How Do I Become a Cybersecurity Engineer?

Find schools

*sponsored

A cybersecurity engineer performs various functions such as designing security solutions, implementing these solutions to prevent cyber attacks, and defend systems against threats and hacking. Cybersecurity engineers may also be referred to as data security engineers, web security engineers, IT security engineers, or application security engineers. All these titles have the same function within any organization.

As computer information systems become more sophisticated, so do the skills of people who attempt to undermine them. Significant hacks and data breaches are increasingly common, leaving individuals and businesses alike vulnerable to major privacy or financial woes. Cybersecurity engineers develop the skills and programs needed to counter such attacks. The only problem is that there are not nearly enough of them. Today’s world is significantly dependent on mobiles and the internet to accomplish everyday tasks. Thus the issue of security has become more urgent than ever. As a result, the demand for cybersecurity engineers has been increasing at a very fast pace.

According to a 2019 survey from the Information Systems Auditing and Control Association (ISACA), 62 percent of organizations reported that their cybersecurity teams are understaffed, with 57 percent stating that they had at least on unfilled position. Also, 78 percent of the organizations surveyed stated that they expected the demand for these professionals to rise in the coming 12 months.

Qualified cybersecurity engineers are difficult to find. The shortage is so significant that Forbes once named cybersecurity the “fastest-growing job with a huge skills gap.” According to the ISACA report, 70 percent of information security organizations said that candidates with strong technical skills are in high demand, yet short supply.

“Even though enterprises have more budget than ever to hire, the available workforce lacks the skills organizations critically need,” said ISACA CEO Matt Loeb. “Practitioners who acquire and demonstrate hands-on technical cybersecurity skills will find themselves in significant demand.”

The BLS (May 2019) reports that information security analysts earned a median annual wage of $99,730, with the highest 10 percent of earners exceeding $158,860 annually. What’s more, demand for information security analysts is predicted to grow 32 percent between 2018 and 2028, which is much higher than the 5 percent national average for all occupations.

According to the BLS, the growing scale and incidence of cyber-attacks fuel the need for qualified cybersecurity specialists across the board, with the financial and healthcare industries in most need of cybersecurity experts.

How does one take advantage of such demand? Below is a step-by-step guide to becoming a cybersecurity engineer.

FEATURED ONLINE CYBERSECURITY PROGRAMS

Southern New Hampshire University
  • Online BS - Cybersecurity
Maryville University
  • Online Bachelor's in Cyber Security
  • Online Master's in Cyber Security
Norwich University
  • Online MS - Cybersecurity
Harvard's VPAL
  • Cybersecurity Online Short Course

Step 1: Research the Field

Computer technology moves fast, so the IT workforce must be dynamic enough to keep up. The field is notably varied, including many different professions, such as computer research scientists, systems managers, software developers, support specialists.

Cybersecurity engineers—labeled as information security analysts by the United States Bureau of Labor Statistics (BLS)—tend to have many of the same networking and computer systems skills as other IT professionals, but are highly specialized in using them with a mind for security. Anyone considering a career in cybersecurity is encouraged to research the job carefully before committing to the field.

Typical Duties of Cybersecurity Engineers

The breadth and scope of a cybersecurity engineer’s duties vary by industry and organization, but the following are among the most common:

  • Selecting and installing cybersecurity software
  • Evaluating an organization’s security needs and establishing best practices accordingly
  • Cybersecurity engineers design, implement, maintain, oversee, and upgrade all security measures that are needed for protecting an organizations’ systems, networks, and data
  • Monitoring networks for security breaches
  • Conducting penetration tests to identify potential vulnerabilities
  • Reporting the incidence, nature, and extent of security breaches
  • Developing and implementing a plan of action for responding to such breaches
  • Developing security standards and best practices to be followed on an organizational level
  • Keeping up to date on the latest security threats and tools
  • Assisting in security breach investigations

Skills & Knowledge of Cybersecurity Engineers

Cybersecurity engineers plan, execute, monitor, and upgrade computer security systems—tasks that rely on a range of skills and knowledge. According to O*NET Online (2020), information security analysts must be familiar with:

  • The development environment, web platform development, networking, and operating system software
  • Transaction security and virus protection software
  • Computer hardware and electronics
  • Telecommunications systems
  • Data gathering and analysis
  • Security practices and standards

Personal Qualities of Cybersecurity Engineers

As with most careers, there are a handful of personal qualities and aptitudes that could make one well suited for a career in cybersecurity engineering. The following are among the most important:

  • Analytical thinking
  • Attention to detail
  • Grace under pressure
  • Deductive and inductive reasoning
  • Creative problem-solving
  • Excellent written and oral communication

Typical Qualifications Required

Cybersecurity engineers must generally have the following qualifications:

  • They should possess a degree in IT, systems engineering, computer science, or any other similar field
  • A minimum of two years of cybersecurity work experience doing activities such as incident detection and forensics
  • They must have experience with the operation, maintenance, and functionality of firewalls and other forms of endpoint security
  • They should have proficiency in languages or tools such as Java, C++, Node, Ruby, Python, Go, or PowerShell
  • They should have the ability to work in a fast-paced environment
  • They must have up to date knowledge about the latest hacker tactics, and cybersecurity trends

It must be noted that different organizations have different qualification requirements. Given above is a general list of requirements that an organization may ask for.

Step 2: Earn a Bachelor’s Degree in Cybersecurity or a Related Discipline (Four Years)

The BLS (2020) notes that information security analysts typically need at least a bachelor’s degree in information security, computer engineering, computer programming, or another relevant discipline to enter the field, though some employers prefer candidates with related master’s degrees or MBAs. Prospective students should look for accredited programs with updated curricula so that they can stay informed about significant changes in the field.

Cybersecurity Engineering Degree Specializations

Some cybersecurity bachelor’s degrees offer specializations for more targeted training. Examples of real cybersecurity concentrations from U.S. colleges and universities include cybercrime and fraud investigation, cyber operations, intrusion investigation, information assurance, and network forensics.

Undergraduate Cybersecurity Engineering Coursework

Cybersecurity engineering programs usually require a foundation of necessary education coursework in areas like math, science, English, and history, as well as core courses relevant to the field. Additional electives allow students to customize their training to best suit their interests and goals. Examples of actual undergraduate cybersecurity engineering courses include:

  • Computer security
  • Cryptology
  • Communications networks
  • Security data science
  • Reverse engineering
  • Networking
  • Programming languages
  • Data structures
  • Algorithm design and analysis
  • Hardware design

Graduates who have earned their bachelor’s degrees in cybersecurity engineering are prepared for most entry-level jobs, though some opt to enroll in a graduate program to advance their expertise, prepare for management positions, gain a competitive advantage in the field, obtain research positions, or teach.

Step 3: Earn a Master’s Degree or Graduate Certificate in Cybersecurity (One to Two Years, Optional)

Earnings, career outlook, and advancement potential tend to improve with education. This makes earning a master’s degree in cybersecurity, information security, computer programming, IT management, and other related fields a valuable, if voluntary, endeavor.

While some employers prefer candidates with graduate degrees in IT and cybersecurity, others prefer candidates with a master of business administration (MBA) with a specialization in information systems.

Generally speaking, master’s degrees require two additional years of full-time study, but some schools offer special evening and weekend programs for students who want to continue working in the workforce. These part-time programs generally take three to five years to complete, depending on the program and each student’s course load.

Common Admissions Requirements

Every graduate-level cybersecurity program sets its own admissions criteria, so it is important to carefully research requirements before applying. However, there are many commonalities between each university’s admission requirements. The following criteria for the master’s program in cybersecurity operations and leadership at the University of San Diego is representative of the conditions applicants will find at most schools.

  • A bachelor’s degree from a regionally accredited institution
  • An undergraduate GPA of at least 2.75 (candidates with GPAs lower than 2.75 are encouraged to submit GRE, GMAT, LSAT or other relevant test scores)
  • A statement of purpose
  • A resume or CV showing relevant IT experience
  • A letter of support from an employer or two letters of reference

Some graduate schools have additional or slightly different course prerequisites, so it is essential that applicants properly research the programs in which they are interested before applying.

Cybersecurity Graduate Degree Specializations

Some colleges and universities offer concentrations that allow students to specialize their master’s degrees. Examples of specialty tracks within graduate-level cybersecurity tracks include analysis, cyber terrorism, SCADA cybersecurity, networks, systems, IT auditing, and cyber forensics, among others.

Graduate Cybersecurity Engineering Coursework

The curriculum for a master’s degree in cybersecurity can vary from one program to the next, but, as with bachelor’s degrees, they tend to have similar core coursework. Graduate schools do not typically need to complete basic education classes, as long as they have met the program’s prerequisites. Below is a sampling of courses from Johns Hopkins University’s cybersecurity program:

  • Foundations of informational assurance
  • Cryptology
  • Foundations of algorithms
  • Intrusion detection
  • Reverse engineering and vulnerability analysis
  • Principles of data communications networks
  • Computer network architectures and protocols
  • Web security
  • Foundations of engineering
  • Cryptography and coding
  • Java security
  • Authentication technologies

Graduate Certificates in Cybersecurity

An alternative to a master’s degree is a graduate certificate. Graduate certificates are ideal for students who want to advance their cybersecurity savvy without committing to a two-year program, or those who wish to specialize in a particular discipline, such as computer engineering and programming.

Certificate requirements range in scope and duration. Students enrolled in Harvard University’s cybersecurity graduate certificate, for example, must complete four courses—two core courses and two electives. As always, prospective students should review admissions and graduation requirements carefully.

Step 4: Earn Professional Certifications (Timeline Varies)

Professional certifications are another way cybersecurity professionals can enhance their knowledge and expertise. Industry vendors or professional organizations typically offer certifications. Most require professionals to pass a test, though candidates should be mindful of pre-exam requirements, such as junior certifications, specific degrees, or a minimum number of years of professional experience.

Here are a few in-demand professional certifications and the organizations that sponsor them, as reported by O*NET:

Global Information Assurance Certification

  • Certified Enterprise Defender
  • GIAC Certified Forensics Analyst
  • GIAC Web Application Penetration Tester
  • GIAC Certified Intrusion Analyst

American Health Information Management Association

  • Certified in Healthcare Privacy and Security

International Information Systems Security Certification Consortium

  • Certified Secure Software Lifecycle Professional

Cisco Systems

  • Cisco Certified Internetwork Expert Security
  • Cisco Certified Network Professional Security

Information Systems Audit and Control Association

  • Certified Information Systems Auditor

It should be noted that while professional certifications tend to be voluntary, they indicate the level of expertise and an ongoing commitment that many employers value.

Accredited Online Degree Programs in Cybersecurity

Arizona State University

Arizona State University offers an online master of computer science with a concentration in cybersecurity. The program provides students with the skills and knowledge that help them undertake computer security, data security, cryptography, and computer forensics. It is ideal for graduate-level students who wish to take up education in cybersecurity, with a focus on algorithms and computer systems.

Admission requirements include a four-year undergraduate degree with a minimum cumulative grade point average of 3.0, two semesters of advanced math in calculus I and II, a background course in discrete math, official transcripts, and English proficiency for students who have their degree from a country outside the U.S.

This 30-credit-hour program has 12 credits in the cybersecurity concentration. The courses in the concentration include applied cryptography, information assurance and security, software security, advanced computer network security, and computer systems security.

Students learn how to defend and protect information systems and information by ensuring their integrity, availability, authentication, non-repudiation, and confidentiality. Graduates can take up roles as cybersecurity engineers, cybersecurity risk analysts, software development engineers, security engineers, and security analyst.

  • Location: Tempe, Arizona
  • Accreditation: Higher Learning Commission of the North Central Association of Colleges and Schools
  • Expected Time to Completion: 18 to 36 months
  • Estimated Tuition: $15,000 for the program

George Washington University

George Washington University offers an online master of engineering (MEng) in cybersecurity policy and compliance program. Designed for students who are working professionals, this fully online program teaches students security best practices. The program is taught by experienced faculty members who have received their doctoral degrees from the nation’s top engineering and computer science programs, providing students a high-level understanding of cybersecurity.

Admission requirements for the program include an a bachelor’s degree from an accredited institution, minimum grade point average of 2.7, work experience in an IT field for students who do not hold a degree in a technical discipline, completed application, official transcripts, statement of purpose, letters of recommendation, a current resume, while Gre or Gmat scores are recommended.

Requiring 30 credit-hours of graduate-level coursework, this program includes courses such as cybersecurity and privacy, information policy, management of information and systems security, security in mobile computing, information security in government, secure cloud computing, and cybersecurity risk management and compliance.

Through this program, students become experts at analyzing cyber incidents, forecasting cyber attacks, formulating long term strategies, designing solutions, and managing threats.

On successful completion of the program, students can take up jobs at nonprofit, private, and government organizations. They can take up roles as computer forensic investigators, computer security specialists, computer network defense engineers, cybersecurity managers, information security analysts, cybercrime technology directors, and more.

  • Location: Newport News, Virginia
  • Accreditation: Middle States Commission on Higher Education
  • Expected Time to Completion: 30 months
  • Estimated Tuition: $1,075 per credit-hour

Related Articles

20 Data Science Professors to Know

Data science, as described by University of California, Berkeley, involves the analysis and management of large quantities of data. The discipline requires professionals who can ask the right questions, chart out what information is needed, collect the data, and analyze it effectively.

25 Innovative Computer Science Professors

Meet 25 leading professors of computer science, and learn more about what makes them standout educators and innovators.

25 Professors of Software Engineering to Know

Learn from the best. Meet 25 well-regarded software engineering professors who teach proven, best practice approaches to software engineering and testing.

Cybersecurity Engineering Certifications (Cyber)

Traditional forms of education are still important, but they can’t keep up with the rapid pace of cybersecurity. As soon as one form of threat is neutralized, innumerable others are developed. That’s why employers and employees are both increasingly turning to the more nimble world of professional certifications.

Online Bachelor's in Business Data Analytics

An online bachelor’s degree in business data analytics provides students with a strong foundation in data analytics and prepares them for a promising career in this burgeoning field. Students become well-equipped in data mining, data storage, and data analytics.