For job seekers, the field of cybersecurity can seem like a gold mine. It has more than 750,000 job openings, and the pay can go from around $86,000 for an entry-level position to more than $160,000 for a senior one, a scan of job postings shows.
But the field is so new that many job seekers don’t know what kinds of skills or degrees are required or what kinds of jobs are out there.
To find out more, The Wall Street Journal interviewed Sandra Blanke, an associate professor and the director for cybersecurity education and cyber intelligence at University of Dallas’s Satish and Yasmin Gupta College of Business. Edited excerpts follow:
Where the jobs are
WSJ: How can people find out what types of cyber jobs are available and how much they pay?
PROF. BLANKE: CyberSeek [a website supported by the U.S. Commerce Department’s National Initiative for Cybersecurity Education] shows the total number of job openings in the U.S. and how much cyber jobs pay. It also shows what skills and education credentials are needed for certain jobs, and what institutions provide cyber certifications and degrees.
WSJ:Do you need a bachelor’s degree to work in cybersecurity?
PROF. BLANKE: Small companies with fewer resources may hire someone without a two- or four-year degree, but the candidate would likely still need to have some sort of training or certifications and hands-on experience. Large companies are going to look for someone with a two- or four-year degree, plus hands-on experience and certifications.
WSJ:Is there anything inexperienced cybersecurity-job seekers should know?
PROF. BLANKE: When employers write job posts for entry-level positions, they often ask for advanced certifications designed for more experienced professionals. They also may ask for a few years of relevant work experience. But inexperienced job seekers shouldn’t be daunted.
Cyber competitions, internships and volunteer positions may qualify as hands-on experience.
WSJ:Should undergraduate students major in cybersecurity if they want to work in the field?
PROF. BLANKE: If students know they are interested in cybersecurity, they should get a cybersecurity degree. A cyber degree should cover these specific areas: information and operations security, vulnerability assessment, digital forensics, penetration testing, risk management, network security, data analytics, cybersecurity analytics and compliance. It’s also important to have hands-on experience either in a laboratory or with an employer.
Undergraduates also should do cyber competitions to get a sense of how their knowledge stacks up against their peers.
Centers of excellence
WSJ: How does someone find the best school when it comes to cyber degrees and credentials?
PROF. BLANKE: The National Security Agency and the Cybersecurity and Infrastructure Security Agency have designated several hundred colleges and universities as National Centers of Academic Excellence in Cybersecurity. The agencies audit them every five years, so their curriculum stays current.
WSJ: What about working professionals looking to get into or advance in the field?
PROF. BLANKE: There are cybersecurity certifications that allow professionals with an IT or cyber background to retool their skills and apply for high-level jobs within or outside their organization. Boot camps can help professionals review material for the certification exam and help them find additional work experience if needed. Many companies are willing to pay for boot camps and certifications since it’s difficult to find skilled cyber professionals.
Other professionals looking to make a career change might want to explore certifications such as CompTIA Security+, or even a graduate degree.
WSJ:Is technical expertise required to work in cybersecurity?
PROF. BLANKE: Not necessarily. Professionals are needed to keep up with the latest trends in cybersecurity and cybercrimes, and make sure company procedures are up-to-date and teach employees about the latest threats. For these types of positions, hiring managers might look for professionals with business, marketing or human-resources backgrounds, or even a background in education. Written and oral communication and research skills are key.
Â