One of the hottest and fastest growing fields in the information technology sector is cybersecurity. And not only is there sky-high interest in cybersecurity skills, but there are many different job roles available to cybersecurity professionals. One key area of need is for qualified cybersecurity engineers.
Actual engineers are sometimes upset when IT workers lay claim to the engineer� title, so it's worth asking what it is that cybersecurity engineers actually do. We'll also examine what traits a successful cybersecurity engineer should possess, as well as what types of training and background are helpful, and finally what certifications and work experience should be sought.
Working in cybersecurity
Cybersecurity is the practice of protecting systems, networks, programs, and data from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are literally more digital devices than people, and attackers are becoming more innovative.
You may have heard, for example, about a penetration test — in which a team or individual is paid to expose security vulnerabilities by finding and exploiting then — along these lines: Testers dropped USBs drives containing malicious code all over the grounds of the client company. Employees would pick these USBs up and, out of curiosity, use company computers to check their content. The embedded code would launch, getting testers inside the company network.
Ultimately cybersecurity is about protecting that data and equipment on your network and inside your company from technology-driven attacks. This is the main role of all cybersecurity personnel, with so-called engineers having a slight nuance in their job tasks.
What do cybersecurity engineers do?
Cybersecurity engineers perform a number of varied functions including designing, developing, and deploying secure network solutions to protect against advanced cyberattacks and persistent threats. Engineers turn trusted systems into secure systems, performing assessments (including via penetration testing) and managing security technology and audit/intrusion systems.
As The Wall Street Journal recently reported, demand for skilled security personnel is making it harder for chief information security officers to attract and retain seasoned engineers who can detect and neutralize threats.�
At my current firm, we have a cybersecurity engineer whose works crosses over into a few disciplines. He performs installs of network equipment, but he understands that the point of network equipment is not only to transfer data and connect sites, but to protect against outside intruders.
Another aspect of cybersecurity is the installation of firewalls, the hard perimeter of an internal network. It can be a big bonus when, above and beyond simply installing new software, the individual doing the work understands network security and is focused on that aspect of the equipment used. That's why you want a cybersecurity engineer.
Penetration testing (as in the example described above) is another are where engineers often excel. Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit.
Penetration testing can be automated with software applications or performed manually. Either way, the process involves gathering information about the target before the test, identifying possible entry points, attempting to break in — either virtually or by running an actual hack — and reporting back the findings.
The main objective of penetration testing is to identify security weaknesses. Penetration testing can also be used to test an organization's security policy, its adherence to compliance requirements, its employees' security awareness, and the organization's ability to identify and respond to security incidents.
Creating security policies, incidentally, is the job of a qualified cybersecurity analyst, which is different role, described in a separate article.
What traits will help you succeed?
Typically, engineers in the United States come from Department of Defense backgrounds. They start off as regular engineers, either of the system or network variety, and they make the leap to cybersecurity in search of higher pay or more interesting work (or both).
These are folks capable of devoting a great deal of attention to detail, who notice small nuances in everyday life, who care about the place they are employed and want to help others. Throw out the stereotypes of the antisocial eggheads who are locked in a room and fed Mountain Dew and Twinkies. Engineers have advanced reasoning and deductive abilities — they are like the Sherlock Holmes of computer networking.
Given that many (if not most) cybersecurity engineers have access to sensitive data in the normal course of their job duties, some type of background check or security clearance will almost certainly be required to qualify for an open position. This is particularly true for cybersecurity engineers working for government agencies, but many contractors also require government security clearances, ranging from Top Secret to SCI levels and beyond.
Even if an official security clearance is not mandatory, private sector employers will often perform background checks on applicants, and sometimes require periodic drug testing.
A lot of companies are requiring a four-year degree, and sometimes even an advanced degree on top of that, since engineers often need to understand business as well as they understand security and IT. I tend to agree with this approach.
Certifications and education
For certifications, I would recommend the CISSP and the Cisco CCIE Security most strongly. Also, GIAC offers a large variety of certifications for you to research and obtain. Collect them all, like rogue pokémon, and with a master's degree to boot, your future will be assured.
In terms of the career path taken, you are ultimately looking for a C in your title, right? If you are not, then you have it made and can live your life without politics. For a CISO or CSO (Chief Security Officer), you will need both a diverse professional background in security AND the political finesse generally required of C-suite level positions.
I have a good friend who likes to say, If it's on the Internet, it's capable of being hacked. Given that most companies now have internet assets, it is likely the case, no matter what type of company you work for, that your employer needs a qualified cybersecurity engineer. What will it take to make yourself the person for that job?
Write your goals down, make a list of certifications to get, and reach out to your professional network. Never stop growing. Whether you are simply hoping to land a cybersecurity engineer position, or you have one already and looking to take the next step, you have the ability to make it happen.
As always, I wish you the best of luck, and happy certifying!