Outlook for Information Security Careers Looking Up

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Slide Show

6 Certifications That Get You Hired as a Security Pro

In cybersecurity, the list of skills isn't really new or special, but when it comes down to proving abilities, a certification is required, advises ClearanceJobs.com.

Talking to and listening to security experts last week, at least one person bluntly said it, and others hinted at it: In today's economic climate, as budgets are being slashed, there is less money to be spent on IT efforts and that trickles down to security efforts.


The jobs are hard to find, even though pretty much every company that relies on a computer network needs to have some security system in place. I've listened to security personnel lament over not being able to build a better security team and I've seen up close and personal how difficult it has been for kids graduating college to get security jobs. Many have been hired into jobs that are more focused on IT.


For that reason, I was excited when I saw the results of a survey by (ISC)2, the 2012 Career Impact Survey. Perhaps things are looking up for the security industry. According to the survey, respondents reported only 7 percent of information security professionals were unemployed at any point during 2011 (a number lower than the national unemployment rate), with nearly 70 percent reporting a salary increase, and 55 percent expecting to receive an increase in 2012.


Just as promising, 72 percent of employers are specifically hiring for information security positions, and more than half of the companies plan to hire in the coming year. For those who aren't tied down to living in a specific area or even in a specific country, the job market is even more wide open. Information security professionals are needed globally.


As soon as I saw the survey, my first thought was that this upswing for security professionals has to be directly related to the Year of Anonymous and all of the high-profile incidents. And sure enough, as InformationWeek said:

One explanation for the apparent job security is the fact that the frequency and complexity of attacks against businesses and government agencies appears to be increasing. Notably, 56% of survey respondents said they'd seen their organization's security risks increase in 2011, for which one-third blamed on the profusion of mobile devices in the enterprise. As a result, 30% of surveyed organizations said they'll increase their security budgets in 2012.

The problem, however, is finding qualified people to take these jobs. One thing I noted at the Kaspersky conference last week: People in the security industry are young. Almost everyone I met at that conference was under the age of 30. It may mean we need to look at experience in a different way with security professionals. It may not be so much "on the job" training or specific skills, but looking at the general skills and attitudes toward security efforts.