~$78,000

Threat Intel Analyst: Specialises in monitoring and analysing active as well as potential cybersecurity threats. They focus on analysing useful intelligence from a wide spectrum of sources to keep their finger on the pulse of cybersecurity.

National average salary for Threat Intel Analyst: ~$100,000

Security Hunt Analyst: Responsible for defensive cyber counter-infiltration operations against Advanced Persistent Threats (APT). They focus on searching for hackers who have already burrowed deep within their company’s network.

Compliance Analyst: Ensures their organisation’s systems are compliant with government rules and industry regulation. They figure out which regulations affect their organisation, and develop plans to meet the necessary standards. They research, educate and project-manage to ensure that all members of a cybersecurity team are on the same page.

National average salary for Compliance Analyst: ~$63,000 

CS Careers 1

Credit: https://www.cyberseek.org/pathway.html

Cybersecurity engineering careers

What do cybersecurity engineers do?

Cybersecurity engineers are much more technically focused. The specialise in how computer networks work, how computers are sharing information with each other in the network, and how to put up firewalls and gateways to control what’s happening within their organisation’s network. 

Computer networks are made up of both hardware and software, and engineers understand how all these different systems and subsystems are working together, where the vulnerabilities lie, and how to fix them. 

Later into their career, engineers have lots of options to transition to other jobs in the same way that analysts can. In fact, engineers often switch into analyst roles, as well as systems architecture and consulting (we’ll talk more about consulting below!).

Skills needed for cybersecurity engineering jobs:

Entry-level cybersecurity engineer roles need a sound technical understanding of information systems, security systems, and how computer networks work.

They also need to be well versed in information assurance and cryptography – making sure data is secure across the network, and looking for points of vulnerability.

The fundamentals of network security are also useful at this level. This is not just about understanding how computers work and talk to each other, but how to engineer, design and create security systems.

Our 15-week Cybersecurity Engineering course, powered by SecureSet, gives students the skills to fast-track into cybersecurity engineering careers. Find out more.

Common cybersecurity engineering job titles:

Security Engineer: Develops detailed cybersecurity designs and builds computer security architecture. They’re on the front line of protecting network assets from threat actors, and they create robust defense systems, building and implementing tools for threat detection. They also lead incident response by minimising the impact of security breaches, conducting investigations and developing response strategies to protect their network.

National average salary for Security Engineer: ~$113,000

Pen Tester: What do pen testers do? Well, they make their living trying to break things. They are hired to probe computer networks and discover vulnerabilities that a truly malicious hacker could exploit. They simulate a cyber attack and attempt to breach their organisation’s network. The insights from a pen tester’s report allows the organisation to patch up vulnerabilities in the security system. 

National average salary for Pen Tester: ~$116,000

CS Careers Engineer

Credit: https://www.cyberseek.org/pathway.html

Cybersecurity consulting careers

As well as working in analyst and engineering roles for in-house security teams, cybersecurity specialists can also become independent consultants. 

Before 2014, the cybersecurity expert in most companies was typically someone on the IT career track who had started playing around with security, and had become the “security person” for their organisation. Then about six years ago, companies and governments around the world started to wake up to the fact that customers, companies and data need protection from cyber threats. This has created a huge demand for cybersecurity skills in organisations — people with the skills to set up security teams and security programs

In response to this, there’s been a great explosion of cybersecurity consultants who work with companies to help them set up their own security program in-house, or manage their security for them in an outsourced format. 

Security consultants focus on protecting their client’s networks, by assessing them and suggesting new protocols, policies and security plans to improve the security of their networks. They can either work in-house (commonly as sales engineers) or within a consulting firm. 

They typically have a generalist skillset spanning across both analytics and engineering. People who start at entry-level working for an in-house security team — in both analytics and engineering — often move into consulting further into their career.

Our 15-week Cybersecurity Engineering course, powered by SecureSet, gives students the skills to fast-track into cybersecurity consulting careers, now available on our New York and Washington, D.C. campuses.  Find out more.

CS Careers Conslutant

Credit: https://www.cyberseek.org/pathway.html

Unsure which cybersecurity course is right for you? Take our quick quiz to find out.

Headshot of Dr. Bret Fund

Dr. Bret Fund

Head of Cybersecurity

Read More Cybersecurity Articles

Since we opened our doors in 2012, thousands of students have joined Flatiron School to launch new careers in tech.

Explore our Courses

Find the perfect course for you across our in-person and online programs designed to power your career change.

Explore Our Courses
Join a Community

Connect with students and staff at meetups, lectures, and demos – on campus and online.

Join the Community
Schedule a Chat

Have a question about our programs? Our admissions team is here to help.

Schedule a Chat