Once a specialty only associated with government agencies and defense contractors, cyber security has now entered the mainstream. Industries such as health care, finance, manufacturing and retail all hire cyber security professionals to protect valuable information from cyber breaches. The demand for specialists in the field is high. A report by job analytics firm Burning Glass Technologies found job postings for openings in cyber security have grown three times faster than those for IT job overall, and cyber security professionals are earning 9 percent more than their IT counterparts. Read more to learn how to get started in a cyber security career, from the types of degrees available to the various careers in the field.

Choose A Program

What Does a Career in Cyber Security Entail?

Cyber Security Degrees and Careers At-a-Glance

From “ethical hackers” who probe and exploit security vulnerabilities in web-based applications and network systems to cryptographers who analyze and decrypt hidden information from cyber-terrorists, cyber security professionals work hard to ensure data stays out of the wrong hands. Cyber security professionals work in virtually every industry, responding rapidly to real-world threats. While there are cyber security associate degree programs, high-level careers require an array of technical IT skills and advanced analysis capabilities found in graduate-level degree programs.

Cyber Security Degrees and Careers In-Depth

A four-year cyber security degree program focuses on the array of methods used to protect data and information systems. Students receive training in technical and business skills such as database applications, systems administration and data recovery. Coursework combines criminal psychology, digital forensics and policy analysis to provide a complete perspective if IT security. There are hundreds of job titles in cyber security, but some of the top positions include:

  • Security Analyst
  • Security Engineer
  • Security Architect
  • Security Administrator
  • Security Software Developer
  • Cryptographer
  • Cryptanalyst
  • Security Consultant

How to Become: Pursuing a Cyber Security Degree & Career

1
Earn a bachelor’s degree

While it’s possible to find certain entry-level cyber security positions with an associate’s degree, most jobs require a four-year bachelor’s degree in cyber security or a related field such as information technology or computer science. Coursework in programming and statistics combined with classes in ethics and computer forensics prepare students with the technical and analytical skills required for successful careers in cyber security.

In an environment where data breaches are becoming the norm, more cyber security degree programs are being added every year. Before choosing a cyber security degree, prospective students should make sure that it is not only accredited, but also aligns with their career goals.

2
Complete advanced training

Some employers will require candidates to hold an advanced degree such as a master’s degree in cyber security. Prospective employers may offer tuition assistance to meet this goal. A master’s degree takes an additional one to two years to complete after the bachelor’s degree-level and provides advanced instruction in protecting computer networks and electronic infrastructures from attack. Students learn the ethics, practices, policies and procedures of cyber security as they study how to tackle network security defense techniques and countermeasures. Cyber security professionals can also earn certification to boost their skills while working full-time to gain hands-on experience.

3
Pass security clearances (if applicable)

Security clearances are necessary for those who wish to work with classified information as part of a military of government agency. A variety of agencies issue both personnel and facility security clearances, but most are issued by the Department of Defense. Each type of clearance has its own procedures and paperwork. The process, which takes three months to a year, does not begin until an employer decides to hire you, at which point you receive a conditional offer of employment. The first step is to submit clearance documentation, followed by a Background Investigation.

Find the Right Cyber Security Degree Program

The field of cyber security focuses on network and data protection at various levels. Whether looking for an accredited online program or a traditional on-campus program, students have many options when it comes to cyber security degrees. For those unsure which degree level they want to pursue, the table below looks at the options.

Career Goals & Educational Needs Associate Bachelor’s Master’s Online Certificate

I’ve always wanted to work in cyber security but haven’t pursued a degree because of my busy personal and professional schedules. I need a program that allows me to take classes from home on my own flexible schedule. I would like to find an accredited online college that offers a program for students who want a cyber security career.

While I think I would like to work as a computer support technician, I’m not sure if I should explore other options in cyber security. I want to enroll in a program that allows me to learn about all aspects of cyber security on a general level. Then I can decide whether to continue my education in a four-year degree program.

I’ve followed the stories in the news about companies experiencing major data breaches. I want to work in the field and make a difference as a cyber security analyst.

After working in cyber security for several years, I want to hone my skills and specialize in cryptography.

I have a bachelor’s degree in cyber security and may eventually work on a master’s degree full-time. For now, I’d like to develop digital forensic skills by taking courses that I can apply to a master’s degree program later on.

Cyber Security Degree Levels

While still a relatively new field, cyber security degrees are available at all levels, from associate degrees to PhD degrees. Students can pursue cyber security degrees online or in a campus-based environment. Each degree-level prepares students for specific opportunities, from entry-level employment to careers in academia. Before choosing a cyber security program, students should make sure it supports their goals. Find out more about each type of cyber security degree below.

Associate Degree in Cyber Security

An associate degree in cyber security is a two-year program appropriate for the following types of situations:

  • Securing entry-level work as a computer support technician or a related position
  • An additional qualification for those already working in the field
  • A step on a path to a four-year cyber security degree

Associate degree coursework covers the vulnerabilities of various hardware and software systems, network technologies, and key cyber security concepts such as security administration and intrusion detection. Many programs also prepare students for certification exams often required for full-time employment, ranging from basic CompTIA Security+ to ISC2 Certified Information Systems Security Professional (CISSP). Here are several courses offered in a typical associate degree in cyber security program.

Introduction to Computer Forensics and Cyber Crime

Basic foundation in the concepts, terminologies and terms used to communicate and understand the history of computer forensics and cybercrime.

Skills Gained
  • Processing crime scenes

  • Digital evidence controls

  • Recovering image files

  • E-mail investigations

  • Network forensics

Database Security

Provides a framework in the importance of database security; students learn how to protect a company’s technology infrastructure and intellectual property.

Skills Gained
  • Understand database security models

  • Advantages and disadvantages of access control models

  • Defending against common attacks

  • Knowledge of common integrity constraints

CompTIA Security+

Introduces the concepts and understanding of the field of computer security and how it relates to other areas of information technology.

Skills Gained
  • Hardening systems

  • Securing networks

  • Cryptography

Bachelor’s Degree in Cyber Security

While there are plenty of bachelor’s degrees in cyber security, it is also possible to enter the field with a four-year degree in a related field such as computer science, computer engineering or even mathematics.

The curriculum in bachelor’s degree in cyber security program is similar to that of a computer science degree. It begins with a foundation in programming, database applications and statistics. Then students have the opportunity to delve into more advanced topics such as artificial intelligence, cryptography and ethical hacking.

Graduates are qualified for employment as cyber security analysts, information security analysts and computer forensic analysts. Below are some of the courses in a bachelor’s degree program.

Fundamentals of Networking

Overview of networking technologies for local area networks, wide area networks and wireless networks; students learn how to recognize the network design appropriate for a given scenario.

Skills Gained
  • Open system interconnection model

  • Security protocols

  • Networking protocols

Installing and Configuring Windows Server

Preparation for the Installing and Configuring Windows Server exam, part of MCSE Server Infrastructure Certification; covers how to install, configure and troubleshoot Windows Server operating systems.

Skills Gained
  • Configure server roles and features

  • Configure Hyper-V

  • Deploy and configure core network services

  • Install and administer Active Directory

  • Create and manage Group Policy

Ethical Hacking

Instruction in the development of the structured knowledge base needed to discover vulnerabilities and recommend solutions to protect data from potential hackers; focuses on penetration-testing tool and techniques.

Skills Gained
  • Safe techniques on World Wide Web

  • Hands-on techniques to defend a computer against security attacks

  • Hands-on techniques to defend a LAN against security attacks

Master’s Degree in Cyber Security

Master’s degree programs in cyber security teach students how to be sophisticated practitioners in the industry as they protect vital computer networks and electronic infrastructures from attack. Coursework in these two-year programs investigates key technologies such as digital forensics, cryptography and biometrics. Graduates are prepared for careers as security-application programmers, penetration testers, vulnerability analysts and security architects. Some students choose employment developing security products.

The following courses are often found in a master’s degree in cyber security program:

Penetration Testing and Vulnerability Analysis

Introduces methodologies, techniques and tools to analyze and identify vulnerabilities in stand-alone and networked applications.

Applied Cryptography

Examines Modern Cryptography from both a theoretical and applied perspective; emphasis is on provable security and application case studies.

Digital Forensics

Instruction in the application of forensic science principles and practices for collecting, preserving, analyzing and presenting digital evidence; covers topics from legal, forensic, and information-technology domains.

Cyber Security Certificates

Many colleges and universities offer certificates in cyber security for those professionals who want to develop further expertise in the field or add credentials to their resume. Students examine principles of computer systems security, including attack protection and prevention. Courses explore cryptographic techniques, legal issues in computer security, digital forensics and designs for network perimeter defenses.

Most certificates are 12-18 credits and available online. In some cases, students can apply credits earned in a certificate program to a master’s degree in cyber security later on. There are several types of cyber security certificates that cover cyber security technology, cyber security management and related areas.

The following courses are often offered in a cyber security certificate program.

Technology and National Security

Explores the impact of technology on national security and the lessons learned by the U.S. through multiple conflicts and wars; examines the advantages and risks of technological innovations on our military power.

Skills Gained
  • Terrorism
  • National security policy
  • Intelligence gathering
  • Military platforms
  • Nuclear and biological weapon technologies
Introduction to Penetration Testing

Lab-based course providing students with an understanding of the threat vectors and exploitation techniques used to penetrate systems and networks.

Skills Gained
  • Assessment
  • Exploitation
  • Remediation techniques
Cyber Risk Management for Decision Makers

Explores the issues and concerns surrounding cyber risk management; students learn to identify high-level risks and map their impact across an organization.

Skills Gained
  • Conducting assessments within multiple areas
  • Mitigation strategies
  • Standards, ethics, and legal issues

D.Sc. Degree in Cyber Security

For those with a solid foundation in computer science, the D.Sc. in cyber security is an opportunity to combine their computer science emphasis with applied research in IT security. Students learn the latest techniques in specialized cyber operations activities such as reverse engineering, data collection, analysis of malicious code, and software exploitation. Graduates can bring their knowledge to intelligence, military and law enforcement organizations as well as employers in data-driven industries.

The D.Sc. in cyber security program typically takes students 3-5 years to complete and includes a dissertation. Although there are online programs, students are usually required to complete annual on-site research seminars.

Here are some of the seminars offered in a cyber security doctoral program.

Full Scope Security Testing

Review of the tools, techniques, and sources of digital information and its role in attacking and defending software systems and network environments.

Skills Gained
  • Penetration testing processes
  • Exploitation
Advanced Malware Analysis

Covers advanced techniques used in malware analysis; focuses heavily on static analysis of unknown binaries utilizing reverse engineering tools and procedures.

Skills Gained
  • Anti-debugging processes
  • x86 assembly language
  • IDA pro

Cyber security concerns the technologies, methods, and practices employed to protect the virtual world – including computers, mobile devices, databases, networks and programs – from infiltration and attack by unauthorized individuals and organizations. The number and sophistication of cyberattacks is evolving, threatening national security and the global economy. Effective security requires highly trained professionals who have specialized knowledge to protect a wide variety of environments.

This guide offers a comprehensive review of careers in cyber security, including an overview of the steps one can take to enter this profession, as well as job outlook and earning potential.

Career Paths in Cyber Security

New cyber threats appear constantly, creating new and innovative career opportunities. And because any individual or organization is a potential target for cyberattacks – from governments to banks to hospitals – cyber security professionals can find employment in a wide range of industries. Some of the more common career paths in this field include:

Chief Information Security Officer

The chief information security officer (CISO) is typically a mid-executive level position whose job is to oversee the general operations of a company’s or organization’s IT security division. CISOs are directly responsible for planning, coordinating and directing all computer, network and data security needs of their employers. CISOs work directly with upper-level management to determine an organization’s unique cyber security needs. They are commonly tasked with assembling an effective staff of security professionals, which means that the position requires an individual with a strong background in IT security architecture and strategy, as well as solid communication and personnel management skills.

Education requirements

CISO positions normally require, at minimum, a bachelor’s degree in cyber or information security, information technology or other computer science-related subject. Additionally, most midsize and large organizations prefer CISOs with a master’s degree in one of the above-described subjects or an MBA in a related subject such as information technology or database administration.

Source: U.S. Bureau of Labor Statistics

Forensic Computer Analyst

The forensic computer analyst is the detective of the cyber security world. Forensic computer analysts review computer-based information for evidence following a security breach or other incident. Tasks include handling hard drives and other storage devices and employing specialized software programs in order to identify vulnerabilities and recover data from damaged or destroyed devices. Forensic computer analysts must be sensitive to the security concerns of their employers or clients and follow closely all privacy procedures when dealing with financial and personal information. They must also keep detailed and accurate logs and records of their findings, which are often used in litigation.

Education requirements

Employment as a forensic computer analyst normally requires holding a bachelor’s degree in computer security, forensic computing or a related subject. Previous experience may also be necessary.

Source: Payscale.com

Information Security Analyst

An information security analyst (ISA) is responsible for the protection of an organization’s computer systems and networks. They plan and execute programs and other measures, including installing and using software for data encryption and firewalls. Additionally, ISAs help design and execute plans and methods for the recovery of data and systems following a cyberattack. ISAs must continuously stay on top of the latest industry trends and cyber threats, which involves researching new security technologies and networking with other professionals.

Education requirements

ISAs need to earn a bachelor’s degree in computer science or related area. There is a growing trend toward undergraduate degree programs specializing in the information security field, which may become the preferred choice of employers in the future. Some employers, particularly large corporations or organizations, may prefer job candidates with an MBA in information systems.

Source: U.S. Bureau of Labor Statistics

Penetration Tester

Penetration testing concerns the proactive authorized employment of testing techniques on IT infrastructures to identify system vulnerabilities. Simply put, penetration testers attempt to (with authorization) hack into computer and network systems to preemptively discover operating system vulnerabilities, service and application problems, improper configurations and more, before outside intruders have the opportunity to cause real damage. Penetration testers must be highly creative in their methods, often using testing tools of their own design, to “break into” the systems under scrutiny. Penetration testers are required to keep careful records of their activities and discovered vulnerabilities.

Education requirements

Penetration testers typically earn a bachelor’s degree in information technology, cyber security or other closely related subject. Many employers additionally require applicants to have earned relevant professional certifications.

Source: Payscale.com

Security Architect

A Security architect is responsible for establishing and maintaining network security for his or her organization. Security architects work in all sectors of the economy for companies, government agencies, and nonprofits. They may be employees of companies or independent contractors. In addition to working on specific security systems, security architects develop and implement organization security policies and procedures for employees and others with access to computer, network and data systems. Security architects are responsible for the hands-on repair of issues raised in problem reports as well as analysis of breaches following security incidents. They typically work in an office environment on a full-time basis.

Education requirements

A job as a security architect normally requires a bachelor’s degree in information security, information technology or computer science. Some previous work experience is often required in addition to an undergraduate degree.

Source: Payscale.com

IT Security Engineer

Security engineering provides a specialized engineering approach to cyber security, specifically regarding the design of security systems to counter potentially catastrophic issues. Security engineers are often involved in systems maintenance, performing security checks to identify potential vulnerabilities, as well as keeping logs and developing automation scripts to track security incidents. To succeed as a security engineer, individuals must have strong math and communication skills and a solid working knowledge of computer operating systems and languages.

Education requirements

A bachelor’s degree in engineering (electrical engineering preferable) or computer science is required for employment as a security engineer. Many employers additionally require some level of previous experience and/or professional certification(s) in the field.

Source: Payscale.com

Security Systems Administrator

A security systems administrator’s core responsibilities are quite similar to those of many other cyber security jobs: installing, administering, maintaining and troubleshooting computer, network and data security systems. The main distinction between security systems administrators and other cyber security professionals is that the security systems administrator is normally the person in charge of the daily operation of those security systems. Typical tasks include systems monitoring and running regular backups, and setting up, deleting and maintaining individual user accounts. Security systems administrators are additionally often involved in developing organizational security procedures.

Education requirements

Security systems administrators need to earn, at minimum, an associate degree in computer science or a closely related field. In most cases, however, employers will look for job candidates with a bachelor’s degree, preferably in information security or systems administration. Work experience and professional certification may also be required.

Source: Payscale.com

IT Security Consultant

IT security consultants meet with clients to advise them on how to best protect their organizations’ cyber security objectives efficiently and cost effectively. They are often hired by smaller companies and agencies that cannot afford to handle their security issues in-house, but are also employed by larger businesses to supplement their security teams and provide an unbiased outside perspective to current systems issues. Working as an IT security consultant can require long, flexible hours and often involves a fair amount of traveling to client business locations.

Education requirements

Employment as an IT Security Consultant commonly requires a bachelor’s degree in computer science, information technology, cyber security or other closely-related subject. In addition, many clients will require IT security consultants to have obtained one or more professional certifications.

Source: Payscale.com

Cyber Security Salaries

The explosion in the demand for skilled cyber security professionals combined with a scarcity in talent supply has resulted in high wages and excellent benefits for qualified applicants. Below is a brief look at the national median salaries (as of September 2015) available for some of the most in-demand cyber security careers:

$143,334 Chief Information Security Officer
$124,624 Security Director (Computing, Networking, IT)
$113, 905 Security Architect
$89,209 Security Engineer
$81,980 IT Security Consultant

Source: Payscale.com

Essential Skills, Tools, and Technology for Cyber Security Careers

Skills

There are a number of core skills needed by anyone entering the cyber security employment market, whether starting his or her first professional job or transitioning from another computer-related field. Here are a few of the key required skills:

Communication Skills

Cyber security professionals must have strong written and verbal communications skills. Jobs in the field require the ability to communicate clearly and concisely with clients and executives, network administrators, legal professionals and law enforcement, media and public relations staff, fellow team members, and others.

Ability to Work in a Team Environment

A required skill for practically anyone, the ability to work with others as an effective team member is particularly important for cyber security professionals. Team members must have a clear understanding of their delegated responsibilities and need to complete their work on time, while additionally being able to contribute positively to accomplishing larger team goals.

Integrity and Discretion

By its very nature, working in the cyber security field requires sensitivity to an organization’s security vulnerability issues and be able to tackle those issues in a way that engenders trust.

Organizational and Problem Solving Skills

One important characteristic of the cyber security business is the sheer mass and complexity of data involved. Cyber security professionals must develop solid organizational and problem solving skills or risk being overwhelmed.

Programming Skills

A variety of scripts and programming tools are required to design effective security programs and analyze cyber attacks and breaches. Experience in system and network programming is a must.

Understanding of Security Principles

An understanding of basic security principles, such as privacy, confidentiality, authentication, access control, and others, results in a greater chance that systems will be less vulnerable to failures and attacks.

Risk Analysis

Cyber security personnel must be able to assess a client’s particular security needs in light of its organizational goals, which requires knowledge of risk analysis principles.

Network Protocols

A working knowledge of common network protocols, their similarities and differences, how they work and what they are used for.

Malicious Codes

Additionally, cyber security professionals need a working knowledge of malicious codes, how they are propagated and the risks associated with each.

Intruder Techniques

In analyzing attacks, personnel should be able to recognize known intruder techniques, their characteristics and effects, and identify new intruder techniques by means of elimination of known ones.

There are also a variety of certifications that can be earned by cyber security professionals. Choosing the most effective depends on an individual’s specific interests/goals and job requirements. The list below outlines a small number of the most popular professional credentials among cyber security personnel:

CompTIA Security +

Covers essential principles for network security and risk management.

Certified Information Systems Security Professional (CISSP)

For competence in the design, implementation, engineering and management of information security programs.

Global Information Assurance Certification (GIAC)

Certifications available in several categories including Security Administration, Forensics, Audit, Management, Legal, Software Security and GSE.

EC-Council Certifications

EC-Council offers a number of security-related certifications including Certified Security Analyst, Licensed Penetration Tester, Certified Chief Information Security Officer, Certified Ethical Hacker, and others.

ISACA Certifications

Professional certifications available in IT Audit, Security, Governance and Risk.

Tools and Technology

The most effective tools employed by cyber security experts are software programs designed to protect against hackers, viruses, and the like. Here are some of the most pressing areas cyber security technology is focused on today:

Access Management

Third-party identity and access tools are used to provide additional protection for security gaps from Microsoft’s Active Directory.

Botnet Protection

Defends against botnets that would otherwise require individual identification and deletion.

Cloud-Based Security

There are a variety of cloud-based SOS security tools available for network protection.

Data Encryption

Provides added security for data as its being transferred.

Data Leak Prevention

Ensures system information is secure from intruder access and stores information in a secure form in the event of a security breach.

Endpoint Protection

Endpoint protection addresses security issues for endpoints such as PCs, mobile devices, network connected printers, servers and others.

Intrusion Protection

Filters access to websites by blocking potentially harmful files.

Malware/Virus Security

Prevents attacks from viruses and malware designed to harm both software and hardware.

Next Generation Firewall

An advancement when compared to traditional firewalls. Provides additional capabilities like integrated intrusion protection, stateful inspection, and application and identity awareness.

Wireless Security

Provides WEP/WAP security for data transmitted over wireless connections.

Cyber Security Job Growth and Outlook

According to Cisco Systems, Inc., there is a distinct shortage of cyber security professionals, particularly those with data science skills. As a result of this scarcity, many computer science workers, particularly those currently in the IT field, are eyeing employment in cyber security.

Indeed, as job growth goes, it’s hard to find a profession that outpaces cyber security. According to the U.S. Bureau of Labor Statistics, for example, job growth from 2012 to 2022 for Information Security Analysts is projected to be 37 percent compared with 18 percent for all computer occupations and 11 percent for all occupations.

So why is job growth in cyber security expected to be so robust? Cyber crime continues to be a significant and growing problem, both in the United States and around the world. For example, a record 79 percent of respondents to a recent PricewaterhouseCooper’s study reported that they had detected a security incident within the past 12 months.

What Do Related Occupations Make?

As the demand for cyber security experts grows, as does the variety of cyber security job titles. Here are a few examples of closely related careers, along with estimated total annual pay:

Source: Payscale.com, September 2015

Related Occupations: What You Need to Know

As far ranging as it is, cyber security is just one of countless career options within the larger computer science field. Determining the right option for anyone requires time and effort in researching what each has to offer. Below is a brief look at a few occupations related to those in the broader computer science field:

Source: U.S. Bureau of Labor Statistics

Cyber Security Degrees & Career Resources

National Initiative for Cyber security Careers and Programs

Information about cyber security or becoming a cyber security professional offered by the Department of Homeland Security.

US-CERT United States Computer Emergency Readiness Team

Provides response, support, and defense against cyber attacks for the Federal Civil Executive Branch and responds to major incidents with trusted partners. Individuals can report incidents, phishing, malware or software vulnerabilities and share indicators through links on the site.

Cybercrime

A clearinghouse of cyber crime information, this site includes legal and policy issues and instructions for reporting computer crimes.

Security Bloggers Network

This site is the largest collection of information security-related blogs and podcasts in the world, including corporate security and individual security blogs.

Information Systems Security Association

ISSA is an organization of information security professionals and practitioners that provides educational forums, publications, and networking opportunities.

National Cyber security Student Association

As the largest association of cyber security students, NCSA provides members with access to the latest cyber security research and development, conferences and training events, and networking opportunities.