Careers in Computer Security
According to an industry report, computer security is the top concerns among company executives as the numbers of security incidents have increased in the past year. As more cyber-attacks are getting sophisticated, many companies find that they are unable to detect and defense against these attacks. An industry analyst explained: “Today firewall is NOT enough; virus scan software is NOT enough but company must establish an active security group to prevent cyber-attacks. Without it, you will have difficulty to do business with others because if your system is connected to customers and suppliers systems, a security incident in your system can spread to them and creates more damages. In this connected world, if your company cannot ensure the safety and integrity of all business transactions, no one would do business with you.”
Today companies need computer security specialists to develop solutions to prevent hackers from stealing information or install malwares that disrupt the computer networks. According to the report, the need for security specialist could grow to 50,000 positions in the next five years. Since this is a global problems with urgent demand but has limited supply of candidates, global companies are putting this position as “Must have” regardless of salary. Basically, security specialists plan and implement security measures to protect computer systems. They analyze systems and applications and develop certain ways to protect information against unauthorized data modification or loss. They works with network specialists to control access, detect and prevent intrusion, protect systems against virus and other malwares, approve installation of firewall, VPN, routers, IDS scanning technologies and servers; conduct security audit, respond to security incidents development and implement security policies and procedures. They also provide security awareness and educating workers on security policies, procedures and practices.
A security specialist told the newspapers: “Because security specialists are responsible for maintaining the security of a computer system, they must think like a hacker would, they must anticipate every moves and tactics that hackers use to gain unauthorized access to computer systems. This job requires a lot of experiences to catch these criminals as they must be at least one or two steps ahead of criminals. It is not easy because you must love to look at code and write code but the salary is wonderful, most security specialist get paid twice more than programmers and that is why many security specialists are “former hackers”, since they understand how the hackers operate. Instead of hacking for fun now they are preventing others from doing it and get paid. ” Many security specialists begin their careers as Programmers or Network specialists since these job provides the training necessary to become familiar with network systems, security and problem solving. Many took additional security classes and receive certificated for specific jobs, they could begin in an entry-level security position to monitor and analyze information, with more experience they could be engaged in investigative work to determine whether a security breach has occurred.
An industry analyst wrote: “Demand for information security people will be high because today it is not just hackers try to access computers or organized crimes try to steal information but also other countries’ spies try to find ways to sabotage another country’s critical systems. In addition, more companies are doing business over the internet, more people are using smartphones and tablets, more people are buying and selling online, healthcare industry are using electronic medical records, financial companies are trading stocks and transferring money etc. so more information security people will be needed to safeguard this digital economy. Basically, every company, every government, every hospital, every financial company will need computer security specialists.
According to the industry report, a bachelor’s degree in computer science, software engineering, information system management, or information security is the minimum requirement for this job. Many companies also require candidates to have advanced security certifications such as Certified Information Systems Security Professional (CISSP), Certified Network Security Professional (CNSP) and Certified Hacking Forensics Investigator (CHFI). The U.S Bureau of Labor Statistics reports that the employment outlook for security specialists is expected to grow about 30 percent through the year 2025 as the need for people with security skills increases. The average pay for an information security specialist is $126,000 per year in the U.S. But global companies pay more since the job requires a lot of travel. Global companies have offices and systems located all over the world and they are more vulnerable for attacks. A global company security specialist who is willing to travel and work anywhere could make between $180,000 to $250,000 a year.
Sources
- Blogs of Prof. John Vu, Carnegie Mellon University
