Hottest of the Hot Jobs: Security Engineers

With all the recent high-profile cybersecurity breaches in recent years, just about any job that touches on cybersecurity is going to be hot. One of the hottest is that of security engineer. Security engineers help develop systems to prevent data breaches and keep confidential information safe. The need for skills related to keeping organizations safe from cybercrime is growing.

One survey conducted by the SANS Institute, a security training and certification organization, found almost half of respondents allocate more than 11% of their IT security budgets to in-house staff.

Given the rate of growth in spending, organizations are having a tough time finding security professionals to help them design, implement, and maintain their security initiatives. Some reports had the number of open cybersecurity job positions last year worldwide at over one million. A quick search of the job title “security engineer” on Monster returns over 1,000 openings. Given the number of highly publicized security breaches, compliance and regulatory requirements, bring-your-own-device and other internal threats, the growing adoption of cloud computing, potential ransomware demands, and the emergence of IoT technologies, the demand for cybersecurity professionals has nowhere to go but up.

What Education Does a Security Engineer Need?

Ideally, most organizations would prefer their security engineers to have at least a bachelor's degree in an IT-related discipline. Information about a pool of current security engineer jobs by CEB, a best-practice insight and technology company, found that 95% of the listings required a bachelor's degree. Even in light of this, the intensity of demand for these skills is going to create a large shortage that will likely prove impossible to fill with only IT graduates. Non-college graduates interested in pursuing security engineering positions can acquire much of the necessary knowledge through a wide variety of non-degreed, online security training courses. The Information Systems Security Association has identified more than 15 different security certifications related to security engineering. There are scores of security training courses available, so it's wise to acquire as much information as you can about the requirements, curriculum, and graduates' success in finding security engineering positions before selecting one. Finding a security engineering slot without either a college degree or one or more relevant certifications is unlikely.

Knowledge and Skill Requirements

Before deciding to pursue a career as a security engineer, it's important to understand what one is expected to know. The specific requirements for these types of positions will vary by employer, but there are some broad-brush tasks a security engineer is expected to handle:

Identify sources of security issues

Oversee and manage existing and new applications to ensure security issues are addressed

Configure, install, test, and maintain firewalls and other security software

Help establish, implement, and update organizational security policies

Create methods to track concerns and incidents—and successfully resolve them

Conduct vulnerability and risk analysis testing

Investigate incidents, and identify causes and solutions

Specific know-how/experience in the following can be important:

Operating systems—especially Windows and UNIX networks

Encryption technologies

Programming in a number of languages (knowledge of Python, because it's becoming so ubiquitous in the networking environment)

Security system infrastructure

Analysis of actual hacking and phishing attempts

Other talents or useful aptitudes include:

Being adept at working as part of a team

Realizing the job isn't nine to five (security engineers are often on call, as emergencies can arise anytime)

Strong organizational, analytical, and communication skills

Desire to keep learning as new threats emerge

Where the Jobs Are and What They Pay

There's hardly an industry that won't need cybersecurity expertise. A number of verticals, including aerospace and defense, retail, government, utilities, banking and finance, and telecom are expected to be especially aggressive in hiring cybersecurity talent. Spending in the financial sector alone is expected to be enormous. J.P. Morgan, Bank of America, Citigroup, and Wells Fargo are expected to collectively spend $1.5 billion on cybersecurity annually, about 15% of the entire financial sector's spending.

CEB stats peg the salaries of security engineers as ranging from around $97,000 to $160,000, with a median of $129,000. A growing demand for security engineers coupled with a rather static short-term supply will likely drive salaries higher over the next few years.

The field of cybersecurity is exceedingly hot, and the need for security specialists, especially security engineers, will remain so for the foreseeable future.

Looking for a new career opportunity as a security engineer? Search our website today for security engineer jobs in your area.

Opinions expressed by the author are not necessarily those of WITI.