Job Trends: Top Skills, Certifications

New Report Shows Information Security Jobs Going Mainstream
Job Trends: Top Skills, Certifications
Information security is becoming more mainstream in business organizations - and so are the new job opportunities for security pros.

Product/service implementation, forensics and audit functions are among the growth areas, according to the latest IT Skills Demand and Pay Trends Report from Foote Partners, an independent IT analyst firm focusing on IT workforce demand and compensation trends.

"Security is becoming more mainstream in organizations, with a focus on an enabler's role," says David Foote, CEO and Chief Research Officer. The focus is shifting from just 'hands-on' technical security skills to an integrated business approach of security and strategic risk management. New jobs are opening up that are not deeply technical, but more oriented to business issues in functional areas such as marketing, finance, HR, operations and in product development, where security is a concern for the customer.

2010 Trends

The biggest differences between now and Foote's 4th quarter 2009 report are an increase in adoption of security managed services, including wireless and voice over IP, and opening of more security jobs in strategic and business functions. These jobs are more oriented to risk management and assessment of new products and services, including cloud computing.

That's not to say that technical skills are not still a huge concern for employers, Foote says. "But the danger is that technology doesn't drive strategy, and it won't as far as enterprise security is concerned going forward."

Today, information security careers benefit from companies looking to acquire a wider mix of both technical and business skills, as well as to hire and retain hybrid business and technology security professionals across several security and business domains. But since speed and predictability of execution are critical, organizations are also seeking in-demand skills from contractors and consultants, looking at managed security services.

Employers also are thinking beyond the type of threats and attacks they face, investing time in understanding the impact of these threats on existing business assets and the value of information to the organization, its products, customers and revenues.

Among the key drivers pushing the demand for information security workforce, Foote says:

  • Increased cybersecurity vulnerabilities;
  • Accelerating demand for cloud computing, managed services;
  • Increased security and privacy regulation and legal risks for non-compliance;
  • Electronic medical record systems mandate;
  • Retirement 'bubble" -- new pool of qualified candidates to fill gaps left by increasing number of security professionals leaving the workforce.

Hot Skills and Competencies

Foote tracks and updates the skills and competencies hot lists quarterly. Among the top security skills continuing to attract the most interest from employers:

  • Intrusion detection and prevention;
  • Forensic analysis;
  • Identity & access management;
  • Compliance;
  • Threat and vulnerability assessment;
  • Encryption;
  • Data loss prevention;
  • Penetration testing;
  • Incident analysis and handling;
  • Biometrics

Foote sees an unprecedented high volatility in the demand for IT skills, including security, as companies accelerate the shift to new IT service delivery and sourcing models. The new emphasis on strategic enterprise security is redistributing IT security resources and the skills and jobs required in the future, he says. For example, the managed security services market is expected to exceed $6 billion in revenues by next year, with wireless security services growing 27% per year through 2014. The services industries therefore, will be looking for talent to achieve this growth.

Among the hottest competencies in the marketplace:

  • Forensics;
  • Identity and access management;
  • Intrusion detection and prevention;
  • Penetration testing;
  • Threat/vulnerability assessment management;
  • Litigation support (e-discovery);
  • Disk and file level encryption solutions;
  • Data loss prevention;
  • Application security;
  • Governance, compliance & audit.

Top Certifications

With such a clear shift from focus on operational security to strategic areas involving business issues of risk management, Foote says, the trend is evident in the current list of hot certifications. Given the marketplace's demands, these professional certifications are earning the highest premium pay for pros:

  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM);
  • Certified Information Systems Security Professional (CISSP);
  • Information Systems Security Engineering Professional (CISSP/ ISSEP);
  • Information Systems Security Management Professional (CISSP/ ISSMP);
  • Check Point Certified Security Expert (CCSE);
  • Check Point Certified Master Architect (CCMA);
  • CISCO Certified Security Professional (CCSP);
  • GIAC Secure Software Programmer (GSSP);
  • GIAC Certified Intrusion Analyst (GCIA).

See Also: 9 Career Tips for Security Pros


About the Author

Upasana Gupta

Upasana Gupta

Contributing Editor, CareersInfoSecurity

Upasana Gupta oversees CareersInfoSecurity and shepherds career and leadership coverage for all Information Security Media Group's media properties. She regularly writes on career topics and speaks to senior executives on a wide-range of subjects, including security leadership, privacy, risk management, application security and fraud. She also helps produce podcasts and is instrumental in the global expansion of ISMG websites by recruiting international information security and risk experts to contribute content, including blogs. Upasana previously served as a resource manager focusing on hiring, recruiting and human resources at Icons Inc., an IT security advisory firm affiliated with ISMG. She holds an MBA in human resources from Maharishi University of Management, Fairfield, Iowa.




Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.