By Jon C. Haass
Of course we all read about the different activities that make the news: another company breached, more personal records exposed by criminals or state actors. Perhaps in your mind you think, ‘The kind of people that worry about this must be sitting in a dark room looking at monitors. I sure don’t want that job!’
In this short article I challenge you to take a deeper look and think again.
The career choices for cybersecurity come in many different categories or flavors. The U.S. government recognized that there is a gap in our understanding and gathered experts from the private and public sectors as well as academia to categorize the different jobs in the field. This helps those seeking work as well as those wanting to hire talent.
The National Initiative for Cybersecurity Education (NICE) created a workforce framework to help organize and describe the various types of work as well as provided information on knowledge, skills and abilities desired.
What surprises many people is that there are jobs asking for a variety of types and levels of education and training. The seven major categories are shown in this graphic taken from one of the Department of Homeland Security (DHS) websites. DHS is the agency in the government responsible for assisting individuals and companies to become more cybersecurity aware and capable.
Investigate is the category that we sometimes see portrayed on television. The person takes the laptop or cellphone found at the scene to discover what happened and who might have been involved. If you are detail-oriented and think being a digital sleuth could be fun, this might be for you. With modern tools you will discover that deleted files are not always really gone and traces of the incident can be found lingering inside the tablet or even in the cloud!
Many of the students coming into our Cyber Intelligence and Security degree programs at Embry-Riddle in the College of Security and Intelligence jump right in. “I want to learn to hack” they say. No wonder. It sounds exciting – and who hasn’t thought about being a superhero at some time in life. This is a skill that can be learned and takes dedication to become a top-notch Ethical Hacker. Another name for this is penetration testing or vulnerability assessment, and it falls into the Protect and Defend category.
Other categories like Oversee and Govern are more about the people side of the business. How do you organize individuals, employees, departments to understand the importance of working together to be safe? This includes creating and implementing plans, training, policies and actually monitoring the success of the efforts. Writing and communication skills are key to this type of role, so don’t think that you can ignore the so-called ‘soft’ skills. As you move through your career you will find the core skills of reading and writing are critical to success.
If you are not sure where you are heading in your career or are considering changing into this exciting and vibrant field you can find more information here on the AZCyberTalent site and also at CyberSeek. Below is an infographic from the site that outlines the many openings right here in Arizona.
According to CyberSeek, in Maricopa County (shown above outlined in black) there are about 5,000 open positions in all of the different main categories and many of the sub flavors. Organizations large and small are seeking talent, some of them are starting to work with apprentice type programs in order to bring new people into the market. The categories of Securely Provision, Operation & Maintain, represent 50% of the openings. Some of these positions don’t require a four-year degree although I always recommend that young people prepare themselves not just for the first job, but the longer career where education truly does open doors. Some of the larger companies will also help pay tuition once you are hired. (Good for you and good for them as they invest in your success.)
One of the very interesting opportunities to learn is at one of the Arizona Cyber Warfare Ranges. Currently there are two of them – one located on the east side of Phoenix in Mesa and the other on the west side in Glendale. More are in the planning stage for the northern and southern parts of the state. You can learn more including an interesting short video here. Visiting a range when an open meeting is occurring allows you to listen in and learn in an engaging group.
Jon C. Haass is Associate Professor and Chair of the Cyber Intelligence and Security Department within the College of Security and Intelligence at Embry-Riddle University in Prescott, Arizona. He also serves on a variety of groups including the Arizona Cyber Threat Response Alliance. His passion is educating the next generation of cyber security professionals to help make the internet a safer place to work and play!
Interested in contributing to the #AZCyberTalent blog?
Send an email with your submission idea(s) to email@example.com