Hottest of the Hot Jobs: Security Engineers

  • career advice
  • February 21, 2017
With all the recent high-profile cybersecurity breaches in recent years, just about any job that touches on cybersecurity is going to be hot. One of the hottest is that of security engineer. Security engineers help develop systems to prevent data breaches and keep confidential information safe. And the need for skills related to keeping organizations safe from cybercrime is growing.

One survey conducted by the SANS Institute, a security training and certification organization, found that almost half (48 percent) of respondents allocate more than 11 percent of their IT security budgets to in-house staff.

Given the rate of growth in spending, organizations are having a tough time finding security professionals to help them design, implement and maintain their security initiatives. Some reports had the number of open cybersecurity job positions last year worldwide at over one million. A quick search of the job title “security engineer” on Monster.com returns over 1,000 openings. Given the number of highly publicized security breaches, compliance and regulatory requirements, BYOD and other internal threats, the growing adoption of cloud computing, potential ransomware demands, and the emergence of IoT technologies, the demand for cybersecurity professionals has nowhere to go but up.

What education does a security engineer need?

Ideally, most organizations would prefer their security engineers to have at least a bachelor’s degree in an IT-related discipline. Information about a pool of current security engineer jobs by CEB, a best-practice insight and technology company, found that 95 percent of the listings required a bachelor’s degree. Even in light of this, the intensity of demand for these skills is going to create a large shortage that will likely prove impossible to fill with only IT graduates. Non-college grads interested in pursuing security engineering positions can acquire much of the necessary knowledge through a wide variety of non-degreed online security training courses. The Information Systems Security Association has identified more than 15 different security certifications related to security engineering. There are scores of security training courses available so it’s wise to acquire as much information as you can about the requirements, curriculum and graduates’ success in finding security engineering positions before selecting one. Finding a security engineering slot without either a college degree or one or more relevant certifications is unlikely.

Knowledge/skills requirements

Before deciding to pursue a career as a security engineer, it’s important to understand what one is expected to know. The specific requirements for these types of positions will vary by employer, but there are some broad-brush tasks a security engineer is expected to handle:

  • Identify sources of security issues
  • Oversee and manage existing and new applications to ensure security issues are addressed
  • Configure, install, test and maintain firewalls and other security software
  • Help establish, implement and update organizational security policies
  • Create methods to track concerns and incidents – and successfully resolve them
  • Conduct vulnerability and risk analysis testing
  • Investigate incidents and identify causes and solutions

Specific know-how/experience in the following can be important:

  • Operating systems – especially Windows and UNIX networks
  • Encryption technologies
  • Programming in a number of languages (knowledge of Python because it’s becoming so ubiquitous in the networking environment)
  • Security system infrastructure
  • Analysis of actual hacking and phishing attempts

Other talents or useful aptitudes include:

  • Adept at working as part of a team
  • Realizing that the job isn’t 9 to 5 (security engineers are often on call as emergencies can arise anytime)
  • Strong organizational, analytical and communication skills
  • Desire to keep learning as new threats emerge

Where the jobs are and what they pay

There’s hardly an industry that won’t need cybersecurity expertise. A number of verticals, including aerospace and defense, retail, government, utilities, banking and finance, and telecom are expected to be especially aggressive in hiring cybersecurity talent. Spending in the financial sector alone is expected to be enormous. J.P. Morgan, Bank of America, Citigroup and Wells Fargo are expected to collectively spend $1.5 billion on cybersecurity annually – about 15 percent of the entire financial sector’s spending.

CEB stats peg the salaries of security engineers as ranging from around $97,000 to $160,000, with a median of $129,000. A growing demand for security engineers coupled with a rather static short-term supply will likely drive salaries higher over the next few years.

The field of cybersecurity is exceedingly hot and the need for security specialists, especially security engineers, will remain so for the foreseeable future. 

Looking for a new career opportunity as a security engineer? Search our website today for security engineer jobs in your area.