Top 10 trending Cybersecurity career paths 2022!
Hey there! If you have stumbled across this page, it is likely that you are interested in starting a career in Cybersecurity, you also may be feeling a little lost and overwhelmed by all the information and different areas of Cybersecurity you have found. Cybersecurity is, by definition “... the protection of internet-connected systems such as hardware, software, and data from cyberthreats....” (Shea, S., Gillis, A. S., & Clark, C. (2021, August 2) Though this may seem straightforward, it takes lots of moving pieces, and different job types working together to accomplish this goal. I am here to tell you about the top 10 trending career paths in 2022 featured by SANS, one of the leading companies in Cybersecurity and IT education. Let’s get to it!
#1 Threat Hunting
Threat hunting is quickly becoming one of the most sought-after positions in the Cybersecurity space! Threat hunting is an active search done by a person or team to find existing evidence that a system has been compromised. It is the human element in Threat Hunting that makes it so valuable. Going beyond automated antivirus, a Threat Hunter will use their knowledge base and research to investigate endpoints and assess if there has been malicious activity.
Salary- Threat Hunter salary in the United States ranges from $117,000 a year to $164,650 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Bachelor's Degree in Computer Science or related field.
SANS Certifications
Experience with Python, C, C++, Java Ruby and/or PowerShell
Experience with SIEM management.
#2 Red Teamer
Red Teaming, also known as "penetration testing" or "pen testing" Is a person or group of people who act as the "enemy" and attempt to gain access or "penetrate" the hiring organizations system, you may have heard it called "hacking". The Red Teamers will spend time planning their attacks before putting them into action. The results of a penetration test gives a the organization a real life view of their security, posture and vulnerabilities giving them the opportunity to correct them before an attacker can take advantage.
Salary- Red Team salary in the United States ranges from $48,00 a year to $107,400 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Bachelor's Degree in Computer Science related field or equivalent (4+) in years of experience.
SANS Certifications
Experience in Cloud environments (AWS, GCP, Azure)
Experience with Python, C, C++, Java Ruby and/or PowerShell
Experience with CTF (Capture The Flag) competitions or educational platforms. Such as Hack The Box
#3 Digital Forensics Analyst
A Digital Forensics Analyst seeks to find the digital fingerprint that will reveal the truth by investigating different forms of media. A Forensics Analyst may be called upon to collect evidence from a smart phone, cloud environment, network, or a plethora of other platforms, making it important for them to be well versed in the subject. Analyzing data for investigation is not always an easy task, as they may be called to uncover the truth of an unsettling case. Analyze | Document | Present
Salary- Digital Forensics Analyst salary in the United States ranges from $90,000 a year to $124,250 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Bachelor's Degree in related field or practical experience.
SANS Certifications
Experience with SIEM (Splunk)
Communication skills written and verbal.
#4 Purple Teamer
Purple teaming is a fairly new, and advanced position. Purple teamers are often in a management position as they understand in depth both Red Team and Blue Team functions to create strategic plans for the organization. "Purple Team" can also be used when combining Red Teamers and Blue Teamers into a common task force, but for the purpose of this post, I'll be covering Purple Teamer as though it is a single position.
Salary- Purple Teamer salary in the United States ranges from $140,000 a year to $234,000 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Masters or PHD in relevant field of study
5-10+ years of relevant experience.
SANS Certifications
Experience with dynamic testing tools
Experience with Python, C, C++, Java Ruby and/or PowerShell
#5 Malware Analyst
A Malware Analyst works to examine, identify and understand the nature of malware (viruses, worms, bots, rootkits, etc.) It is important to understand the tools that your attackers are using. The analyst will determine things like, what kind of malware was it? What did it do? How can it be prevented in the future? Malware is constantly evolving and changing, so it is important a Malware Analyst stay vigilant in their work and research.
Salary- A Malware Analyst salary in the United States ranges from $112,501 a year to $195,750 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Bachelor's Degree in related field or practical experience.
SANS Certifications
Intermediate to advance experience with malware code written in C, C++, VisualBasic, Java, and Delphi
Experience with a variety of operating systems (Windows, Linux, mobile platforms etc.)
#6 CISO/ISO (Director of Security)
The CISO works along side high level management departments to determine how to effectively maintain a companies security posture. A CISO will have great communication, leadership, and organizational skills as well as education and understanding of the specific needs of the business.
Salary- A CISO/ISO salary in the United States ranges from $123,071 a year to $206,750 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Bachelors or Masters in related field
SANS Certifications
Each job post had a number of certifications that were more specific to that field (medical, digital, education, etc.) In every listing CISSP and/or SANS could be found as reference for preferred qualifications.
#7 Blue Teamer
The Blue Teamer is a versatile title. Blue Teamers are known as the "all around defenders" and work to harden a companies digital infrastructure, analyze activity, and create plans of improvement based on their findings. They may also be responsible for educating other employees on proper personal cybersecurity measures and how to implement them.
Salary- A Blue Teamer salary in the United States ranges from $29,250 a year to $112,346 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Analysis Experience.
Experience with SIEM
Understanding of Cybersecurity and vulnerability ranking.
SANS Certificates
#8 Security Architect & Engineer
A Security Architect and Engineer is an advanced Blue Teamer who understands the ins and outs of the infrastructure and are able to secure every layer as needed. They may also need to be aware of company objective and budget to properly build out the right environment to meet business needs.
Salary- A Security Architect & Engineer salary in the United States ranges from $124,541 a year to $187,774 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Bachelor’s degree in a Science, Technology, Engineering, Math, Cybersecurity
SANS Certifications
Most wanted an active Secret clearance with TS eligibility.
Programming experience in Python/C/C++
Linux/Windows/other development environments
Kubernetes/Docker/other containerization environments
#9 Incident Response Team Member
An Incident Response Team Member will have a structured set of steps to take in the event of an incident. Each company will likely have different steps in place but the over all goal is the same, to identify the event, control the event, and correct the event, If the Incident Response Team Member is unable to rectify the issues, they will escalate the event through the proper channels
Salary- An Incident Response Team Member salary in the United States ranges from $85, 270 a year to $160,000 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Experience with log analysis
Experience with a SIEM (Splunk)
Communication Skills
Understanding of Computer Security Incident Response Team
Cloud environment exposure
Active Directory exposure
CISSP and Bachelors Degree were noted often as "nice to haves", but not required
#10 Cybersecurity Analyst/Engineer
A Cybersecurity Engineer will identify vulnerabilities and threats in systems then develop and implement plans to protect the organizations interests. This position requires the employee to be vigilant and well educated in Cybersecurity and the specific needs of their organization. The Cybersecurity Analyst/Engineer would likely work closely with the CISO.
Salary- A Cybersecurity Analyst/Engineer salary in the United States ranges from $107,250 a year to $174,932 a year depending on experience. (Talent.com. n.d) You can see a more detailed breakdown by state here.
Certifications & Education - This will greatly depend on the employer, information was created from most commonly seen requirements on LinkedIn
Bachelor's Degree in related field or practical experience
5 or more years of IT experience
Active Secret or TS security clearance
Experience with SIEM management (Splunk)
Knowledge of Linux, Windows, and virtual platforms
SANS Certifications
That's a wrap! Top 10 trending Cybersecurity careers in 2022! So now what? I've listed some takeaway notes and resources to get you started!
TOP TAKEAWAYS
If you are someone interested in getting into, or shifting to a new Cybersecurity career, it's important to focus in an area that interests you, as trying to be expertly qualified for all of them would be quite the hard pill to swallow starting out. If you know this is the field for you and want to make progress, but just aren't quite sure where to land yet, I highly recommend getting a few certifications. The certifications I saw the most in all of the job requirements were CISSP , CEH and SANS Certifications and would be a great place to start.
Some of my favorite getting started resources!
If you are interested in Threat Hunting, I highly recommend Let's Defend. From experience I can tell you this is a really cool, interactive and user friendly platform to get into!
For Red Teaming or Pen Testing, check out Hack The Box. They provide educational resources and also feature capture the flag events to help you learn and ramp up your skills in a safe environment.
Want to get into The Cloud environments? Check out A Cloud Guru! Ive been advancing my cloud knowledge and this platform has all of the information you need to become cloud savvy.
I know that SIEM was mentioned a ton of times in this post, if you aren't familiar with the SIEM or would just like to learn more, check out Splunk, arguably THE industry leader in SIEM functionality and user interface. They offer training programs on their platform to get you rolling!
JOIN MY LINKEDIN FAMILY!!!
Sources
A day in the life: Digital Forensics Analyst. CyberStart. (n.d.). Retrieved June 26, 2022, from https://cyberstart.com/blog/a-day-in-the-life-digital-forensics-analyst/
Contributor, T. T. (2021, April 21). What is red teaming? WhatIs.com. Retrieved June 26, 2022, from https://www.techtarget.com/whatis/definition/red-teaming
Firch, J., Firch, J., Swanagan, R. by M., & Swanagan, M. (2022, June 21). What is a red team vs a blue team in cyber security? PurpleSec. Retrieved June 26, 2022, from https://purplesec.us/red-team-vs-blue-team-cyber-security/
Green, A., By, & Harrington, D. (n.d.). 24 essential penetration testing tools in 2020 . Varonis. Retrieved June 26, 2022, from https://www.varonis.com/blog/penetration-testing-tools
Moore, M., & Bio, R. F. (2022, March 14). How to become a malware analyst [+ career & salary guide]. University of San Diego Online Degrees. Retrieved June 26, 2022, from https://onlinedegrees.sandiego.edu/malware-analyst-career-guide/
Shea, S., Gillis, A. S., & Clark, C. (2021, August 2). What is cybersecurity? everything you need to know. SearchSecurity. Retrieved June 26, 2022, from https://www.techtarget.com/searchsecurity/definition/cybersecurity
Talent.com. (n.d.). Retrieved June 26, 2022, from https://www.talent.com/
What is a Ciso? everything you need to know about the chief information security officer role. ZDNet. (n.d.). Retrieved June 26, 2022, from https://www.zdnet.com/article/what-is-a-ciso-everything-you-need-to-know-about-the-chief-information-security-officer/
Comments