Why are cyber security professionals in such great demand? Two statistics sum up the landscape:
- In 2021, the average cost to organizations of one data breach was $4.24 million, according to the Ponemon Institute’s annual survey (sponsored by IBM). That’s 10% higher than the average data breach cost in 2020.
- The total number of data breaches increased by 68% to 1,862 in 2021, compared with 1,108 in 2020, as reported by the Identity Theft Resource Center.
As the need for cyber security professionals increases, companies struggle to fill vital data security positions. One result of the shortage of qualified cyber security workers is that more of these jobs are available to people who work from home. Organizations hope to leverage the remote work technologies implemented during the COVID-19 pandemic to attract more home-based candidates for key information security roles.
Remote technology makes it possible for cyber security and other information technology professionals to work effectively and efficiently from their homes and other locations. The combination of heightened demand and increasingly sophisticated remote technology creates tremendous career opportunities for cyber security professionals. Here’s a look at the top work-from-home cyber security jobs.
Cyber Security Work From Home: Benefits and Technologies
Today’s information networks have no hard-and-fast boundaries. Companies’ growing reliance on cloud computing services and the increasing adoption of smart technology extend data networks around the globe. Securing such widely distributed networks becomes even more challenging as private information becomes the primary target of criminals.
At the same time, a combination of remote work technologies and sophisticated security tools allows cyber security analysts and other information security positions to do their work off-site. This opens up abundant career opportunities for people with the right set of cyber security skills and experience who prefer to work remotely.
- The top concern of companies worldwide is cyber security, according to the Allianz Risk Barometer 2022 survey, exceeding fears of business interruptions, natural disasters, pandemics and climate change.
- Penetration testing that security firm Positive Technologies conducted found that an external hacker could breach 93% of corporate networks.
- Small and medium-sized businesses are targeted in 43% of all cyber attacks, and 61% of small businesses report having been the victim of at least one such attack in the previous year, according to a report by Verizon.
Why Cyber Security Jobs Are a Good Fit for Working From Home
Many characteristics of cyber security work make it amenable to working from home:
- Any internet-connected system can be monitored from anywhere via a secure and reliable network link.
- The increase in people working from home entails remote applications, such as Zoom, Slack and Box. This allows IT managers to run meetings and monitor the progress of assignments and teams from their homes.
Allowing cyber security professionals to work remotely is seen as one way to address the growing shortage of qualified applicants for cyber security jobs. The job site Cyberseek estimates that nearly 600,000 open cyber security positions are available in the U.S., compared with just over 1 million people currently employed in the country’s cyber security workforce.
- Remote work will alleviate the burnout that’s one of the principal reasons that cyber security professionals have cited for leaving their jobs, according to eSecurity Planet.
- Competitive salaries and benefits keep cyber security workers moving from job to job, creating a bidding war that favors startups and deep-pocketed tech giants willing to hire remote security pros.
- More cyber security workers are attracted to remote work and flexible work options as a way to minimize job-related stress and maintain a healthy work-life balance.
Cyber Security Analyst
Cyber security analysts serve as the gatekeepers and watchdogs of computer networks. They monitor networks for security breaches, install and maintain firewalls and other security software, and document the damage from security breaches. They also help protect an organization’s valuable data assets by monitoring networks to detect and respond to security breaches. The software tools they rely on include firewalls, penetration testing and vulnerability scanning.
Among the duties of cyber security analysts are disaster recovery planning, documenting attack attempts, and staying current on security threats and defenses. Analysts help educate employees about security best practices and train them in the use of security features in the software they use.
Cyber Security Analyst: Education, Skills and Experience
The minimum education requirement for cyber security analysts is a bachelor’s degree in computer science, information technology or a related field. Many employees prefer to hire people who have a certificate in information security, such as the Certified Information Systems Security Professional credential. To qualify for a cyber security analyst position, most employers require work experience in computer systems and network administration or other areas of information technology.
Cyber Security Analyst: Salaries and Job Outlook
The U.S. Bureau of Labor Statistics estimates that information security analysts had a median annual salary of $103,590 in a range from $60,060 for the lowest 10% to $163,300 for the highest 10%, as of May 2020. The bureau forecasts that the number of jobs for information systems analysts will increase by 33% between 2020 and 2030, much faster than the average job growth for all occupations.
Ethical hackers are computer security specialists who break into computer networks, systems and software to discover and report security holes. They typically have backgrounds outside traditional tech fields and often learn by studying the tactics that other hackers use. Ethical hackers are motivated at least in part by a desire to put cyber criminals out of business.
The techniques that ethical hackers use are similar to those that penetration testers and other cyber security professionals use. These are some of the most popular ethical hacking tools:
- The Metasploit Framework is a project backed by a community of more than 200,000 contributors and developers that’s intended to inform people about security vulnerabilities, real-world attacks and effective approaches to penetration testing.
- Burp Suite is a Java-based penetration testing framework designed to identify vulnerabilities in web applications and verify attack vectors.
- Nessus is a vulnerability scanning tool that assesses a system’s weaknesses from inside and outside an organization. The program checks for updates for server software and performs system audits.
Ethical Hacker: Education, Skills and Experience
In addition to having two or more years of experience in a computer security field, ethical hackers usually have a degree in computer science, which is a requirement for some employers. They have a background in such coding tools as Perl, PHP and Ruby. They must abide by all standards and regulations that governments and their employers set. Some ethical hackers earn the Certified Ethical Hacker certification from the EC-Council.
Ethical Hacker: Salaries and Job Outlook
The salary survey site PayScale estimates that the median annual salary for ethical hackers is about $80,000 in a range from around $48,000 for the lowest 10% to around $153,000 for the highest 10%, as of February 2022. Salaries for midcareer ethical hackers are about 38% higher than the average, and in late career are around 43% higher than the average.
IT Project Manager
IT project managers’ duties include overseeing the team that plans, implements and maintains an organization’s hardware, software and networks. In addition to managing the day-to-day progress of IT projects, managers must make sure that all participants in the project share a common vision and goal and understand their roles within the big picture.
IT Project Manager: Education, Skills and Experience
The most important skills for IT project managers are problem-solving, interpersonal communication, planning, budgeting and business analysis. They must also have experience using Microsoft Project, Oracle and its PeopleSoft applications, SAP and other business software, and they must be familiar with software development tools and techniques.
IT project managers must have at least a bachelor’s degree in IT, computer science or a related field. They may earn the Project Management Professional certification from the Project Management Institute.
IT Project Manager: Salaries and Job Outlook
According to PayScale, the median annual salary for IT project managers is about $89,000 in a range from around $58,000 for the lowest 10% to around $129,000 for the highest 10%, as of February 2022. Skills that boost an IT project manager’s salary include development and operations (58% higher than the average), security risk management (51% higher), and Amazon Web Services (48% higher).
A Project Management Institute report estimates that by 2030, organizations will need to hire 12 million project managers to meet the growing worldwide demand for the position. The business sector that’s expected to record the largest growth in demand for project managers in the period is information and publishing, which will see a 15.2% increase in the number of project management positions between 2019 and 2030.
Security engineers are responsible for designing and implementing a company’s security plan, which is intended to safeguard against cyber attacks on computer systems, software and networks. They identify weaknesses in an organization’s IT infrastructure, and in the aftermath of a breach, they devise countermeasures to prevent recurrence. Other duties of the position are installing and running network monitoring software, identifying irregular network behavior, and taking measures to prevent security breaches and intrusions.
Security Engineer: Education, Skills and Experience
In addition to having extensive experience using security and network monitoring software, security engineers require problem-solving skills to address complex system design and network management issues. They also need communication skills to ensure that their team and others in an organization understand and follow safe computer practices and to report their findings to the company’s top executives.
Security engineers have at least a bachelor’s degree in cyber security, computer science, engineering or a related field. They also require several years of experience working in computer security and may have a Certified Information Security Manager certification from ISACA, one of several certification programs for computer security professionals.
Security Engineer: Salaries and Job Outlook
PayScale estimates that the median annual salary for security engineers is about $96,000 in a range from around $64,000 for the lowest 10% to around $140,000 for the top 10%, as of February 2022. Skills that raise the average salary for security engineers include Splunk (39% higher than the average), development and operations (30% higher), UNIX (20% higher), and Microsoft Azure (16% higher).
Typical career paths for security engineers may lead to positions as security architect, information security manager and chief information security officer. A SANS survey reported by the National Cyber Partnership found that the industries fueling the growth in security engineer positions and other cyber security jobs are banking, finance and insurance; IT and management; defense and other government agencies; and consulting and professional services.
Among security architects’ duties are ensuring the security of an organization’s existing information systems and designing computer systems and networks that properly secure all of an organization’s assets. Security architects lead a team of computer professionals charged with designing, implementing and maintaining the organization’s computer and network security procedures. They develop the organization’s security policies, including user authentication, employee security training and other aspects of the security infrastructure.
Security Architect: Education, Skills and Experience
The minimum education requirement for security architects is a bachelor’s degree in cyber security, computer science, IT or a related field. The position also requires years of experience working with network security tools and protocols and information system design. The skills in greatest demand for security architects include threat intelligence, risk analytics, and the use of artificial intelligence and machine learning in IT security.
Security Architect: Salaries and Job Outlook
The median annual salary for security architects, according to PayScale, is about $127,000 in a range from $85,000 for the lowest 10% to $169,000 for the highest 10%, as of February 2022. Skills that boost a security architect’s salary include cloud computing (8% higher than the average), system architecture (8% higher), and web security and encryption (7% higher). Security architect career paths may lead to information security engineer, chief information security officer or chief information officer.
Security Risk Analyst
Security risk analysts identify and correct security flaws in the organization’s hardware, software and networks. They spot risks to IT systems, assess the potential damage of a system vulnerability being exploited, and plan responses to eliminate or reduce the risk. Much of the work of security risk analysts is in researching new threats and devising techniques for protecting networks and computer systems against the threats.
Security Risk Analyst: Education, Skills and Experience
Security risk analysts typically have earned a bachelor’s degree or higher in cyber security or a related field and have several years of experience working in IT security. They may hold a security-related certification, such as Certified Information Systems Auditor.
The tools that security risk analysts use include the National Institute of Standards and Technology Cybersecurity Framework for monitoring, assessing and responding to threats as they arise, and network security assessments that serve as audits of computer systems and networks. Questionnaires are used routinely to assess third-party risks and to test the cyber security awareness of employees.
Security Risk Analyst: Salaries and Job Outlook
According to PayScale, the median annual salary for IT security risk analysts is about $72,000 in a range from around $51,000 for the lowest 10% to around $107,000 for the top 10%, as of March 2022. Other job titles related to security risk analyst are risk developer, director of risk analytics, senior risk engineer and operational risk manager.
The U.S. Bureau of Labor Statistics places security risk analysts in the broader category of information security analysts, one of the fastest-growing job categories the bureau tracks, with a projected 33% increase in the number of jobs from 2020 to 2030. This is a much greater increase than the 13% growth forecast for all computer occupations and the 8% growth expected for all jobs in the period.
Security Compliance Analyst
Security compliance analysts are responsible for ensuring that an organization complies with all applicable government regulations as well as with its internal processes, procedures and requirements. Among the standards that a company’s computer systems and networks may need to comply with are:
- Systems and Organization Control 2. SOC 2 is an audit process that determines how safely an organization stores and uses the data it collects.
- International Organization for Standardization 27001. ISO 27001 is the worldwide standard for security frameworks that ensures data confidentiality, integrity and availability.
- NIST CSF. NIST’s voluntary guidelines are intended to reduce risks in five ways: identify, protect, detect, respond and recover.
- Health Insurance Portability and Accountability Act. The health care industry must ensure that its data policies and procedures comply with HIPAA regulations for privacy, security and breach notifications.
Security Compliance Analyst: Education, Skills and Experience
In addition to having a background in securing computer systems and networks, security compliance analysts must have experience working with various compliance standards as well as with a number of different security frameworks. These include Europe’s General Data Protection Regulation, the California Consumer Privacy Act and the U.S. Department of Defense’s Cybersecurity Maturity Model Certification.
As with other cyber security jobs, qualifying for a position as a security compliance analyst requires at least a bachelor’s degree in cyber security, IT or a related field, as well as several years of experience working in computer security. Security compliance analysts must also be adept at using a range of security tools, such as system auditing and risk assessment programs.
Security Compliance Analyst: Salaries and Job Outlook
PayScale estimates that the median average salary for security compliance analysts is about $90,000 in a range from around $50,000 for the lowest 10% to around $145,000 for the highest 10%, as of February 2022. The need for firms to protect against the growing number of ransomware attacks is expected to drive job growth for security compliance analysts. By demonstrating compliance with cyber security standards, companies are able to reduce the amount they have to pay for insurance against such attacks.
Develop the Skills for a Career in Cyber Security
Few fields present more career opportunities for professionals with the right mix of education, skills and experience than cyber security. Work-from-home cyber security jobs benefit from the continuing shortage of qualified security professionals, the increase in the number and severity of cyber criminal attacks, and the growing size and complexity of corporate information systems and networks. Programs such as the online Master of Science in Cyber Security degree from the University of North Dakota help students take advantage of the rise in work-from-home cyber security jobs. Learn more about how UND prepares students for industry certification exams and lays the foundation for a successful career.