Cyber Security has been an incredible choice of career for me, as it’s helped make me a lot of money and still does. Most importantly I’ve done this without any university education or swotting down on security certifications.
Why Is Cyber Security Such a Good Career? Cyber Security is such a good strong career because it offers higher salaries and rates than most other IT sectors because cyber skill shortages drive up demand and there just aren’t enough people with cyber skills available. Cyber Security has many areas offering plenty of career opportunities from analysts, engineers to architects.
My day to day job as Cyber Security Architect is very rewarding, financially and from actually the doing the job. I find it very easy to find cyber security work because my skills are so much in demand. When I worked in other tech sectors, the competition for work was much more than what I’m experiencing nowadays in cyber security.
The main reasons for cyber security being a good career choice are:
- High Salaries/Rates
- Cyber Skill Shortages
- Security Certifications are not required
- Rewarding Roles
- Cloud Technology driving more demand
- University Education is not required
I work as a Cyber Security Architect as a contractor and my contracting rate is about 20% higher than other non-security architect type roles. Likewise, I could easily earn a six figure salary if I decided to do a permanent cyber security role, but I’ve always enjoyed being a contractor, plus contracting pays a lot more and has certain tax advantages.
That being said, contracting in the cyber security space still has the uncertainty issues that all contracting has. As you’re only a short notice period away from being shown the door, should the client decide not to keep you onboard any longer.
This doesn’t bother me too much, as I’ve become used to the uncertainty as I know due to the cyber skill shortages, it won’t take too long before I’m back doing a new contract.
Cyber Skill Shortages
There are acute cyber skill shortages due to organizations simply not investing enough into cyber security training for their employees. As they view this as an unnecessary expense they can do without. For them, why invest all that money, when the employee could simply leave once, they’ve acquired their new cyber skills and put the organization back to square one.
Many organizations have long viewed cyber security has a blocker, something that stops or slows down projects being delivered. However, with the increasing number of breaches being reported, organizations are now investing in cyber security but not to the levels expected.
Security Certifications are not required
Every role I’ve had working in Cyber Security has never asked to prove I have a security certification. This is why I don’t bother with the Security Certifications except when I started out, I did go through the course work for one certification but didn’t take the exam.
I used it solely to provide me a good grounding in understanding security. When I did get my first opportunity in cyber security, no one asked me about certifications, be it at the interview, someone from human resources, absolutely no one.
To this day, it’s been the same, I never get asked for any security certifications, but I do keep a security certification book handy, just to refresh some areas of security I may not have previously worked on. I don’t have an encyclopedic knowledge of cyber security and you don’t need one either. You just need to be able to know where to get information if you become stuck.
A lot of people who talk about requiring cyber security certifications on websites or on YouTube, usually have an ulterior motive, that is, they want you to click on their links and sign up for the course they are recommending.
So, they can make some affiliate commission and that’s all they are interested in. I on the other hand, either recommend my own courses I’ve developed or things like books that have helped me on the way and are still helping me.
I work as a Cyber Security Architect and I find this an incredibly rewarding role, where I get to work with other architects (like solution architects, technical architects, enterprise architects and applications architects) including cloud architects, programmers, project managers, testers and so on. Advising them of the cyber security issues they need to resolve and the steps they need to take, so I can be assured they are not putting the organization we work for at risk.
Cyber Security Analysts, Cyber Security Engineers are other roles open for those interested in a career in cyber security. As I’m not overly hands-on, the engineer roles is something I wouldn’t do, I’m not skilled enough to be able to install, configure and deploy solutions. Plus it’s not something I would enjoy doing, as I’m more of a relationship building person, who likes to work with multiple teams and their personnel.
For those with engineering skills, the Cyber Security Engineer role is a great opportunity where skills can be used to ensure systems and services are secure. From installing and configuring Cyber security tools like Web Application Firewalls (WAF), Anti-Distributed Denial of Service (DDoS), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) to firewalls, gateways, VPNs.
There is a lot for a Cyber security engineer to do and this increases the demand for their skills. I think such is the demand, that someone with some of the cyber engineering skills required, will probably find it easier to get a job because hirer’s are that desperate to fill roles. And someone who ticks some of the boxes is better than someone who ticks none of the boxes, more so if they can’t find their perfect candidate.
Cloud Technology driving more demand
Cloud technology has exploded and the demand for cyber security has increased astronomically. Organizations are now putting their prized asset, their information in cloud environments and they want to make sure their data remains safe and secure.
Which is why my Cyber Security skills are in demand for securing cloud environments like Amazon’s AWS, Microsoft’s Azure, Google’s Cloud Platform to IBM/RedHat’s OpenShift. All these cloud environments, I managed to work on as a Cyber Security Architect.
The beauty of the cloud is, it’s fairly simple to get access to the cloud to learn and practice. I started by getting a free access to Amazon AWS (12 months free access) and then Microsoft’s Azure (time limited free access) and finally to Google Cloud Platform. As I already knew the principles of cyber security, I could easily apply these to the cloud environments I was reviewing.
OpenShift knowledge, opened up the world of Kubernetes and containerization to me, when on one of the AWS projects I was working on, used OpenShift running on top of AWS. Again, it was a simple case of applying the security principles knowledge and experience I’d built up.
I focus more on cloud these days but potentially I could also work on other security architect roles, if I wanted to, as my cyber security skills are universal. However, I find the world of cloud computing really exciting, as it’s fast paced, continually changing technology that brings new issues and problems I need to understand and advise on.
University Education is not required
I don’t have a University Education, and this has not stopped me from attaining a lucrative career in Cyber Security. This is down to organizations viewing experience as more important than having the academic background, so people with the required skills without a university education can easily get roles in cyber security.
Many of the organizations I’ve worked at, the cyber security people there, only a very few have had a university degree and most of those haven’t had their degree in a security or IT related field. I worked with people with degrees in Physics, Geography, Biochemistry to Accountancy who have managed to build up their cyber skills since graduating in a completely different subject area.
Cyber Security is definitely a good career to get into and it doesn’t matter how you get there. You could do it from another technology area you’re skilled with and start to think about how you would use cyber security to make the technology safer against attacks from hackers. Or you could simply, start learning the principles and start applying them to the many free (time limited offers) cloud services out there.
Once you’re in cyber security, you to too will feel the same way I do, that it’s a very rewarding career, financially and most importantly from the actual job you do, including the people you work with, the projects and problems you need to remedy.