With the recent attacks to the NHS and Deloitte proving that nobody’s too big to fail, now appears as good a time as any to consider a career in cyber security. As I discussed in the previous blog post, the UK’s facing an IT skills gap, so there’s potential for some very attractive salaries…
But do you have what it takes?
Obviously, the most important attribute you’ll need is a thorough understanding of security engineering. This should cover the architecture, administration and management of operating systems and networking. Not all jobs will require a degree in Cyber Security, Computer Science or a similar field, but it’s a very good start, and unless you have an impressive array of training certification and experience, it may be difficult to convince employers to place their trust in you if you don’t have one.
Job roles will vary from company to company, but there are two general directions that a career in cyber-security can take.
The first, which is where almost everyone starts off, is a Security Administrator. This involves the daily running and upkeep of security measures. Their role will include:
- Creating and implementing network security policies and requirements
- Creating and maintaining firewalls, anti-virus and patch-management systems to defend against unauthorised access
- Monitoring the network for suspicious activity
- Training colleagues in security measures
- Conducting comprehensive internal security audits
- Developing and briefing disaster recovery protocols
It’s essential to have an in-depth understanding of operating systems, firewall technologies, TCP/IP, computer networking, routing and switching. Job descriptions will usually provide information on what’s required knowledge, but it’s always best to contact them and ask for details.
Once you have a few years of experience under your belt, you may consider specialising as a Security Analyst. If an Administrator focuses on making sure that everything is water-tight internally, then an Analyst takes more of an external view of the systems. Taking account of everything the Administrator does, the Analyst’s role also involves:
- Anticipating security incidents
- Running vulnerability assessments
- Analysing breaches and threats
- Conducting external security audits
- Recommending changes and countermeasures
As the name would suggest, the role is well suited to people with analytical minds. It requires quick, out-of-the-box thinking to stay one step ahead of threats.
Cyber-security roles also require a number of soft skills. The nature of the job means that you’ll have to work closely with less technically-savvy colleagues, teaching in person and drafting security policies for them to follow. Communication skills are integral to this aspect of the job, and evidence that you can translate technical terms into simple English will reassure potential employers.
Mistakes can cost a company dearly: finances are the least of their worries, as their reputation and the safety of its customers, staff and business partners are at stake. All employees are responsible for a company’s cyber-security, but you’ll be responsible for hammering that into them!
Let us know your thoughts. Are you looking for a career in cyber security? Get in touch!