Here’s a tip for young people seeking a potentially rewarding and lucrative career path: cybersecurity professionals are in high demand. And if you have a finance background along with tech skills, your opportunities and compensation may be even greater.
In an interconnected world, hackers and criminals are targeting the networked systems of virtually every industry. Malware attacks, phishing attacks, unauthorized network access and insider abuse of access are a few of the common ways systems are compromised every day. Business leaders and consumers are increasingly aware of-and alarmed by-the threat of data breaches and stolen personal information.
As a result, industry recruitment is on the rise for workers with training and professional expertise in information technology (IT) security to prevent, detect and respond to these attacks. The Bureau of Labor Statistics projects the number of job openings for information security analysts will grow by 18% (classified as “much faster than average”) between 2014 and 2024.
Cybersecurity jobs by the numbers
The problem is, there simply aren’t enough of those trained workers on hand or in the pipeline.
According to job market analytics firm Burning Glass, the shortage of cybersecurity workers is creating opportunities for those with the needed skills and training. The firm’s 2015 Cybersecurity Jobs Report, based on analysis of an extensive database of online job postings, finds demand for qualified workers is outstripping supply.
The number of cybersecurity job openings has nearly doubled since 2010. That means higher salaries for tech professionals with the right skillsets. Average annual salaries for employees with different cybersecurity certifications range from around $75,000 to $93,000, according to the Burning Glass report.
“Job postings for cybersecurity openings have grown three times as fast as openings for IT jobs overall and it takes companies longer to fill cybersecurity positions than other IT jobs,” the report notes. “That’s bad for employers but good news for cybersecurity workers, who can command an average salary premium of nearly $6,500 per year, or 9% more than other IT workers.”
One reason for the shortage of workers is that high-level training in cybersecurity is rigorous-these aren’t skills that can be picked up quickly or easily.
In most cases, applicants should have at least a bachelor’s degree in computer science or associated field, along with specialized industry certifications in cybersecurity. According to the Burning Glass jobs report, 83% of postings require at least three years of workforce experience dealing with IT security in a real-world environment. There’s also a wide range of tech skills needed.
Security engineers, data managers, analysts, network security architects, IT auditors and security consultants are all in high demand.
Financial sector needs tech security pros
For the financial industry, the challenge is particularly acute. Banks, insurance companies and other financial institutions are increasingly aware of the need to respond to the growing cyber threat. From 2010 to 2014, cybersecurity job postings for the financial sector grew by 131%-the fastest growth rate of any sector Burning Glass examined.
The Burning Glass report notes that cybersecurity professionals with both IT training and financial skills, like a background in accounting or financial regulation, are in particularly short supply. Those “hybrid” skills are hard to come by, which means workers with a twin background in IT and finance have a distinct advantage.
The financial industry has led the way in preparing for a systemic cyber attack. One leading example is the Quantum Dawn series of cyber attacks exercises, organized by the Securities Industry and Financial Markets Association in conjunction with an array of financial sector firms and government regulatory and law enforcement agencies. Those simulations have helped the industry prepare to prevent, detect and respond to attacks on capital markets and the financial system.
However, as critical as these exercises are, they are only one piece of the puzzle. In addition, SIFMA is working to help promote the use of standards like those developed by the National Institute of Standards and Technology (NIST). The NIST Cybersecurity Framework provides a common understanding of best practices and standards around cyber risk management, giving a common approach and principles so that cyber defense professionals can focus on developing and maintaining defenses that are appropriate to their firms but guided by these shared approaches. SIFMA also works to promote best practices such as its Insider Threat Best Practices Guide that help security professionals understand and respond to specific types of concerns.
Cybersecurity is a moving target, and hackers continue to refine their attacks. That means industry will continue to need top-level talent to meet and defeat those challenges. Workers with a strong tech background will be in a good position to take advantage of those opportunities.