If cyber security has piqued your interest, you likely want to learn more about the benefits and pitfalls of it as a career choice. This article aims to provide you with the knowledge needed for you to make an informed decision on whether this career is suited for you, and if you want to pursue it as a profession.
There are also many roles in the cyber security sector that do not require cyber related qualifications per se. This means that those in many professions can become involved in this exciting sector, such as sales, HR and marketing. However, this article focuses on technical and operational cyber security roles.
The latest government surveyed numbers state 1,979 active cyber security firms, an increase of 141 from the previous study. From 2022 to 2023, the sector has shown strong growth. Overall revenue has reached £10.5 billion, an increase from £10.1 billion in the previous year. Demand for security services is strong in high-value sectors such as professional and financial services and the public sector.
5,300 new cyber security jobs have been created across the nation in this period, reaching 58,005 in total. This reflects a very good growth trend. In 2022, there were 160,035 cyber job postings. From 2021, this shows a 33% increase in postings for core cyber roles and a 30% increase in all cyber roles. The most advertised roles were security manager (23%), security engineer (23%), security analyst (16%), security consultant (12%) and security architect (11%). These top five roles have remained consistent with 2021 figures.
As the threat landscape is ever-changing, so is the cyber security field. You must constantly learn to keep up with the trends. To progress in your career, you will never stop learning – there is always room for improvement and always more that you could know. Cyber security is an arms race: the hackers find new attack vectors and cyber professionals must learn to combat them. As a cyber security professional, you are at the forefront of this, making it vital that you stay up to speed. If this suits you, then you will never be bored.
You will learn on the job, but you may find benefit in supplementing this with self-teaching outside of your job. Resources for learning are plentiful and available online, often free. Sites such as TryHackMe, HackTheBox and LetsDefend are good places to start.
Remote work is common in cyber security roles. A government study on cyber security roles in the UK labour market found that 28% of job posting for core cyber roles had no regional location listed (i.e. the roles were marked as “remote” or “UK-wide”). This is an increase from 2021 (21%) and 2020 levels (13%), which suggests an embedded trend towards working from home and remote working across all regions in cyber security.
Many people report an increase in their happiness levels when working from home – one study conducted by Microsoft found that 56% of people were happier when working from home. The largest named benefit of remote work is flexible scheduling, with lack of commute coming in at second.
Salaries vary heavily depending on many factors, but cyber security is generally a well-paid career. Influencing factors include:
Experience.
Education.
Certifications.
Industry/sector – for example, those in the finance sector may earn higher salaries due to the confidential nature of the data being secured.
Roles/responsibilities. Typically, more responsibility means higher salaries.
Company size.
A typical salary for someone in the cyber security sector is between £40,000 and £80,000 per year, with some sources citing an average of £53,000 and £55,000.
For a cyber security analyst, starting salaries typically fall between £25,000 and £35,000. Once an analyst gains experience, they can expect from £35,000 to £60,000. In a managerial or leadership role, salaries can reach £70,000 and above.
It is important to note that there are many fields in cyber security, so salaries will vary greatly from role to role and company to company. This leads us to the next point:
There are many areas of work in cyber security. This means that if you decide one area is not for you, there are other areas that you can work in that your experience will be relevant in.
Areas of work include but are not limited to:
Digital Forensics
Cyber Threat Intelligence
Cyber Security Generalist
Cyber Security Management
Incident Response
Network Monitoring & Intrusion Detection
Vulnerability Management
Security Testing
Cryptography & Communications Security
Secure Operations
Identity & Access Management
Secure System Architecture & Design
Cyber Security Audit & Assurance
Data Protection & Privacy
Secure System Development
Cyber Security Governance & Risk Management
By working in this field, you will be making a real difference to individuals and to companies. Organisations need cyber security professionals; 50% of UK businesses have a basic cyber security skills gap. Cyber security professionals play a key role in ensuring business continuity and without them, organisations could not thrive. By taking on the responsibility of cyber security and possibly thwarting cyberattacks, you have meaningful purpose and are of high value to your organisation. It is widely recognised that those who have a sense of purpose are happier than those who don’t.
Whilst there is a lot of buzz around cyber security now, there are drawbacks that must be considered before you dedicate yourself to this path. Whilst these should not deter you from cyber security, they should be kept in mind. Recognise it will likely take hard work to enter this field.
“Cyber security is in demand”.
This is an easy assumption to come to, as it is one that is marketed vastly (often in conjunction with the selling of cyber security courses). However, what is often left unsaid is that cyber security experts are in demand.
37% of cyber security vacancies in the UK are “hard to fill”. Is this because not enough people want them, or is it because not enough people have the necessary experience to fill them? 44% of cyber sector employers report that job applicants they have seen lack necessary technical skills.
This information suggests that entry level roles are hard to find in cyber security, and the empty roles are for those with experience. This is an explanation for why many in this field come from an IT or technical background, and have a transferrable skillset.
The first role is probably going to be the most difficult one to obtain.
Protecting an organisation from cyber threats puts a lot of responsibility on your shoulders. You are expected to succeed in stopping threats, and if you fail there may be a lot at stake. With this comes potential for long hours when there is an active threat, including working on evenings and weekends. This could potentially cause high levels of stress at various points in your career.
There is huge room for scaling your salary, and technology is not going anywhere anytime soon. Whilst there is technology, there is a need for people to secure that technology. As previously mentioned, cyber security is an arms race between hackers and security professionals. This means it is likely always going to be a necessity, as there will always be developments in attack methods.
One relevant concern is the recent breakthrough in artificial intelligence, which many fear could threaten their jobs in the future. AI can automate many of the mundane tasks that we struggle with today, but it does not have the capability to automate everything within the field of cyber security. This would require extremely advanced technology. If AI ever reaches a level of capability to do this, there would be much larger concerns and worries than your job and the world would look very different to how it does today. All in all, it is unlikely that this is a concern to fret over regarding considering this career.
Anyone can enter the cyber security sector with enough work and dedication. However, there are some traits and attributes that may make you a better fit for the role. These include:
Analytical skills.
Problem-solving ability.
Strong attention to detail.
Clear communication ability.
In conjunction with these skills and abilities, it is beneficial to have an aptitude for learning and be technically oriented.
If you believe you fit these criteria, cyber security might be for you.
References:
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWxQhj
https://www.statista.com/statistics/1111396/benefits-of-working-remote-2020/
https://www.glassdoor.co.uk/Salaries/cyber-security-salary-SRCH_KO0,14.htm
https://uk.talent.com/salary?job=cyber+security
https://www.prospects.ac.uk/job-profiles/cyber-security-analyst
