The 11 Best Careers in Cyber Security [And the Degrees Required to Land Them]
October 07, 2022
Only you can decide what's the best cyber security career for you. We've picked out 11 cyber security jobs that might well make your list. Each offers compelling challenges, advancement opportunities, and excellent compensation.
The migration of an ever-increasing amount of commerce and other activity to online brings with it unprecedented convenience and efficiency. Unfortunately, these advances are not without their dangers. The online environment is rife with bad actors looking to access information for profit and/or mischief. 2020 saw destrutive cyber attacks launched against:
- Magellan Healthcare
- State and local governments
- The US government (by Russia)
- The World Health Organization
And that's jut the tip of the iceberg. Innumerable other attacks occurred, including many that were never reported. Online is not exactly the Wild West, but there are definitely too many cyber-miscreants for comfort.
The computing world takes on these wrongdoers through cyber security measures. Think of cyber security professionals as the internet's police—albeit police who typically hold advanced degrees and have an extraordinary familiarity with hacking practices. It's a field with lots of opportunities: according to the Center for Strategic and International Studies, the global job market could have a shortfall of 1.8 million qualified professionals for available cyber security jobs. One of those could be yours.
In this article, we discuss how to become a cyber security professional and the 11 best careers in cyber security. It addresses:
- What is cyber security?
- What is a master's in cyber security?
- The 11 best careers in cyber security
- Top cyber security master's programs
- Top online cyber security master's programs
What is cyber security?
The term cyber security describes all measures taken to defend computer networks from malicious attacks, typically launched online. Hackers and other intruders may seek to access a computer network to access users' identification information, financial information, and corporate and proprietary confidential information. Or they may seek to inflict harm by introducing a virus, Trojan horse, malware, or worm to infect and perhaps disable a computer system. Cyber security professionals police computer networks to prevent such malicious activity.
The tools of cyber security include:
- Antivirus software
- Constant monitoring and testing
- Internal security protocols (passwords, 2-step authentication)
- Security best practices
- Software patches and updates
What is a master's in cyber security?
A master's degree in cyber security is an advanced degree for computing professionals who specialize—or want to specialize—in computer security (or, more precisely, online security). Some programs offer a Master of Science in Cyber Security; others offer similar degrees under different names, such as:
- Master of Public Administration with a cyber security concentration
- Master of Science in Applied Information Technology with a cyber security concentration
- Master of Science in Computer Engineering with a cyber security concentration
- Master of Science in Computer Information Systems & Cyber Security
- Master of Science in Computer Science with a cyber security concentration
- Master of Science in Cyber Security
- Master of Science in Cyber Security Engineering
- Master of Science in Cyber Security Management
- Master of Science in Information Systems and Security Management
- Master of Science in Security Informatics
- Master of Science in Technology, Cyber Security and Policy
- MBA with a cyber security concentration
Programs' admissions requirements vary. Some only consider candidates with professional cyber security experience. Others may insist that applicants have a bachelor's degree in cyber security or a related field. Some require nothing more than an interest in cyber security and an aptitude for computer programming.
Cyber security curriculum
Curricula vary among cyber security master's programs, so it makes sense to study carefully the curriculum of each program you consider to ensure that the program aligns with your career goals. Programs typically include coursework in most of the following areas:
- Advanced networking and protocols
- Algorithm analysis
- Application security
- Cyber security architecture
- Digital forensics
- E-commerce security
- High-level networking concepts
- Information security strategy and policy
- Intrusion detection
- Recovery planning
- Security code development
- Security governance and compliance
Students in the University of Tulsa's online cyber security master's program complete the following courses:
- Defensive Cyber Security Technologies
- Foundations of Cyber Security
- Information Systems Assurance
- System Security and Cryptography
- Security Audit and Penetration Testing
- Cyber Security Law and Policy
- Network Security Concepts and Applications
- Secure System Administration
- Hardware Security
- Organizational Cyber Security
The 11 best careers in cyber security
You'll do essential work and likely earn a good living as a cyber security professional. We've listed 11 of the best opportunities available in the cyber security field.
Bug bounty hunter
"Bug bounty hunter" is indisputably the coolest job title in the cyber security world. It's also elegantly descriptive: in this role you do, indeed, hunt for bugs in computer systems. When you find them, companies and other institutions may pay you a bounty in return for identifying their security vulnerability.
White-hat programs post the bounties; then it's off to the races for bug bounty hunters to be the first to report system weaknesses. A number of big companies, including Apple, Oracle, PayPal, and LinkedIn have bought in. Facebook had paid out more than $7 million in such bounties through 2018, including individual bounties as high as $50,000.
You don't need an advanced degree to do this work, obviously, although you do need highly advanced hacking skills. Like all bounty hunters, you'll only get paid if you bring in your quarry, so this isn't the most reliable paycheck out there. Still, if you enjoy working on your own and want to hack without risking prison time, this isn't a bad way to make a living.
Chief information security officer
Chief information security officer (CISO) is a c-suite job, with responsibilities and compensation to match. This is a relatively new executive position necessitated by businesses' and institutions' ever-increasing reliance on online processes. With practically all critical information digitized—much of it stored in the cloud—information security protocols must be a persistent top priority for any institution.
The CISO oversees all operations that predict, identify, and protect against security breaches. Their responsibilities include:
- Predicting and analyzing potential threats, both immanent and long-term
- Policing internal and external cybercrime
- Monitoring for security breaches and investigating those that occur
- Stress-testing security apparatuses and addressing discovered failures
- Appraising the executive board of any potential threats
- Overseeing security architecture planning
- Managing the information security budget
- Ensuring compliance with all legal and regulatory requirements
CISO is a top-level position in information security, requiring many years of experience peppered with impressive accomplishments. Most cyber security professionals will never serve in this role, and some who do wish they hadn't—the responsibilities and constant barrage of critical threats make this job extremely stressful. If you reach this pinnacle, you'll likely be very well compensated: according to ZipRecruiter, CISOs earn an average salary of nearly $160,000, plus bonuses and other incentive-based compensation. Salary.com sets the median salary even higher, at $222,499, with another nearly $50,000 in incentives.
You don't need a PhD in cyber security or computer science to hold this job—some CISOs reach this position without even a master's degree, in fact. They're the exceptions, however; most CISOs have an advanced degree in a computer- or cyber security-related field.
Computer and information systems (CIS) manager
Computer and information systems managers lead the IT department. To fulfill this role and manage this team effectively, a CIS manager must be a master of:
- Antivirus protocols
- Database and workstation troubleshooting
- Encryption processes
- Information security measures
- Network management
Additionally, CIS managers help formulate, and then implement and enforce, a company's computing and networking security policies, procedures, and systems. When an organization launches major system upgrades or performs large-scale system maintenance, the CIS manager oversees them.
A CIS manager needs both computing and soft skills because they must serve as both technical experts and personnel managers. Eliciting maximum performance from the IT team is every bit as critical for a CIS manager as properly installing an operating system or optimizing system memory usage.
While cyber security is not a CIS manager's sole responsibility, it is certainly one of their most critical domains. A CIS manager may hold a master's in cyber security, computer science, information systems, or even business administration (MBA, with a concentration in information systems). According to the United States Bureau of Labor Statistics, CIS managers earn $146,360 per year on average.
Cyber security architect
Computer and network security infrastructures don't just happen, nor do they spring fully formed out of the box. Every institution has unique cyber security needs and challenges. A cyber security architect studies those needs and challenges, then designs, tests, builds, installs, and maintains the appropriate security system.
Because security systems must be tailored to a company's or organization's needs, a cyber security architect must understand up-to-the-minute security protocols and the diverse functions of the business they serve. A good cyber security architect approaches the security systems they build like an expert hacker, endlessly testing for vulnerabilities to exploit so they can patch the system.
A master's in cyber security is the preferred degree for cyber security architects. Some employers may prefer to hand this role to a PhD. PayScale sets the average cyber security architect salary at $124,455 per year, with incentives adding another $6,000 to $60,000.
Cyber security consultant
If you are looking for a career that affords greater flexibility in terms of hours and assignment options, becoming a cyber security consultant may be the job for you. Cyber security consultants—sometimes called cyber security analysts—typically work as contract employees, meaning they choose when they work and for whom.
Companies and institutions hire cyber security consultants to test their security systems for weaknesses. A consultant may be asked to launch a cyber attack on a system, defend the system against hacks, or both. This cyber security position can take on an almost game-like aspect; every day, you'll do battle on a new battlefield. For those who crave variety, it's a good fit.
Know, however, that contract work can be challenging. It requires some degree of salesmanship—you have to find and bid for jobs, then convince employers that you're the best choice. You may be able to offload that work to an agency, but you'll forfeit a good measure of your independence in the process. You can do this job with just a bachelor's and some boot camps, but you'll be competing against a lot of folks with master's degrees, whom many employers will favor. Cyber security consultants earn over $115,000 per year, according to ZipRecruiter.
Cyber security director
The bigger the company or institution, the larger the team devoted exclusively to maintaining cyber security. When teams grow large enough, they need a leader. Enter the cyber security director. If the idea of overseeing big picture planning and managing cyber security technicians appeals to you, this may be the job for you.
Most employers expect candidates for cyber security directorships to hold a master's degree in cyber security or a related field. You may be able to win this role with a bachelor's, additional specialized training, and an impressive professional record. Cyber security managers earn $133,250 annually on average, according to salary.com.
Cyber security research scientist
Many cyber security professionals devote their time to understanding, and protecting against, current and emerging computer security threats. However, some look farther afield, exploring what sort of threats may be possible in the future or pushing theory forward to create new opportunities for cyber security and cyber espionage. These are cyber security research scientists, and they typically hold a PhD in cyber security or a related field.
Because of the advanced nature of their work, you are likely to find cyber security research scientists at work for high-security government organizations such as the National Security Agency (CIA), the Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Security Agency (CISA). Banks and other large financial institutions also like to have these experts around, as do large online retailers. According to salary.com, cyber security researchers typically earn between $121,407 and $148,690 annually.
Cyber security professor
Academic jobs are notoriously difficult to come by, but for those who make the grade, the rewards are great. Teaching cyber security at the university level typically pays quite well. Our survey of state universities (many of which must publish faculty salaries because they are public institutions) found that assistant professors in this field can earn between $100,000 and $200,000 annually. Full professors earn between $200,000 and $300,000 per year. In many instances, these professors can generate additional income as consultants to private companies, government agencies, and other institutions. If you enjoy teaching and love campus life, there are few better ways to put your cyber security PhD to good use.
Information security analyst
The computing security universe has its intersecting subdivisions. True aficionados can discourse at length between the distinctions among cyber security, network security, and information security. In practice, the dividing lines blur regularly. Cyber security experts can find a home in any of these three disciplines.
For the record, the term "cyber security" refers specifically to online security threats. "Network security" expands the playing field to include security threats from within a computer network; that disgruntled employee in the corner cubicle, for example. "Information security" is the broadest of the three categories: it even encompasses print materials, which people used before there were computers (many old people still prefer them!).
According to the US Bureau of Labor Statistics, information security analysts monitor networks for security gaps, oversee security software, conduct penetration tests, and recommend system enhancements. It's a job you can get with a bachelor's degree, it pays on average nearly $100,000 annually, and it provides an excellent stepping stone to higher-level cyber security opportunities. This is an excellent entry-level job from which to start your cyber security career.
Information technology (IT) director is an executive-level role; in many organizations, it ranks just below vice-president level. An IT director oversees the design, implementation, and maintenance of all technological components in a computer system: hardware, software, databases, routers, basically anything you plug in or upload. An IT director also manages the IT team, a responsibility that requires strong interpersonal skills.
IT security is an essential concern with any computer system, so a cyber security degree will qualify you for this role, as will a degree in computer science, information technology, or information systems. An MBA with a computing concentration should also earn you a look when applying for this job. According to Glassdoor , an IT director earns an average salary of $129,335.
Penetration testers are ethical hackers, cyber security professionals paid to attack computer systems. Penetration testing is pretty much the same work that bug bounty hunters do but under more conventional conditions. Penetration testers typically work under contract as consultants, although some large companies and government agencies hire full-time penetration testers.
An effective penetration tester can get inside the mindset of a criminal hacker. They need a highly developed coding skill set, a deep knowledge of computer security protocols, excellent problem-solving skills, and proficiency in communication to inform clients of their findings. According to PayScale, the average pen tester earns $85,478 per year.
Security software engineer
Creating any software package is a mammoth endeavor,typically requiring a substantial team of programmers. Everyone on the team contributes their specialized talents. The team member responsible for ensuring the final product is not susceptible to cyber attacks in the security software engineer, sometimes called a secure software developer. ZipRecruiter reports an average salary of $142,153 for professionals in this role.
Top cyber security master's programs
You'll find excellent master's in cyber security programs at:
- Boston University
- George Mason University
- Georgia Institute of Technology (Main Campus)
- Johns Hopkins University
- New York University (NYU)
- Purdue University (Main Campus)
- Rochester Institute of Technology
- Texas A & M University - College Station
- University-of-California - Berkeley
- University of Illinois at Urbana - Champaign
- University of Maryland - College Park
- University of Washington - Seattle Campus
- Virginia Polytechnic Institute and State University
Top online cyber security master's programs
Top online master's in cyber security programs include:
- Drexel University
- Johns Hopkins University
- New York University
- Pennsylvania State University - World Campus
- Syracuse University
- University of Arizona
- University of California - Berkeley
- University of San Diego
- University of Tulsa
Questions or feedback? Email firstname.lastname@example.org