How To Start A Career In Cyber Security

Are you looking to start a career in cyber security? We break down the roles that are available, and the training and apprenticeships to help you take a first step into the world of cyber.

Careers in Cyber Security

- Anyone can start a career in cyber security, and develop key skills such as software development, threat detection, incident response, and more.
- Cyber security as a career provides growth potential, job security, variability, problem-solving opportunities and real-world impact.
- One of the best ways to get started is through a cyber security apprenticeship.
- There a wide range of training and certifications available for those that want to begin, transition to, or progress a career in Cyber Security.

QA offer a wide range of Cyber Security programmes to help close the digital skills gap faced by many businesses. From the Women In Cyber Programme, to CyberFirst aimed at helping young people explore their passion for tech, QA deliver more cyber programmes than any other UK provider.

Why start a career in cyber security?

Here are five key reasons why cyber security is such an attractive career to begin.

Skills gap

It is important to know that while salaries can range significantly from job to job, there is more and more demand for cyber security specialists. According to John McAfee, founder of Future Tense Central and CEO at MGT Capital Investments, “The field of cyber security is the least populated of any field of technology. There are two job openings for every qualified candidate."

Employers are struggling to find enough qualified individuals to fill the demand created by cybercrime. Gary Hayslip, author of the book 'CISO Desk Reference Guide, A practical guide for CISOs', says that organisations "are trying to hire a unicorn – i.e., they need three people but can only hire one. So, they write the job specs with a huge list of disparate skill sets that most security professionals don’t have." This then leads to a skills gap that can work in the favour of new cyber security graduates, giving them a way into an ever-growing professional field.

Job security

Alongside the skill gap, cyber professionals can expect a modicum of job security simply by filling their roles. The demand for their job is so high that you are unlikely to be made redundant.

A word of warning, though. Cyber professionals have about a 20% turnover rate in most companies because of burnout caused by trying to compensate for the skills gap. Employers who expect too much from their limited cyber security team will be met with pushback, and with the amount of demand for cyber security professionals, the hiring market is skewed in favour of applicants.

Variety

As you have seen, there are a variety of roles that fall under the cyber security umbrella. With such abundance, the odds of finding a niche that suits your interests are very high. In cyber security, bored is not a word that will be present in your vocabulary.

Security professionals also get the chance to work on a huge scope of technologies. This is an attribute that, while not exclusive to cyber security roles, is one of their draw points. Cyber security is used in everything from robotics or car production to website security for both small and large organisations. If there is an online element, cyber security has a foothold there.

Since there is such a wide array of applications for cyber security, it follows that there is a wide array of ways to train for it. There is no 'right' way to become a cyber security professional.

Puzzles and problem-solving.

As with many software development roles, cyber security professionals need to have a level of critical thinking and problem-solving to be able to adapt to the changing landscape in tech. From testing against new kinds of hacking to innovating the way the company database is run, security optimisation is always evolving, keeping cyber security professionals on their toes. And as technology evolves, so does cybercrime, meaning there are always new puzzles to solve, the job is never the same thing twice.

Tangible impact

Cybercrime is a serious problem that affects every industry. Some industries are more in need of cyber security than others. For instance, organisations with control over military matters, financial data, or medical devices need cyber security to prevent real, serious damage to individuals.

A specific example of the impact that cyber security can have was seen in the pacemaker hacking crisis in the USA in 2017. 500,000 pacemakers were recalled by the US Food and Drug Administration (FDA) due to fears that their lax cyber security could be hacked to run the batteries down or even alter the patient’s heartbeat.

Cyber security matters. Its impacts extend beyond the digital world and into the physical one. That can be both a frightening and exciting prospect but regardless, it highlights the importance of cyber security.

If you're looking for a career that has real-world impact, cybersecurity might be the perfect match for you.

Getting started in cyber security

There are many avenues one can take to get a start in cyber security. IT roles like helpdesk technicians or software developers are very common transition roles. But so long as you have a few key skills, you can enter cyber security without previous industry experience.

Skills for cyber security

While you don’t necessarily need to have experience in tech to be successful in cyber security, some hard qualifications are needed just to do the job required.

It would benefit you to know about:

Scripting/software development
Framework
Intrusion detection
Network security control
Operating systems
Incident response
Cloud
DevOps
Threat knowledge

Outside of the hard skills and qualifications needed, having some of these key soft skills will give you a leg up and can help you in your career:

Problem-solving
Attention to detail
Communication skills
A desire to learn
Risk management
Adaptability
Critical thinking

Cyber security roles

Once you’ve got the skills, it's time to start exploring where you can put them to use. One of the best parts about cyber security is the amount of variety in the jobs you can hold.

Some of the most common roles/titles are cyber security analysts and cyber security engineers. In simple terms, engineers build and design the security infrastructure, and analysts monitor and maintain it.

But what is a cyber security analyst?

A cyber security analyst protects businesses from cybercrime through careful monitoring of hardware, software, and networks, evaluating threats, and looking for ways to enhance company security to protect sensitive information.

They are chiefly responsible for the use of

Configuration tools: such as anti-virus software, vulnerability protection, and password management.
Reporting: this includes evaluating the current state of the network and detailing any strengths. It is key that analysts be able to read and write such reports since they are used to indicate any unusual activity on network systems that could be dangerous.
Weakness evaluation: since no network is perfect, the goal is to improve their security as much as possible. Analysts are needed to evaluate where the network's main weaknesses are so that work can be done to bolster them, further protecting the business from data breaches or other threats.

What is a cyber security engineer?

Similarly to a cyber security analyst, cyber security engineers implement network security measures to defend against cybercriminals, hackers, and other threats. They are responsible for engineering secure, trusted systems, performing assessments, and developing new ways to monitor and protect against advanced persistent threats.

Cyber security engineers are responsible for:

Security engineering: Developing, operating, and upgrading security measures used in the protection of an organisation’s data, systems, and networks.
Troubleshooting: Responding to all system security breaches and troubleshooting security and network problems.
Evaluating weaknesses: Testing and identifying network and system vulnerabilities to better protect against cybercriminals who would exploit them.

Other cyber Security Roles

While cyber security analysts and engineers are very common roles, there are others in the realm of cyber security that are just as important.

Digital Forensic Analyst

Salary average: 30k – 40k

Digital Forensic analysts analyse and investigate cyber security incidents to derive useful information about support system/network vulnerability mitigation. As a digital forensic analyst, you'll use software tools and your own skills to investigate data linked to cybercrimes like hacking, online scams, and other information theft.

IT Security Specialist

Salary average: ~55k

IT Security specialists are similar to digital forensic analysts. The primary difference is that IT security specialists work to prevent cybercrimes and forensic analysts work to investigate the instances after they occur. Both jobs work to secure data and prevent threats.

Cryptography Engineer

Salary average: ~40k

Cryptographic Engineers design, implement, test, and validate cryptographic systems and help design and develop complex security systems using cyphers and algorithms to encrypt sensitive data and protect it from hackers, misuse, and cybercrime. This protected information can be anything from personal financial data to military data.

Database Administrator

Salary average: 25k for entry-level to 70k+ for more experience

A database administrator manages and monitors the database. They are responsible for designing, creating, and maintaining the database, including ensuring the protection and security of the data in the database. Database administrators need to understand programming languages, IT infrastructure, and databases.

Penetration Tester

Salary average: 60k-100k

Penetration testers perform penetration tests on digital systems, networks, and applications to learn about the vulnerabilities such systems have in order to better protect them from actual malicious acts. Penetration testers often utilise the same skills as bad actors, like hacking, to better understand where they will attempt to take advantage of networks. On average, penetration testing roles are some of the highest paid in cyber security.

Cyber security apprenticeships

Okay so you're sold, you want to be a cyber security professional, but where do you begin? Great news! You're already halfway there. One of the best ways to develop cyber security skills and gain practical experience is through an apprenticeship programme and QA has plenty! We are the largest Microsoft Gold Learning Partner in the UK, offering a broad range of Microsoft training courses, taught by highly experienced experts. We hold the highest overall pass rate among UK tech training providers (*Based on end-point assessments by the BCS 2020). And we’ve been awarded Gold for ‘Best Use of Blended Learning’ 2020 at the Learning Tech Awards.

You can view our current cyber security apprenticeship jobs, or discover more about finding an apprenticeship with QA.

Our model of learning is a blend of virtual and face-to-face learning sessions. You’ll gain knowledge through a combination of projects and lab work, events, self-research, self-paced learning, and peer-to-peer learning.

We’ll help you get on-the-job experience, earn a salary, and work towards an industry-recognised qualification all the way up to master's level.

If you’re curious about the Cloud, interested in IT, have an affinity for AI, or have a soft spot for Hardware Support – there’s a future in tech for you. An early opportunity to break through and turn your passion into prospects. Our programmes put the power in your hands.

You can expect to:

Learn more about networking and architecture
Increase your understanding of cloud services
Get to grips with mobile and operating systems
Level up your coding and logic skillset
Understand helpdesk systems

View Cyber Security Apprenticeships

About the author: Leah Hanson work as a Content Editor and Publishing Specialist for QA, successfully developing educational content across a variety of subjects, including cyber security.