Careers & People
3/14/2016
12:35 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

5 Hot Security Job Skills

Cybersecurity job openings are looking for people with a blend of technical, security, and industry-specific talents -- and it helps to know Python, Hadoop, MongoDB, and other big-data analysis tools, too.

Cybersecurity job postings grew by 91% between 2010 and 2014, faster than overall IT jobs.  The demand for cybersecurity professionals shows no signs of slowing down given the increasing rise of cyberattacks and threats on businesses and government agencies.

The latest increases in demand for cybersecurity professionals are in industries managing high volumes of consumer data such as finance, up 137% over the past five years; healthcare, up 121%; and retail trade companies, up 89%, according to data from Burning Glass Technologies’ report “Job Market Intelligence: Cybersecurity Jobs, 2015,” which published last summer. 

Analysts with the job market analytics provider see some of the same growth trends playing out in 2016 as well, says Will Markow, senior analyst at Burning Glass, which draws from its own online database of job postings. Burning Glass analysts visit nearly 40,000 online jobs sites, using advanced text analytics to extract over 70 data fields covering information such as job title, occupation, employer, industry, required skills, credentials, and salary.

“The cybersecurity job landscape is still large and growing rapidly. It is no longer a niche market within IT,” Markow says. “It is taking up an ever-increasing amount of the IT job market, over 10 percent now. In the federal government, cybersecurity accounts for over 30 percent of [the job] demand.”

In the wake of high-profile cyberattacks on a wide range of industries such as Anthem Blue Cross Blue Shield, Home Depot, Target, and the US Office of Personnel Management, the role of the chief information security officer (CISO) has risen in stature in many large corporations and federal agencies. The senior-level executive is typically responsible for aligning security initiatives with enterprise programs and business objectives.

“It would be easy for [people to think] the CISO role is most in demand or desirable. However, the CISO search draws the most candidates to them because they are at the top of the pyramids,” says Lee Kushner, president of L J Kushner & Associates, a recruitment firm specializing in the information security industry.

The biggest demand is more for folks with blended technical domains.  “I think there is a general challenge to find people with depth of technical security skills that really help make the CISO’s program more consumable and productive,” Kushner says.

Here are five of the professional skills most in demand today for cybersecurity jobs:

1.       Threat Intelligence/Security Operations Center Professionals

Many large corporations are investing in incident response and threat intelligence professionals and technologies to make sense of attack and threat information, Kushner says.

“That is an area that is still picking up,” prompting organizations to beef up security monitoring capabilities, Kushner says. “One of the hotter areas you might see is people who can lead the development and functionality of internal security operation centers.”  

Typically, large companies have outsourced security operation centers, or SOCs, to managed security service providers or professional services companies. “But I see a lot of organizations bringing their core components – Level 2 and 3 analysis -- in-house and outsourcing low-hanging fruit to managed service providers,” according to Kushner.

“It is a huge developing trend that is gaining more traction as people are dumping more money into protecting themselves,” he says. 

Within these SOCs, organizations are blending incident response, threat intelligence, and monitoring all into one scenario. This requires a cadre of specialists steeped in the discipline of information security. “They require a certain level of thinking, mindset, and discipline that is semi-ingrained in the development of security professionals and maybe things that are inherent to who they are as people,” he says.

2.       Product Development: Security software and security infrastructure developers

Technology companies and companies building internal technologies for their own use or to sell to other companies, are looking for people with solid software and infrastructure development backgrounds. These professionals work with product development teams during the design and development of the products. The goal is to help establish a solid security architecture and a security perspective during the design, build, and review process.

These positions are in very high demand, but short on supply, Kushner notes. Product security, in most cases, is about blending the application security discipline and the infrastructure discipline. Marrying those two worlds is a difficult task and requires very unique skills. Some of the technology is not necessarily public-facing, he says: some of the development work is in authentication technology or encryption.

3.       Cloud Security Specialists

As many organizations move IT applications and hardware to private, public, and hybrid clouds, understanding how that is done in a secure way is very important. Being well-versed in cloud security architecture or having firsthand knowledge of how to architect security for cloud transformation is an important and rare skill, according to Kushner. 

“We’ve seen some very strong demand for cybersecurity architects, many of whom are on the forefront of work in cloud-related technologies,” Burning Glass’ Markow says. “Some of the architect roles are the highest paying in cybersecurity today, offering salaries well over $100,000 on average.” 

They require diverse skillsets, but also require the most experience and education. As a result, employers are pulling from a small pool of workers.

Burning Glass has started to look at pathways companies can take to move InfoSec professionals into these new architecture roles, Markow says. For instance, some of the potential paths include using people from other cybersecurity engineering roles or software engineering who have either a strong cyber or a strong cloud component. Employers might have workers in their organization who have 80% of the skills they need either on the cloud side or cybersecurity engineering side. They can identify those workers and help them to develop the other 20% of skills they need to qualify for some of the cloud architecture roles, he says.

4.       Cybersecurity/IT Auditors

Another trend is the emergence of hybrid jobs, which entail skills that require a combination of IT security and financial skills or healthcare, depending on the industry, Markow says. They require a bundle of skills employers didn’t have to look for in the past.

Take the cybersecurity auditing position. Cybersecurity auditing is one of the fastest-growing roles within cybersecurity, growing 132% between 2010 and 2014, Markow says.

“We found IT auditor roles, which are most common in finance and insurance companies, at this point are the hardest to fill. They remain open the longest, about 43 days on average, which is three days longer than the average for all cybersecurity roles.”

Cybersecurity auditors perform auditing and risk management assessment, which means checking the viability of security infrastructure, looking for holes, and reporting findings to management. Auditing and risk assessment are combined with traditional IT skills such as programming and networking, creating a hybrid role that pulls from disparate functions. 

5.       Big Data Analysis

Big data analysis is one of the fastest-growing sought-after skills in the cybersecurity field.

Demand for analysts who are knowledgeable about Python, a programming language based on C and C++ languages, has grown 300% between 2010 and 2014, according to Markow. Python supports rapid application development, allowing analysts to quickly create and customize tools. 

There is also a healthy demand for people who understand the Apache Hadoop open-source programming framework for big data analysis and MongoDB, which delivers fast query speeds across large volumes of data.

The trend for Infosec analysts who can manage and manipulate large data sets and that is only going to increase as the Internet of things takes up adoption. “This isn’t a trend that is going to go away any time soon, Markow notes. “So employers are going to have to build the workforce that has the skills they need while workers and students will have to build these skills to remain relevant in the market,” he advises.

Related Content:

 

Interop 2016 Las VegasFind out more about security threats at Interop 2016, May 2-6, at the Mandalay Bay Convention Center, Las Vegas. Register today and receive an early bird discount of $200.

Rutrell Yasin has more than 30 years of experience writing about the application of information technology in business and government. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
BlueBorne Attack Highlights Flaws in Linux, IoT Security
Kelly Sheridan, Associate Editor, Dark Reading,  12/14/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.