Why is Cybersecurity One of the Fastest Growing Career Fields?

by: Samantha SnellingsJuly 24, 2018

The United States has a shortage of cybersecurity experts. Reports of huge breaches, like the one that happened at Equifax in 2017, have reminded Americans of the important role that cybersecurity specialists play in organizations. Between April 2017 and March 2018, there were 301,873 total online cybersecurity job openings in the United States reports CyberSeek — a project that falls under the U.S. Department of Commerce. PeerSource talked to Scott Bowman, Career Services Manager at SecureSet Academy, to get deeper insight into the industry and find out how his organization is training professionals to fill the gap.

PeerSource:

According to CyberSeek, "From April 2017 through March 2018, there were 109,000 openings for information security analysts, but only 105,000 workers currently employed in those positions." CyberSeek is a project supported by the National Initiative for Cybersecurity Education (NICE).

Why is there a shortage of cybersecurity professionals? How has this shortage been a problem or how will it become a problem in the future?

Scott Bowman:

CyberSeek is a fantastic source of data to make sense of this industry. There are many reasons for the talent shortage, but probably one of the most persistent is fear.

The majority of businesses these days utilize the internet in some way, whether for e-commerce, communication, cloud and data storage or payments. I do not foresee that going away.

Huge breaches, like Equifax in 2017 and the alleged Russian election hacking in 2016, have prompted private enterprises and the federal government to spend more on securing their operations and investments. One vulnerability can topple the house of cards. Instead of accepting the risk, these businesses are building upon their own IT and information security teams and/or utilizing third-party managed security services — which are also becoming more prevalent. Business is good.

I would say the shortage comes from a need for an educated, affordable and functional security team. Expert cybersecurity professionals can be expensive and difficult to train for lower level tasks like vulnerability scanning and monitoring. SecureSet helps backfill secure organizations with affordable and incredibly capable talent.

PeerSource:

How severe is the cybersecurity workforce shortage in Colorado in comparison to other states? What types of cybersecurity jobs are in the highest demand?

Scott Bowman:

CyberSeek has a really useful heat map for determining relative need based on location. In Colorado, we have an above-average need for cybersecurity professionals and there are few other programs that offer training.

States with the most open positions include New York, Maryland, Virginia, Texas, California and Georgia.

We see the most growth in this industry from the federal government and associated contractors. Aerospace and defense contractors especially, invest in veterans and professionals with Secret and Top Secret clearances. However, opportunities on the civilian side are accelerating with time. California, for example, has Silicon Valley as a major influencer with many large enterprises residing there — Facebook, Google, Cisco, Symantec and others. Security analyst is the most generic and prevalent title here in Colorado.

PeerSource:

How much can an individual earn in a cybersecurity position versus another IT position?

Scott Bowman:

Based on my most recent data, I have found that graduates in the Denver area earn a median annual salary of $73,000. This only includes roles in which students reported a salary and only for those relevant to supporting the success of security operations.

According to O*NET, IT roles — like help desk and computer support — earn a median salary around $50,000 a year. I would also like to add that many of our SecureSet graduates successfully leverage their past careers to earn mid and senior-level roles in cybersecurity and IT.

PeerSource:

What education levels do employers require for cybersecurity workers in Colorado and what kinds of certifications should people be getting?

Scott Bowman:

Education requirements vary widely by employer. Federal contractors have stricter requirements, and applicants will typically need a minimum of a bachelor’s degree. Some companies do not require any formal degree and instead may prefer to train the right person for the role.

Certifications that stand out in this field are the Security+, CySA+, CISSP, CEH, CISM, OSCP and training in AWS. We have found that a diploma from SecureSet is often valued at several years of education and industry exposure.

SecureSet Career Services will consult with each student on the path forward based on his or her interests and experience.

PeerSource:

The FBI Cyber Division talks about the threat of malware. “Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses — these are just some of the entities impacted by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.”

What have been some notable recent examples of cyber crime? What are some of the trends in cyber crime over the last few years?

Scott Bowman:

I am certainly no expert in cybersecurity, but in my time here at SecureSet I have had the pleasure of meeting with several dozen chief executives and senior management in this space. Most of these companies are reluctant to share the specifics of any cyber attack with third-parties due to privacy concerns.

From what I have learned, there are millions of cyber attacks each day. Kaspersky keeps a nifty map of real-time data. This could be as simple as a phishing email or someone walking through your door disguised as a delivery driver in an effort to access your server room. It could be as massive as a DDoS attack that brings down an entire website and server.

When you have a persistent threat, all it takes is a matter of time before you or your company is vulnerable. I bet you right now, some of the biggest companies and nations in the world have already been breached and either don’t know it or haven’t publicly acknowledged it yet. That is scary.

PeerSource:

Tell me a little bit more about your programs at SecureSet Academy and how they differentiate the individuals who participate in them from other professionals.

Scott Bowman:

We have three main programs and a prep workshop.

CORE is our cybersecurity engineering program. This 800 hour, 20-week immersive program is designed to help you develop the skills you need for a career as a tier 1+ security engineer, technical analyst, penetration tester or consultant. Detail-oriented problem solvers with a programming background are a good fit for this program.

HUNT is our cybersecurity analytics program. This 480-hour, 12-week immersive program is designed to help you develop the skills you need for a career as a tier 1+ SOC analyst, threat intel analyst, security consultant and compliance analyst. Passionate people with strong critical thinking, research, and analytical skills, are a good fit for this program.

To help you get prepared we offer SecureSet PREP, which is a six-week workshop to develop the technical and analytical skills you’ll need to succeed in one of our immersive education programs.

Last but not least, we have the PATH evening program. Part-time and 36 weeks, PATH allows you to choose either an analytical or engineering path of curriculum, following two shared courses in systems and networks. Develop the skills you need for a career as a tier 1+ SOC analyst, threat intel analyst, security consultant, compliance analyst, security engineer, technical analyst or penetration tester.

Our instructors are experts in their respective disciplines; perhaps most notably, the Deputy CISO (Chief Information Security Officer) for the State of Colorado teaches our Governance, Risk, and Compliance classes.

We have three main programs and a prep workshop.

CORE is our cybersecurity engineering program. This 800 hour, 20-week immersive program is designed to help you develop the skills you need for a career as a tier 1+ security engineer, technical analyst, penetration tester or consultant. Detail-oriented problem solvers with a programming background are a good fit for this program.

HUNT is our cybersecurity analytics program. This 480-hour, 12-week immersive program is designed to help you develop the skills you need for a career as a tier 1+ SOC analyst, threat intel analyst, security consultant and compliance analyst. Passionate people with strong critical thinking, research, and analytical skills, are a good fit for this program.

To help you get prepared we offer SecureSet PREP, which is a six-week workshop to develop the technical and analytical skills you’ll need to succeed in one of our immersive education programs.

Last but not least, we have the PATH evening program. Part-time and 36 weeks, PATH allows you to choose either an analytical or engineering path of curriculum, following two shared courses in systems and networks. Develop the skills you need for a career as a tier 1+ SOC analyst, threat intel analyst, security consultant, compliance analyst, security engineer, technical analyst or penetration tester.

Our instructors are experts in their respective disciplines; perhaps most notably, the Deputy CISO (Chief Information Security Officer) for the State of Colorado teaches our Governance, Risk, and Compliance classes.

To get involved it is easiest to check our website.

PeerSource:

Can you share a success story from your program?

Scott Bowman:

One of the aspects I enjoy most about my role as career services manager with SecureSet is the incredibly diverse group of students and alumni I get to assist.

SecureSet attracts students from all walks of life and from nearly every state. We’ve had military veterans, cooks, social workers, truck drivers, healthcare admins, cashiers and more find roles in cybersecurity.

One of my favorite success stories is from a zookeeper who attended our CORE program — without any security experience — and found a security analyst internship with one of our industry partners just weeks prior to graduating. Within 5 months this individual was able to find his next role as security engineer with another amazing company in our network.

PeerSource:

What are some of the companies that graduates have went to work at in the past?

Scott Bowman:

Our graduates are well-represented at some of the largest and best-regarded companies across the United States:

  • American Express
  • Amazon Web Services
  • Blizzard Entertainment
  • Booz Allen Hamilton
  • Carbon Black
  • CenturyLink
  • Charles Schwab
  • Check Point Software
  • Coalfire
  • Coinbase
  • DISH Network
  • GuidePoint Security
  • Honeywell
  • Lockheed Martin
  • Microsoft, Motorola
  • Northrop Grumman
  • Pricewaterhouse Cooper
  • Raytheon
  • State of Colorado
  • Tesla
  • ViaSat
  • Xcel Energy

PeerSource:

How did you get involved in SecureSet?

Scott Bowman:

Like I tell my students, it is not just what you know but who you get to know when it comes to finding the perfect job. My story is no different.

I first came across SecureSet Academy while working as career services coordinator for a small web development school in Boulder a few years back. Having over seven years of experience supporting professionals in career transition at that time definitely helped in a school like SecureSet, where students need individualized career planning and support.

When my employer closed its doors, I knew I could rely on my peer network here in Denver. One thing led to another, and I was given the opportunity to expand the career program at SecureSet.

I love that SecureSet is doing something completely unique, especially knowing that the graduates we produce are making a real valuable impact in the workforce.

Want to learn more about SecureSet Academy? Click here. Want to find out how PeerSource is placing technology experts nationwide? Click here.