Pros and Cons of a Career in Information Security
Information security engineers ensure that an organization's data and sensitive digital information is kept safe from security breaches. Learn more about the pros and cons associated with a career as an information security engineer to make an informed decision about your future.
Pros of an Information Security Engineer Career |
---|
Rapid job growth is expected (37% increase in jobs was projected between 2012 and 2022 for all information security analysts)* |
Relatively high median salary ($89,000, as of May 2014 for all information security analysts)* |
A bachelor's degree is often enough to begin entry-level work* |
Opportunities for self-employment (approximately 17% of engineers were self-employed as of 2010)* |
Cons of an Information Security Engineer Career |
---|
Many security engineers work long hours and may be on-call to handle unexpected emergencies* |
Information security breaches can create havoc for an organization, and in turn, an engineer* |
A master's degree could be required to advance or work for certain companies* |
Constant need for education and training to stay ahead of security threats* |
Source: *U.S. Bureau of Labor Statistics.
Career Information
Job Description and Duties
Information security engineers develop and implement different types of cyber security measures to secure digital information for an organization or company. These engineers will often research the latest types of cyber threats, closely monitor the information system for which they are responsible and take action to ensure the system is protected. In addition to developing ways to hinder attacks, information security engineers are required to develop disaster recovery plans, which are followed if a security breach occurs. They're also called upon to addresses breaches and deal with the resulting problems that may arise. To perform these duties, a large portion of their job involves preforming research to stay on top of the latest potential security threats and then devising ways to combat them.
Information security engineers typically report to upper management personnel, including the Chief Technology Officer. They generally work in an office environment, but may have to work long hours or be on call, in the event that security issues arise. About 17% of these professionals were self-employed, as of 2010.
Job Prospects and Salary
According to the U.S. Bureau of Labor Statistics (BLS), as of May of 2014, information security analysts earned a median annual salary of about $89,000. The BLS also predicted that jobs for these analysts would increase at a much-faster-than-average rate of 37% between 2012 and 2022. The agency notes that the federal government and health care industry are in need of security engineers, and a general demand for this type of work is likely to increase as cyber attacks become more complex and sophisticated.
What Are the Requirements?
Typically, an information security engineer needs a minimum of a bachelor's degree in computer science or another computer-related field. Some schools offer information security concentrations through their computer science departments. Many security engineers also obtain a Master of Business Administration (MBA) degree in information systems, allowing them to receive business training alongside computer courses. Most information systems master's degree programs can be completed in two years. Many engineers also earn professional certifications through IT companies and professional organizations.
Top Skills for Information Security Engineers
Most employers interested in hiring an information security engineer are looking for someone who has knowledge and experience in system security design, risk management and information confidentiality. In addition to technical expertise, employers generally seek candidates with sharp analytical skills, organizational skills, ingenuity and the ability effectively communicate and work as part of a team.
Job Postings from Real Employers
Many employers are looking for engineers that can both develop and implement an information security system. They also prefer engineers that are experienced in a wide range of technical areas, including configuration and testing, and who possess relevant industry certifications. The following job posts obtained in April of 2012 can provide insight into the specific qualifications employers are seeking:
- A multinational computer manufacturer is seeking an information security engineer for their Maryland office. Requirements include knowledge in systems security design, intrusion detection, auditing and principles of information assurance. Candidates must also hold the Certified Information Security Systems Professional (CISSP) designation and be able to obtain top-secret clearance. The company prefers an experienced engineer who has worked on information domains, system integration and security testing.
- A California IT company is interested in hiring an information security engineer with a minimum of two years of professional experience and a bachelor's degree in engineering, computer science or a related field. Requirements include experience with developing and implementing IT security plans, knowledge of Windows, Linux and Internet security and possession of multiple industry certifications, including Certified Ethical Hacker, Global Information Assurance Certification (GIAC) and CISSP, among others.
- A health care company located in Louisiana is looking for an information security engineer with a bachelor's degree in a computer-related field and at least one year of professional experience. The successful candidate will have proven experience with databases, networks and operating systems, strong team building skills and familiarity with legal security standards. Also preferred were certifications, such as Cisco Certified Network Associate Security (CCNA Security), CISSP and GIAC.
How to Stand Out in the Field
You may find that information security engineering is a highly competitive field with several applicants vying for the same jobs. In order to distinguish themselves, some engineers become certified to work within a specific type of information system or obtain certification to demonstrate their professional competence. Computer manufacturers often offer certification credentials. For example, IBM offers a Software Security Solutions certification credential for engineers working with IBM security systems. Other security certifications that might be beneficial include CISSP, CCNA Security and GIAC designations. According to the GIAC certification website, professionals who possess the designation can more quickly earn raises and promotions.
Alternative Career Paths
If you're interested in working in the IT field but don't want to spend your days assessing potential security threats, you may prefer a career as an information systems manager, computer programmer or computer hardware engineer. These careers require a similar educational background and skill sets and also offer relatively high salaries.
Information Systems Manager
Individuals looking for a varied set of responsibilities that are not focused strictly on security may be interested in a career as an information systems manager. Information system managers coordinate and plan all computer-related activities for an organization. They are responsible for implementing technological solutions that can help an organization achieve its goals. According to the BLS, computer and information systems managers earned a median annual salary of around $118,000, as of May 2011. The BLS also projected an 18% increase in computer and information systems management jobs between 2010 and 2020.
Computer Programmer
If you're interested in creating and implementing new software solutions, you may want to try computer programming. Programmers work with software developers and write code that will bring a developer's concepts to life and realize their ideas within a certain computer operating system. In May of 2011, the BLS determined that programmers earned a median annual salary of about $73,000. The BLS also predicted a 12% increase in programming jobs between 2010 and 2020.
Computer Hardware Engineer
Perhaps you're more interested in working with computer hardware than software. Computer hardware engineers develop, test and install computer hardware. Hardware engineers also troubleshoot existing hardware and work to redesign it or update it with new parts and equipment. The BLS predicted that computer hardware engineering jobs would increase nine percent between 2010 and 2020. The agency also determined that, as of May of 2011, hardware engineers earned a median annual salary of roughly $99,000.