How (And Why) to Become a Cyber Security Director

Unless you live completely off the grid, you’re probably aware that data/ security represents a major, growing challenge. As the world moves further from paper records to digital databases and consumers discover new and innovative ways to connect, every bit of data becomes more vulnerable to digital criminals.

Confidential employee files, the personal and financial information of customers, even medical records are at risk for hacking. And while big breaches — Equifax, Target, Yahoo — make news, many people don’t realize that, every year, 60 percent of small businesses are hacked. A cyber security breach can devastate a small company — if it doesn’t put it out of business altogether.

So what can companies do to protect their data? It’s no longer enough to employ a single “IT/ guy” to take care of everything. Bad actors are sophisticated and wily, constantly finding new ways to steal data. As such, an entire industry has emerged: the field/ of cyber security.

What is a cyber security director?

A cyber security director manages cyber security for a company or institution. This individual may be the head of security or report to a CISO (Chief/ Information Security Officer).

No matter an employer’s structure, the cyber security director is a leader on the IT team, responsible for developing and maintaining the security protocols that protect networks and databases, managing security personnel, and reporting on the state of the company’s cyber security.

In the event of a security breach, all eyes will be on the cyber security director to direct crisis management, investigate the cause of the breach, and implement solutions.

Steps to becoming a cyber security director

A director is a top-level management position. As such, this job requires considerable education and experience.

Education

The cyber security field is made up of highly trained individuals. The data security of a company is no trivial matter, and failures have far-reaching and often devastating consequences. It’s no wonder employers want only the best in these roles.

To become a cyber security director, you typically need to work your way up from a lower-level IT or cyber security position — most of which require, at minimum, a bachelor’s degree in computer/ science, computer information systems, or a related field. If you intend to go into a particular field as a cyber security director, such as banking/finance or healthcare, undergraduate education in that field can come in handy as well. Cyber security specialists skilled in accounting, for instance, are much harder for companies to find — and thus in even higher demand.

As an undergraduate, look for opportunities to focus your studies not only on technology but also on information security. If your school has a criminal justice department, a digital forensics class would complement your computer/ science major.

Once you’ve earned your bachelor’s degree, you may be prepared to enter the workforce in an IT position right away. But, even if your job isn’t specifically connected to cyber security, the experience of working in IT will serve you well. Take advantage of opportunities as they arise, but keep in mind that you will need to continue your education beyond a bachelor’s degree if you wish to become a cyber security director.

Professional certifications are one way to increase your credentials in this field. In fact, cyber security roles are significantly more likely to require such certifications than are other IT roles. Common cyber security professional certifications include:

• CompTIA Security+ CompTIA claims their Security+ certificate is “the first security certification IT professionals should earn,” and that it establishes foundational knowledge suitable for any cyber security role. Consider this your entry-level introduction to cyber security, and a basic foundational necessity on your path to becoming a director.
• Certified Information System Security Professional (CISSP) The CISSP certification is widely known and respected. The qualifying exam covers access control, cryptography, operations security, and more. From their website: “Earning the CISSP proves you have what it takes to effectively design, implement, and manage a best-in-class cybersecurity program.”

These and other certifications can boost you from being an “IT professional with a bachelor’s degree” to being an “IT professional with a bachelor’s degree and advanced study in cyber security.” This is the first step to transitioning from the entry-level into a role that is more security-focused.

Master’s degrees

If you’re serious about becoming a cyber security director, consider earning a master’s degree. There are many degrees available (both online/ and in traditional classrooms) specific to cyber security, and an advanced degree will cement your transition into a high-level role in this field.

If you’re interested in management and business leadership, you might also consider earning/ an MBA. Some schools offer MBAs with concentrations on cyber security and computer science. If you choose a more traditional tech-centered master’s degree, consider taking some management and business courses to round out your education.

Experience

As with any industry, experience is king in cyber security. Always consider how current job will help you land (and succeed in) the job you want next — particularly if you’re in an entry-level position and looking to move up. What you learn now will set the foundation for assuming a leadership role.

The demand for cyber security professionals is high and will only continue to grow. With your degree(s), certifications, and some entry-level IT work under your belt, you’ll be ready to move into a security-related field — as a cyber security specialist, architect, or engineer, for example.

But in order to reach director-level status, you need to know how to manage people and teams — so it never hurts to look into management training as well.

Many companies sponsor leadership-training courses, but if yours doesn’t you can find a number continuing education classes in management and leadership online. All of this will be essential as you seek advancement into a director role.

What salary does a cyber security director earn?

Cyber security is a high-paying field to begin with, given the education requirements and the skills gap we’re currently seeing in the workforce. Qualified cyber security professionals are in high demand, and can therefore demand competitive salaries.

Cyber security directors can expect to make even more money than those in other roles. PayScale places the average annual base salary of a cyber security director at almost $174,000, and that’s before bonuses and other incentive payments.

Unless you sign on with a tiny startup (with a cyber security staff of one, i.e., you), you likely won’t start out as a cyber security director. That’s OK; there’s plenty of cyber security work lower down the corporate ladder, and most of it pays well. Jump in, learn your craft and build your network, and someday you may be leading a team of cyber security engineers. With a worldwide shortfall of qualified cyber security professionals, there’s no better time to get started.

Questions or feedback? Email editor@noodle.com