Cyber Security

How to get into cyber security

Are you looking to start a career in cyber security? We break down the roles that are available, and the training and apprenticeships to help you take a first step into the world of cyber.

Cyber security is an attractive career path, with many organisations around the world crying out for more cyber security professionals to close their internal skills gaps. Explore the training and programmes available to help you kickstart a career in this exciting field. 

Why choose a career in cyber security? 

  1. There is a global cyber security skills gap

According to John McAfee, founder of Future Tense Central and CEO at MGT Capital Investments, “The field of cyber security is the least populated of any field of technology. There are two job openings for every qualified candidate."

With cyber attacks ever-evolving and becoming more sophisticated, such as AI phishing attacks, employers are struggling to find enough qualified individuals to fill the demand created by cybercrime.

Gary Hayslip, author of the book 'CISO Desk Reference Guide, A practical guide for CISOs', says that organisations "are trying to hire a unicorn​ –​ i.e., they need three people but can only hire one. So, they write the job specs with a huge list of ​disparate skill​ ​sets that most security professionals don’t have."

This then leads to a skills gap that can work in the favour of new cyber security graduates, giving them a way into an ever-growing professional field.

  1. High demand means more job security

Alongside the skill gap, cyber professionals can expect a modicum of job security simply by filling their roles. The demand for their job is so high that you are unlikely to be made redundant.

A word of warning, though. Cyber professionals have about a 20% turnover rate in most companies because of burnout caused by trying to compensate for the skills gap.

Employers who expect too much from their limited cyber security team will be met with pushback, and with the amount of demand for cyber security professionals, the hiring market is skewed in favour of applicants.

  1. A variety of exciting career paths

There are a wide variety of roles that fall under the cyber security umbrella. With such abundance, the odds of finding a niche that suits your interests are very high. In cyber security, bored is not a word that will be present in your vocabulary.

Security professionals also get the chance to work on a huge scope of technologies. This is an attribute that, while not exclusive to cyber security roles, is one of their draw points. Cyber security is used in everything from robotics or car production to website security for both small and large organisations. If there is an online element, cyber security has a foothold there.

Since there is such a wide array of applications for cyber security, it follows that there is a wide array of ways to train for it. There is no 'right' way to become a cyber security professional.

  1. Puzzles and problem-solving

As with many software development roles, cyber security professionals need to have a level of critical thinking and problem-solving to be able to adapt to the changing landscape in tech. From testing against new kinds of hacking to innovating the way the company database is run, security optimisation is always evolving, keeping cyber security professionals on their toes. And as technology evolves, so does cybercrime, meaning there are always new puzzles to solve, the job is never the same thing twice.

  1. Make a tangible impact

Cybercrime is a serious problem that affects every industry. Some industries are more in need of cyber security than others. For instance, organisations with control over military matters, financial data, or medical devices need cyber security to prevent real, serious damage to individuals.

A specific example of the impact that cyber security can have was seen in the pacemaker hacking crisis in the USA in 2017. 500,000 pacemakers were recalled by the US Food and Drug Administration (FDA) due to fears that their lax cyber security could be hacked to run the batteries down or even alter the patient’s heartbeat.

Cyber security matters. Its impacts extend beyond the digital world and into the physical one. That can be both a frightening and exciting prospect but regardless, it highlights the importance of cyber security.

If you're looking for a career that has real-world impact, cybersecurity might be the perfect match for you.

Getting started in cyber security

There are many avenues one can take to get a start in cyber security. IT roles like helpdesk technicians or software developers are very common transition roles. But so long as you have a few key skills, you can enter cyber security without previous industry experience.

Useful skills in cyber

While you don’t necessarily need to have experience in tech to be successful in cyber security, some hard qualifications are needed just to do the job required.

It would benefit you to know about:

  • Scripting/software development
  • Framework
  • Intrusion detection
  • Network security control
  • Operating systems
  • Incident response
  • Cloud
  • DevOps
  • Threat knowledge

Outside of the hard skills and qualifications needed, having some of these key soft skills will give you a leg up and can help you in your career:

  • Problem-solving
  • Attention to detail
  • Communication skills
  • A desire to learn
  • Risk management
  • Adaptability
  • Critical thinking

Cyber security roles

One of the best parts about cyber security is the amount of variety in the jobs you can hold.

Some of the most common roles/titles are cyber security analysts and cyber security engineers. In simple terms, engineers build and design the security infrastructure, and analysts monitor and maintain it.

What is a cyber security analyst?

A cyber security analyst protects businesses from cybercrime through careful monitoring of hardware, software, and networks, evaluating threats, and looking for ways to enhance company security to protect sensitive information.

They are chiefly responsible for the use of

  • Configuration tools: such as anti-virus software, vulnerability protection, and password management.
  • Reporting: this includes evaluating the current state of the network and detailing any strengths. It is key that analysts be able to read and write such reports since they are used to indicate any unusual activity on network systems that could be dangerous.
  • Weakness evaluation: since no network is perfect, the goal is to improve their security as much as possible. Analysts are needed to evaluate where the network's main weaknesses are so that work can be done to bolster them, further protecting the business from data breaches or other threats.

What is a cyber security engineer?

Similarly to a cyber security analyst, cyber security engineers implement network security measures to defend against cybercriminals, hackers, and other threats. They are responsible for engineering secure, trusted systems, performing assessments, and developing new ways to monitor and protect against advanced persistent threats.

Cyber security engineers are responsible for:

  • Security engineering: Developing, operating, and upgrading security measures used in the protection of an organisation’s data, systems, and networks.
  • Troubleshooting: Responding to all system security breaches and troubleshooting security and network problems.
  • Evaluating weaknesses: Testing and identifying network and system vulnerabilities to better protect against cybercriminals who would exploit them.

While cyber security analysts and engineers are very common roles, there are others in the realm of cyber security that are just as important.

Digital Forensic Analyst

Salary average: 30k – 40k

Digital Forensic analysts analyse and investigate cyber security incidents to derive useful information about support system/network vulnerability mitigation. As a digital forensic analyst, you'll use software tools and your own skills to investigate data linked to cybercrimes like hacking, online scams, and other information theft.

IT Security Specialist

Salary average: ~55k

IT Security specialists are similar to digital forensic analysts. The primary difference is that IT security specialists work to prevent cybercrimes and forensic analysts work to investigate the instances after they occur. Both jobs work to secure data and prevent threats.

Cryptography Engineer

Salary average: ~40k

Cryptographic Engineers design, implement, test, and validate cryptographic systems and help design and develop complex security systems using cyphers and algorithms to encrypt sensitive data and protect it from hackers, misuse, and cybercrime. This protected information can be anything from personal financial data to military data.

Database Administrator

Salary average: 25k for entry-level to 70k+ for more experience

A database administrator manages and monitors the database. They are responsible for designing, creating, and maintaining the database, including ensuring the protection and security of the data in the database. Database administrators need to understand programming languages, IT infrastructure, and databases.

Penetration Tester

Salary average: 60k-100k

Penetration testers perform penetration tests on digital systems, networks, and applications to learn about the vulnerabilities such systems have in order to better protect them from actual malicious acts. Penetration testers often utilise the same skills as bad actors, like hacking, to better understand where they will attempt to take advantage of networks. On average, penetration testing roles are some of the highest paid in cyber security.

Get into cyber with an apprenticeship

Okay so you're sold, you want to be a cyber security professional, but where do you begin? Great news! You're already halfway there.

One of the best ways to develop cyber security skills and gain practical experience is through a cyber security apprenticeship programme and QA has plenty. Our programmes include the cyber security engineer level 4 and cyber security risk analyst level 4

Our model of learning is a blend of virtual and face-to-face learning sessions. You’ll gain knowledge through a combination of projects and lab work, events, self-research, self-paced learning, and peer-to-peer learning.

Take a cyber security course

From the Women In Cyber Programme, to CyberFirst aimed at helping young people explore their passion for tech, QA deliver more cyber programmes than any other UK provider.

We also offer a wide range of cyber security certifications, helping businesses and individuals to develop their cyber security capabilities. 

About the author: Leah Hanson work as a Content Editor and Publishing Specialist for QA, successfully developing educational content across a variety of subjects, including cyber security.