5 Most In-Demand Security Skills
Cybersecurity, Data and Application Security Top Job ListingsThe number of IT security job postings listed on Dice.com has escalated significantly compared to a year ago, based on the job board's annual comparative analysis. The biggest increase is for cybersecurity specialists, whose listings have grown by 60 percent.
See Also: A Case Study in API Security for AppSec Developers
"Every year the number of threats and the sophistication of those threats escalate," says Alice Hill, managing director at Dice.com. "It's a battle that will only continue to increase, making cybersecurity positions a priority within organizations."
Dice defines the broad term of "cybersecurity professionals" as those responsible for building and maintaining a secure computing environment. These individuals collaborate with business leaders to define use cases, risk profiles and determine the appropriate access to information for employees and customers. The cybersecurity job category on Dice includes only those job posts that carry the keyword "cybersecurity." The job board does not specifically track any particular skill or role that may fit into this job category.
Dice also finds companies seeking hundreds of candidates with network, data and application security skills.
Most in-Demand IT Security Skills
The most in-demand IT security skills, according to Dice, are:
- Cybersecurity: Plagued by cyber criminals and attackers, organizations seek experts who can operate and collect meaningful cybersecurity information that could be used to develop intelligence to protect and defend systems. These experts are in high demand because they specialize in cyber operations, which include identifying, analyzing and mitigating threats.
Also, complex networks, growing use of mobile devices and virtualized environments are all pushing demand for cybersecurity professionals to adequately protect data, which extends outside the perimeter of their systems.
"The mobile revolution throws more complexity into the mix," Hill says. IT departments within companies must now support home office connections and an array of mobile devices, including consumer-electronics such as the iPad that all can get online and potentially breach corporate security.
"The risk to secure data and systems is multifold as various access points move data closer to customers and employees," she adds.
The need for cybersecurity specialists spans all industries, from financial services, retail to government and academia. Major demand for cybersecurity-related positions is led by defense contractors, technology firms and universities that are recruiting hands-on faculty for their information assurance programs from within the security community.
The average salary for cybersecurity jobs is $58,000.
- Data Security: These job postings have increased on Dice by 35 percent since 2011. Technological advancements in smart phones, mobile apps and transition to cloud environments push the demand for practitioners who can effectively secure data and storage capabilities for organizations.
"Data is getting out time and time again," Hill says. Organizations continue to push data closer to the user, who wants easy access to data. "But it's hard to have data be both easy and secure."
In addition, emerging laws on privacy, e-discovery and data security create an urgent need for professionals who can bridge the gap between the legal and the IT department.
Healthcare, financial services, technology firms, consulting companies and government are all extensively hiring data security professionals to adequately defend their databases from threats such as unauthorized users and breaches. Also, professionals who possess knowledge of privacy and data protection policies globally are preferred by hiring managers.
The average salary for data security jobs is $54,000.
- Application Security: This category represents one of the largest year-over-year growth increases in job postings, with a 31 percent hike since 2011. The main reason driving demand for this job category is the complexity of applications and explosive growth in the mobile device market.
Applications today tend to be larger in size and organizations expect more from them in terms of accessing data, processing transactions and even storing credit information and other sensitive data.
"Application security is a big hole, in part, because every developer is an artist that paints with different colors," Hill says. "And more complex development work equals more demand for app security professionals."
Also, many firms are investing in innovative technologies to improve security, efficiency and their market competitiveness. As a result, employers are hiring secure application developers who can develop new products and bake security into the early parts of the product development process.
The demand for app security is "everywhere," Hill says. Organizations across industries are hiring qualified app developers who have the know-how to code securely and exploit common flaws such as cross-site scripting and SQL injection.
The average salary for application security jobs is $85,000.
- Security Analyst: This continues to be among the top skills in demand with an increase in job postings on Dice by 25 percent since 2011. With the proliferation of networks and more skilled hackers, security problems have intensified. These factors push the demand for security analysts who take effective security measures to protect information and are responsible for data analysis and monitoring security systems.
These experts often wear multiple hats within an organization and are involved with operational, response and technical issues. Demand is high with federal government, defense contractors and healthcare organizations.
Dice reports a flat average salary of $78,396 for security analyst positions.
- Network Security: These job postings on Dice have increased by 13 percent since last year. The increased demand for IT networking professionals is fueled by an uptick in virtualization and cloud computing initiatives. Hiring managers seek candidates with skills and experience in VMware and Citrix to plan, deploy and manage their company's virtualization strategy.
Technology firms, consulting companies, government, retail and healthcare all are seeking qualified network security practitioners who can understand and secure the infrastructure of the future.
According to Dice, the average salary for network security-related positions have gone up by 5 percent since 2011, amounting to $76,384.
"Companies are very much building out teams from analysts to architects," Hill says. "In terms of recruitment activity, security appears to be most frequently sought, but talent is hard to find."
Editor's Note: Salaries cited in the story come from Dice, as well as salary tracking websites SimplyHired.com and Glassdoor.com.