Updated December 2023
Most people already know there is a global shortage of qualified cybersecurity professionals. We know this because every month brings new reports of massive cyber attacks at companies big and small.
If powerful organizations like Microsoft, NASA, and Adobe can’t stay ahead of the hackers, we must be in serious trouble!
The problem is lack of talent. Many IT security jobs sit vacant because employers can’t find candidates with the right skillset. Cyber threats are evolving so quickly, we simply aren’t producing enough experts to keep up with demand.
This begs the question: what kinds of cybersecurity jobs are out there? What career paths can you pursue if you’re just starting out?
In this post, we’re looking at some typical entry-level to mid-career job options. Compare job titles, responsibilities, and salaries for each role. Get a good overview of the industry and get your cybersecurity career started.
Cybersecurity Career #1: Network Administrator
Network administrators install, configure, maintain, and protect computer networks. The word “cybersecurity” isn’t in the job title—but guarding against hackers is definitely part of the job.
Network administrators are expected to understand IT security procedures and technologies, so they can prevent unauthorized network access.
They monitor day-to-day operations, perform updates, troubleshoot problems, and watch out for security issues.
Typical responsibilities for this role include:
☑️ Installing and updating computer hardware, networking software, operating system software, and software applications
☑️ Monitoring the performance of computer systems and networks
☑️ Performing data backups and disaster recovery operations
☑️ Installing network security technologies, such as firewalls, anti-virus software, access controls, and email and mobile device security
☑️ Training users on basic cybersecurity principles
How do you get started?
With a diploma in computer networking, you can become a junior network administrator or network technician. These roles will give you a good overview of security. From there, you can move into other cybersecurity jobs (like network security analyst).
Average salary: $66K (Source: Government of Canada Job Bank)
Cybersecurity Career #2: Ethical Hacker or Penetration Tester
Ethical hackers play the role of cyber-criminals. They hack into their company's computers, networks, and systems on purpose to help their employer identify (and fix) weak points.
Ethical hackers (and penetration testers) try to bypass existing defences to access sensitive systems and information.
By simulating malicious attacks, they help the IT team seal up cracks and develop stronger cybersecurity measures.
Key responsibilities for this role include:
☑️ Evaluating and rating existing security systems
☑️ Performing network, web, and mobile application penetration testing
☑️ Demonstrating different types of cyber attacks
☑️ Documenting and reporting security flaws
☑️ Suggesting improvements to better prepare for cyber attacks
How do you get started?
You can start as a junior penetration tester and move up into an ethical hacker position after gaining a few years of experience.
The Certified Ethical Hacker (CEH) certification is required for some positions.
Average salary: $90K (Source: PayScale)
Cybersecurity Career #3: Security Analyst
A security analyst performs data analysis and threat research to help companies develop effective cyber-defence strategies.
They work with the IT security team, often reporting to a cybersecurity manager or other leadership role.
The security analyst combs through reports from firewalls, end-point protection systems, and cloud service providers to identify risks and make recommendations. They may also analyze gaps in administrative procedures or protocols that could leave the company open to attack.
Typical responsibilities for this role include:
☑️ Generating and analyzing reports on cybersecurity technologies
☑️ Conducting research on cyber threats and attack types
☑️ Monitoring company compliance with cybersecurity procedures and protocols
☑️ Providing security recommendations
☑️ Proactively searching for threats and vulnerabilities within infrastructure, network, and application environments
☑️ Reviewing and analyzing security, network, and system events, log files, alerts, and reports
☑️ Maintaining IT security documentation
☑️ Analyzing trends and reporting repeat problems to management
How do you get started?
You can begin as a junior cybersecurity analyst and work your way up into senior analyst roles. This is a typical entry-level job for recent IT security graduates.
Average salary: $71K (Source: PayScale)
Cybersecurity Career #4: Cybersecurity Specialist/manager
Cybersecurity specialists/managers play a leadership role in IT security.
They protect information systems from cyber risks, threats, and vulnerabilities. They screen for potential risks in hardware, software, networks, and data centres. And they develop protection strategies against intruders.
Cybersecurity specialists are expected to keep security systems up to date and develop new defensive techniques against evolving threats.
They may manage other cybersecurity team members, such as analysts and penetration testers.
Key responsibilities for this role include:
☑️ Auditing systems and software to identify risks
☑️ Recommending the best technologies to protect against threats
☑️ Defining security requirements for servers, workstations, networks, and mobile devices
☑️ Configuring anti-virus systems and firewalls
☑️ Upgrading and maintaining security controls
☑️ Quickly identifying external intrusions, attacks, and hacks
☑️ Developing disaster recovery protocols in case of an attack
☑️ Documenting and reporting security issues
☑️ Educating users and providing training on cybersecurity best practices
How do you get started?
Some cybersecurity specialist positions require several years of experience in IT security. The same goes for cybersecurity manager and cybersecurity consultant roles.
If you're aiming for this job, you could begin as a network administrator, security analyst, or junior penetration tester. From there, you can start moving up into specialist or manager roles.
Average Salary: $91K (Source: Government of Canada Job Bank)
Where do cybersecurity professionals work?
Everywhere. Any organization that uses computer networks and systems needs cybersecurity professionals to protect those assets.
This spans a wide variety of employers, in both the private and public sector.
Cybersecurity experts work in many industries, including:
☑️ Finance and banking
☑️ Health care
☑️ Government
☑️ Education
☑️ Law enforcement
☑️ Energy and utilities
☑️ Communications
Getting started with Cybersecurity Training
Some cybersecurity employers want candidates with degrees. However, many job postings say a cybersecurity diploma is also acceptable, especially when combined with certifications and work experience.
Demand in this field is very strong. This means companies are willing to hire talented cybersecurity professionals without degrees, provided they have the right skills and some relevant work experience.
Tip: Choose a cybersecurity training program that includes an internship. The Canadian government's cyber security career guide says on-the-job training is key to landing your first position: “Gain as much hands-on experience as possible. A co-op position or internship will help you get a sense of IT procedures and real-world business operations.”
Want to get to work quickly?
Explore the 12-month online cybersecurity diploma from Herzing College. It includes a five-week internship and over 900 hours of hands-on IT security training and labs.
Click below to explore training, careers, and more industry information. You can chat live with admissions or request information by email. We're here to help!
