Types of Cybersecurity Roles: Job Growth and Career Paths

You learned the technical skills, landed the job, did the work and proved yourself.

Now that you've figured out how to get into cybersecurity, it’s time to chart your career path

When it comes to climbing the cybersecurity career ladder with the right skills, credentials and contacts, “the sky is the limit,” according to Dr. Dennis Backherms, an IT professional, technical program facilitator and STEM adjunct faculty member at Southern New Hampshire University (SNHU).

This is true, in part, because of technology’s ubiquity in our lives. “Nowadays, everything is done with computers and involves data,” said Rodney Royster, an adjunct faculty member at SNHU with more than three decades of experience in the cybersecurity sphere. “And that means everything is vulnerable to attack from bad actors.”

Cybersecurity is important because it protects vulnerable information from these "bad actors," including hackers and other cybercriminals trying to access valuable data. The information cyber criminals desire includes intellectual property, government secrets, credit card numbers, account passwords or electronic medical records. Meanwhile, professionals in different cybersecurity roles, from entry-level analysts to top-level executives, protect and defend against these continually evolving threats and attacks.

What Are 5 Careers in Cybersecurity?

If working in the cybersecurity field interests you, here are some career options you could consider.

Computer Network Architects

Computer network architects design and implement data communication networks, including local area networks (LANs), wide area networks (WANs) and intranets, according to the U.S. Bureau of Labor Statistics (BLS). They consider an organization's specific needs and requirements including information security, when planning networks.

To enter this role, BLS reported that you'll typically need a bachelor's degree in a computer-related field and some relevant experience.

Computer network architects earned a median pay of $129,840 in 2023, and the field is expected to grow 13% through 2033, according to BLS.*

Database Administrators and Architects

Database administrators and architects create and organize systems that store and secure a variety of data, from financial information to customer shipping records, the BLS reported. Since many databases contain personal, proprietary and financial information, data base administrators are responsible for planning the cybersecurity measures to protect that data.

A bachelor's degree in computer and information technology is typically needed to enter this role, according to BLS, although some employers may prefer a master's degree in a similar field.

In 2023, the median pay for this role was $117,450, and the field is expected grow 9% by 2033, according to BLS.*

Information Security Analysts

If you're interested in planning and executing security measures to protect an organization's computer networks and systems, then the role of information security analyst may be for you. According to BLS, this role is responsible for staying up to date on the latest methods that attackers are using to infiltrate computer systems, and need to research new cybersecurity technology to decide the best way to protect their organization.

To break into this field, BLS reported that you'll typically need at least a bachelor's degree in computers science, along with related work experience.

The median pay for information security analysts in 2023 was $120,360, with an expected 33% job growth through 2033, according to BLS.*

Network and Computer Systems Administrators

Network and computer systems administrators install, configure and maintain organizations' LANs and WANs, data communication networks, operating systems and servers, BLS reported. This includes maintaining network and computer systems cybersecurity.

For this role, you'll typically need a bachelor's degree in a related field, although BLS reported that some employers may only require a postsecondary certificate or associate degree.

In 2023, the median pay for the role was $95,360, according to BLS.*

Software Developers, Quality Assurance Analysts and Testers

This role can involve creating computer applications to help underlying systems and testing and designing software task to identify problems, BLS reported. Software developers need to take many requirements into account, including the security of an application or program.

Usually, a bachelor's degree in computer or information technology is required, but some employers may prefer to hire developers with a master's degree, according to BLS.

The field is expected to grow nearly 17% by 2033, and in 2023, BLS reported the median pay was $130,160.*

Where Can You Work in the Cybersecurity Field?

Cybersecurity professionals work in nearly every sector and industry — public and private, for-profit and nonprofit — and at businesses and organizations large and small, including:

• Banking and finance
• Government
• Health care
• Insurance
• Law enforcement
• Technology
• Telecommunications

“Cybersecurity is an industry-agnostic field,” according to Brandon Champion, an adjunct faculty member at SNHU. “But the industry dictates which risks you have to worry about.”

Champion knows this first-hand. In his role as chief information security officer (CISO) within the global power and engineering industry, he might focus his team’s efforts on protecting the company from ransomware, malicious software that locks out the system’s users until a ransom is paid. Meanwhile, in his other role as senior information systems officer for the Army National Guard, he works to prevent security breaches by nation state actors, including foreign governments with political agendas.

“The threat landscape continues to change on a daily basis and requires a more agile workforce to maintain comprehensively protected networks,” according to Backherms.

“There’s a shortage of people in this field, which makes finding qualified cyber talent very difficult,” said Dr. Trebor Evans, a CISO and STEM adjunct faculty member at SNHU.

What Are Some Job Titles in Cybersecurity?

Cybersecurity professionals go by many names, but the job titles or descriptions will “normally have ‘information security,’ ‘cybersecurity,’ or related terms in them,” said Backherms. Examples include:

• Cybersecurity specialists
• Cybersecurity technical architects
• Information security, cybersecurity or vulnerability analysts
• Penetration testers
• Security or cybersecurity administrators, engineers, principles and technicians

“You’ll often also see the words ‘entry,’ ‘associate’ or ‘senior’ accompanying these titles,” Backherms said. “Once you get to the executive level, cyber roles tend to be categorized by manager, director or officer (for example, CISO) title types.”

Meanwhile, on the government side, cybersecurity roles might be designated as “level I,” “level II” or “level III” based on the minimum level of knowledge, experience or certification required, according to Royster.

In other words, you’ll find cybersecurity career opportunities at all levels — from the day-to-day operations and management to the senior executive level and even on the board.

“Keep in mind, though, that these job titles change,” said Royster. “I was looking at a job posting the other day for a CISO, but it was for a chief innovation security officer.”

What Is the Role of Someone in Cybersecurity?

“Organizations are still working hard to accurately define the expectations of cybersecurity roles and how those roles fit into the bigger organizational picture,” said Backherms.

The specific job responsibilities for any cybersecurity role can also depend on the size and resources of the employer. “At a smaller or mid-size firm, you might end up being a ‘jack of all trades,’ while at a larger firm, you’re more likely to have specialists,” said Champion.

Cybersecurity professionals can benefit from starting as generalists and then specializing in an area of interest or strength, according to Champion. These areas can include:

• Application security
• Data loss prevention
• Forensics
• Incident response
• Network security
• Security architecture
• Threat intelligence
• Vulnerability management

Take the Next Step in Your Cybersecurity Career

Whether you’re a generalist or a specialist, you’ll need to keep up with cybersecurity’s ever-changing technical requirements, the latest legal regulations and best practices, as well as the emerging trends in the industry to achieve your career goals. To that end, consider:

• Completing a certificate in cybersecurity
• Completing a cyber internship
• Joining a professional organization or association, such as ISACA, Information Systems Security Association (ISSA) or the SANS Institute
• Networking or finding a mentor to help you outline and achieve your short- and long-term career goals
• Taking coursework toward a degree (such as a bachelor’s or master’s in cybersecurity) or certification that aligns with your career aspirations
• Upskilling in virtual labs to practice industry applications and technologies

Such opportunities are available to current college students, newly minted graduates and seasoned career-changers alike, said Champion.

Evans, for example, earned his undergraduate degree in information technology, worked in various IT roles (server administrator, database administrator, desktop support) and then earned his MBA before transitioning to a dedicated cybersecurity role.

“I didn’t necessarily count myself as a security individual, but I’ve always been security-minded,” Evans said.

When the right cybersecurity career opportunity presented itself through his professional networks, Evans was upfront with the hiring managers about the training he would need to be successful in the role.

“The company gave me a trial run and said, ‘You should probably get your CISO certification within a year.’ I finished it within two months,” he said. Evans also recently got certified as a data privacy solutions engineer.

As you continue to gain experience and expertise during your career, you might set your sights on pursuing cybersecurity positions or opportunities in:

• Consulting: According to Royster, the best cybersecurity consultants have not only the technical chops but also considerable experience with recognized organizations across multiple industries — in addition to the presentation and interpersonal skills needed to engage with IT-savvy clients. “You need to be able to talk the talk. So, find your niche, master those skills, and then see if consulting is the right fit for you,” he said.
  
  
• Education: Cybersecurity professionals can also explore opportunities for teaching or mentoring, both formally and informally. “Teaching, for me, is a way to give back to the field,” said Champion. “It’s still a fairly small community, and — perhaps selfishly — I want the next generation of people potentially working for me to keep moving our field in the right direction.”
  
  
• Leadership: Senior- or executive-level roles typically require solving higher-order problems, making strategic decisions and building teams and processes while collaborating across business divisions. “Every day is different for a CISO,” said Evans. “Sometimes it’s a high-stress situation, and everyone looks to you for direction and answers. That means you have to think fast, and your decisions can have significant consequences.”

If getting an education in this field interests you, consider learning more about what a cybersecurity degree is.

Level-Up in Cybersecurity Through Learning

“My best advice, after years in the industry, is to find an area that piques your interest and develop the sharpest skillset possible in that area,” said Backherms. “The more honed a skillset in an area, the better chance someone has of securing better-paying jobs.”

Certifications can be useful in this regard. “Professionals already working in a cyber position should achieve relevant certifications based on their areas of interest and the needs of their organization,” Backherms said.

Some colleges will consider your certifications as transfer credits you can use toward a degree program, saving you time and money if you're looking to go back to school.

In 2023, the Bachelor of Science in Cybersecurity at SNHU became a validated program of study by the National Security Agency (NSA). As a designated National Center of Academic Excellence in Cyber Defense (CAE-CD), SNHU met the federal government's strict criteria when it comes to excellence in cybersecurity education, said Jonathan Kamyck, a senior associate dean of STEM programs at SNHU and Certified Information Systems Security Professional (CISSP) who holds master's degrees in information assurance and organizational leadership.

Meanwhile, it’s worth exploring your interests or staying current with industry standards by upskilling. According to Royster, useful resources include:

• Codecademy
• Cybrary
• Federal Virtual Training Environment (FedVTE)
• National Initiative for Cybersecurity Careers and Studies (NICCS)

Another factor to consider for your cybersecurity education is finding a school participating in the National Cyber League (NCL) competitions. In a recent competition of colleges and universities nationwide, SNHU ranked 25 nationally.

If your cybersecurity career goals include growing in the field or becoming a manager, then an advanced degree might be right for you. According to Backherms, “An advanced degree can help you learn the foundational and conceptual ideas concerning cyber strategies while developing the soft skills — such as communication, teamwork or leadership — that you’ll need to succeed.”

An advanced degree signals your commitment to learning, which is an important quality in any cybersecurity professional, according to Evans. Plus, the credential can help set you apart from other candidates and move your resume to the top of the hiring manager’s pile. Evans said that as CISO, he is constantly seeks to hire qualified talent and prefers those with a master's degree.

“There’s always something new to learn in cybersecurity, whether you’re an analyst, engineer, architect, all the way up to CISO,” he said. “My advice? Don’t be afraid to try anything and everything, even if it’s outside of your scope. If you stay in your comfort zone, you’ll never grow.”

*Cited job growth projections may not reflect local and/or short-term economic or job conditions and do not guarantee actual job growth. Actual salaries and/or earning potential may be the result of a combination of factors including, but not limited to: years of experience, industry of employment, geographic location, and worker skill.

Nicholas Patterson ’22 is a writer and alumnus of Southern New Hampshire University (SNHU), where he earned his bachelor’s degree in English and creative writing. He is currently honing his craft further as he pursues an MFA in Creative Writing from SNHU. Connect with him on LinkedIn.