Pros and Cons of a Career in Corporate Security
Corporate security professionals defend computer networks and information systems from leaks, theft, sabotage, and other threats. Here is a list of the pros and cons of working in the corporate security industry.
Pros of a Corporate Security Career |
---|
Average salary of $91,000 in 2014* |
37% employment growth predicted from 2012-2022* |
One of the top ten best jobs in America in 2009** |
Many practitioners find the real-world impact and intellectual challenges of corporate security gratifying*** |
Cons of a Corporate Security Career |
---|
Bachelor's degree plus experience are typical minimal qualifications* |
Rapidly changing technology requires constant updating of skills and knowledge* |
May have to work long, odd hours when on call for emergencies* |
Relentless, evolving threats can make corporate security feel like a never-ending battle*** |
Sources: *U.S. Bureau of Labor Statistics, **CNN Money Magazine, ***IEEE-USA Today's Engineer Magazine.
Essential Career Information
Job Description
Corporate security professionals can have a variety of job titles, including 'information security analyst', 'data security analyst', and 'network security analyst'. They are responsible for protecting a firm's digital information from threats, whether in the form of cyber attacks, employee carelessness, or even natural disasters. They develop and implement computer security policies, monitor networks for evidence of breaches, assist users with security procedures, and ensure that sensitive information is properly protected by firewalls, encryption, and other forms of protection. With such a rapidly changing digital landscape, it is essential that they keep up with the latest threats and advances in information security.
Salary Information and Job Outlook
The U.S. Bureau of Labor Statistics (BLS) reported that information security analysts earned an average yearly salary of $91,000 in 2014 (www.bls.gov). The BLS expected employment growth for this profession to increase at a faster-than-average rate of 37% during the 2012-2022 decade. PayScale.com reported that data security analysts earned an average salary of $60,000 and that network security analysts earned an average salary of $65,000 as of December 2014.
What Are the Requirements?
Education
Jobs in corporate security generally require a bachelor's degree in computer science, information systems, or computer programming. Computer science majors complete classes in areas such as algorithm and data analysis, software design, and networking. Because of the increase in security concerns in information technology, more schools are offering programs that award Bachelor of Science degrees in information security. Course topics covered in these programs include computer forensics and security of client systems.
Experience
Employers also typically require prior work experience either in security itself or a related field. For example, if you are going to be responsible for securing a database, prospective employers want to know that you are already well-versed in database administration. For jobs in data security analysis or network security administration, three or more years of experience is normally the minimum requirement. For management roles in information security, five or more years in security and a year of managerial experience are typical qualifications.
What Employers Seek
In such a fast-moving, high-tech field, employers seek professionals with the knowledge and skills that specifically matches their company's technical requirements. Some job postings do not specify a minimum degree level or years of experience because the technical qualifications are so exacting. Still, technical skills are not everything. Employers also want candidates with strong communications skills, problem-solving acumen and an ability to work with minimal supervision. Here are several real job postings from May 2012:
- A theme park and resort operator advertised for an IT security and compliance specialist based in Florida. Requirements included a bachelor's in computer science or related field, experience with penetration testing and security assessment, and knowledge of security-related regulations and laws.
- A community bank serving the Pacific Northwest and Hawaii sought a corporate information security officer for its office in Seattle, WA. The main tasks of the position included developing and implementing a company-wide information security program. Main qualifications were a degree in a technology field or business administration and 8-10 years experience in IT, security, or risk management.
- An employee benefits provider was looking to hire a security analyst specializing in identity access and management. The location was flexible. Several technical competencies were required, including experience with PKI technologies, Windows .NET, SOS, SOA, and Java programming.
- A wireless device recycling firm in Ohio was seeking a data security specialist for an entry-level position at an hourly wage. Candidates needed to be good at math, self-organizing, and able to handle repetitive work.
- A global consulting firm needed a junior IT security specialist for its Colorado office. Requirements included a year of experience in desktop support, maintenance of Windows 2008 servers, and the ability to support software developers. A bachelor's degree in computer science plus security certifications and experience were preferred.
How to Maximize Your Skills
Get Certified
Becoming certified may help you stand out against the competition. When the International Information Systems Security Certification Consortium surveyed more than 10,000 professionals in the field worldwide in 2011, nearly 90% of those involved in hiring stated that certifications were important in candidate assessment. Though certification requires time and effort, it can pay off in earnings. In a 2012 report regarding the IT workforce by Global Knowledge and TechRepublic, more than 75% of surveyed workers and hiring managers believed that certifications had a positive effect on salaries.
As of 2011, more than 40 certifications relevant to information security were available. Some of these certifications demonstrate competency in security in general, while others cover specific areas, such as intrusion analysis or incident handling. A handful of these certifications have been identified as among the most valuable:
- (ICS)2's Certified Information Systems Security Professional as a valued badge of general proficiency in the field.
- ISACA's Certified Information Systems Auditor and Certified Information Security Manager are more business-oriented than others and are becoming increasingly popular among hiring managers.
- SANS Institute's Global Information Assurance Certification credentials cover a range of specific competencies and are highly valued by employers.
- EC Council's Certified Ethical Hacker demonstrates competency in how cyber attacks are committed, a major concern for many corporations.
- CompTIA's Security+ is another well-respected, general credential.
Alternative Career Paths
If the education and experience requirements for corporate security seem too intense, a career as a computer support specialist may be a better option for you. In this field, you could become a technical support specialist who assists IT workers or a help-desk technician who aids non-IT workers with computer issues. Some jobs require a bachelor's degree, but for many others an associate's degree or some post-secondary training suffices. Often, extensive on-the-job training is available for these positions. Working as a support specialist can be a stepping-stone to better-paid jobs in network or systems administration or software development. According to the BLS, computer support specialists earned an average of $52,000 in 2011, and would likely see employment growth of 18% during 2010-2020.
If IT is for you, but you would rather create something new than worry about cyber attacks, you might consider becoming a software developer. Software developers design and develop applications or the underlying systems that enable networks, computers, and other devices to function. Qualifications normally include having a bachelor's degree in computer science, extensive knowledge of programming, and familiarity with the industry that will use your software. The BLS reports that developers who worked on systems software earned an average of $100,000 in 2011, while those who worked on applications earned $92,000. The BLS predicted 30% job growth for both fields during 2010-2020.