Computer security is an important concern for every business, regardless of industry. This makes the computer security specialist a high demand field. Responsible for various aspects of planning and maintaining the security of information technology assets, they may be called upon to educate computer users, implement measures to secure data from internal and external threats, and respond to all manner of cyber attacks.
The entire computer information technology sector is expected to see much higher than average growth in jobs, making this an attractive career path. Compensation tends to be higher than average in these fields, but computer security specialists are generally able to command even higher salaries due to their specialized skills and the importance companies place on their information technology assets.
There are many factors that affect the salary for a computer security specialist. Level of experience, education, and certifications play a large part in determining the salary, but other factors such as location and specific responsibilities will also have an effect.
According to the Bureau of Labor Statistics, the median income in 2008 of those considered to be administrators was $66,310, while for analysts the median salary was $71,100. For administrators, the lowest 10% earned less than $41,000 and the highest 10% was over $104,070. The numbers are close for analysts as well, with the lowest 10% below $41,660 and the highest 10% above $110,920.*
*According to the BLS, http://www.bls.gov/oco/
Training and Education Requirements
There is no specific requirement for education or training to become a computer security specialist. However, graduates with a bachelor degree in computer science or something similar can expect to start at higher salary levels and will generally have far more opportunity for advancement than those with an associate degree, and both will start at a salary that is higher than someone with no degree. Certifications will also affect opportunity and salary as employers will see these as validation of specialized skills.
Continuing education and training are essential to working in computer security. Technology moves at a rapid rate, with new methods to attack being developed as quickly as new defensive measures. It is imperative that those working in this field keep up with these new advances in order to do the job effectively.
Job Description and Outlook
Computer security specialists are typically responsible for planning and implementing security measures. This may include creating and enforcing password policies, monitoring systems for signs of security breaches, and fighting against any cyber attack or other security breach. Often it is the same people who design the security measures who monitor and enforce the security, although in larger organizations there may be separate teams who are responsible for a portion of these responsibilities.
The outlook for those working in computer security and the related computer fields is extremely good for the foreseeable future. Those with highly specialized skills involving current or upcoming technologies, such as web site security or intrusion detection and defense, will be in greater demand and will see faster job growth than the rest of the industry, although the entire industry is expected to continue growing at a rate much faster than average.*
*According to the BLS, http://www.bls.gov/oco/
Almost every specialty within information technology relies heavily on certifications, and computer security is no exception. Many of the certifications available come from product vendors such as Microsoft or Cisco, although there is a strong demand for people who hold vendor-neutral security certifications.
The Microsoft Certified System Engineer (MCSE) and System Administrator (MCSA) each offer a specialization in security. These certifications focus on security specific to Microsoft systems and networks. Cisco offers the CCSP, or Cisco Certified Security Professional certification, which focuses on security through Cisco networking devices, which are among the most popular devices in use today.
CompTIA is one of the most well known certification organizations when it comes to vendor-neutral certifications. They offer the Security+ certification, which is a basic certification indicating a solid understanding of general computer security concepts and practices.
The Certified Information Systems Security Professional (CISSP) and Certified Secure Software Lifecycle Professional (CSSLP) are considered to at a level higher than the Security+, since these require validated experience in the field and the tests are more comprehensive and specialized.
Nearly all of the certifications available for computer security professionals require continuing education, and can also require retesting on a periodic basis to ensure that the certified individual’s skills are still current.
There are a large number of professional associations for computer professionals in general as well as ones specific to computer security specialists. Even within the computer security associations, there are differentiations based upon specialty.
For example, the Anti-Virus Information Exchange Network (AVIEN) is an organization for sharing information to help reduce the impact of malicious code, such as viruses, Trojan Horses and spyware. The High Technology Crime Investigation Association (HTCIA) is for those who have responsibility in investigating and fighting computer crimes.
Some of the more popular security associations include the International Information Systems Security Certification Consortium (ICS2) and the American Society for Industrial Security (ASIS). The Computer Technology Industry Association (CompTIA) is one of the more popular general computer professional associations.