April 3, 2017 by Emsi Burning Glass
The next world war, it has been said, won’t be fought with bullets and bombs, but with bits and bytes. That’s not hard to imagine. In a hyper-digitalized, increasingly interconnected world, the menace of cyber theft, fraud, and abuse has never been greater.
The FBI’s Internet Crime Complaint Center receives 300,000 complaints a year, totaling over $800 million in losses. Cyberattacks cost the average US company more than $15.4 million per year, according to the National Initiative for Cybersecurity Careers and Studies. Reputation also suffers. Think about the recent stock dive after Yahoo announced that over 1 billion email accounts had been compromised in 2013.
As the DHS, the military, and companies nationwide tighten security measures, we find accelerating demand for cybersecurity analysts—aka information security analysts/managers or security engineers/consultants—the folks in charge of protecting an organization’s computer networks and systems . The more cyberattacks grow, the more responsibilities these analysts own.
Besides monitoring networks for breaches and installing software (firewalls, data encryption, etc.) and creating disaster-recovery plans, they must think like hackers themselves. This means keeping up with the latest methods of attack and conducting penetration testing to find vulnerabilities before they can be exploited.
Cybersecurity analysts are also commonly called information security analysts/managers and security engineers/consultants. According to Emsi’s labor market data in Analyst, they have added 15,000 new jobs (18% growth) and now total 95,000. Median hourly earnings of $43.78 per hour ($91K per year—over twice the national average of median earnings) help make cybersecurity analysts an attractive career for creative problem-solvers drawn to meticulous analysis and the thrill of disaster-aversion.
According to Alumni Insight, there are nearly 100,000 cybersecurity analysts working in over 31,000 companies. The majority work in big names such as the US Army, IBM, Lockheed Martin, US Navy, Wells Fargo, Booz Allen Hamilton, and Northrop Grumman.
From January 2016 to January 2017, there was an average of 32,000 unique job postings per month across the entire US, as we discover using Emsi’s Job Posting Analytics. Job postings were highest in Washington, DC; New York City; Atlanta; Arlington; Chicago; San Francisco; and Herndon, Virginia.
Who’s hiring now? Over the past year, the greatest number of postings have come from Oracle (18,752), Deloitte (14,517), Booz Allen Hamilton (6,984), ManTech (6,691), General Dynamics (6,280), and Wells Fargo (5,169).
Most sought-after by employees are hard skills such as management, networking, operations, engineering, and analysis. Essential soft skills are the same as for nearly any occupation: critical thinking, ethics, creativity, listening, learning, persuasive communication, and tenacity.
Washington, DC, dominates in terms of sheer number of cybersecurity analysts and concentration, according to Emsi’s labor market data in Analyst. There are over 10,000 such analysts in the DC metro (twice that of any other MSA) and their location quotient (LQ) of 5.15 LQ indicates that cybersecurity analysts are over five times as concentrated here as in the average US city. Dallas, however, has seen the strongest job growth with 792 new cybersecurity jobs added since 2011 (28% growth). Other major hubs for cybersecurity analysts include New York, Chicago, Los Angeles, Boston, and Phoenix.
Using Emsi’s new workforce data featured in Alumni Insight, we see that nearly half (45%) of cybersecurity analysts hold a bachelor’s degree, while 20% hold master’s and 19% some college but no degree.
Most of the relevant programs are basic computer and IT degrees such as computer and information sciences; computer science; information technology; and computer systems networking & telecommunication. However, three programs speak directly to the issue of cybersecurity: computer and information systems security/information assurance; cyber/computer forensics & counterterrorism; and cyber/electronic operations & warfare.
University of Maryland University College is the most popular school listed on cybersecurity analysts’ online profiles. With various classroom locations clustered in Maryland, DC, and Virginia, and a presence on military installations in more than 20 countries and territories, the state university specializes in career-relevant education—some degrees earned entirely online—adaptable to the busy lives of their students, most of whom also work full-time.
Top 10 most popular colleges listed on cybersecurity analysts’ profiles:
Up is the only direction that demand for cybersecurity analysts can possibly go. Plus, wages are strong and the multi-purpose education could prepare you for any number of compelling IT careers.
Given all this, the US should have no trouble attracting workers to face the unique challenges of a world where we enter bank numbers on PayPal without a thought… And seriously, who even bats an eye at gifting Zimbio with all our Facebook information before taking that personality quiz?
Note on the lead graphic: Number of profiles (100,000) and companies (31,000) come from our analysis of cybersecurity analysts on Alumni Insight. Job growth (18%) and wages ($91K) come from our analysis of information security analysts (SOC 15-1122) on Analyst.