The global outlook on cybercrime is challenging. A recent survey conducted by the Deloitte Center for Controllership finds that almost half of top-level management executives (48.8%) anticipate a rise in the frequency and scale of cyberattacks aimed at their organizations’ financial and accounting data in the coming year. More than a third (34.5%) said it had been targeted in the past year by cybercriminals. Among this group, 22% experienced at least one cyberattack and 12.5% experienced more than one.
At the same time, research shows cybersecurity is in critical need for more professionals. To adequately protect cross-industrial enterprises from increasingly complex modern threats, organizations are trying to fill the gap of 3.4 million cybersecurity workers.
Help wanted worldwide: security engineers
One of the areas in dire need of talent is security engineering. Professionals with a security engineering background play a critical part in building systems that ensure an organization’s networks and applications are secure from unauthorized access, breaches and attacks.
As part of the effort to shore up defenses, security engineering professionals wear a number of hats. They’re called to understand potential vulnerabilities and develop strategies to mitigate them, such as implementing firewalls, intrusion detection systems and encryption protocols. They’re also responsible for monitoring the network for suspicious activity and responding quickly to any potential threats.
The job role requires a comprehensive understanding of the organization’s IT infrastructure, including network topology, software applications and hardware components. It is critical to understand the latest security threats and vulnerabilities and adapt strategies accordingly.
Security engineers sometimes work individually and sometimes on dedicated engineering teams. Teams build services, automate processes and streamline deployments to support the core security team and its stakeholders. This is different from other roles in security, like a pen tester or security operations center specialist, which focus more exclusively on defense. In a security engineering role, the demands are holistic, and professionals need technical and leadership skills.
Common security engineering job responsibilities include:
- Creating new ways to solve existing production security issues
- Configuring and installing firewalls and intrusion detection systems
- Performing vulnerability testing, risk analyses and security assessments
- Developing automation scripts to handle and track incidents
- Investigating intrusion incidents, conducting forensic investigations and mounting incident responses
- Collaborating with colleagues on authentication, authorization and encryption solutions
- Evaluating new technologies and processes that enhance security capabilities
- Testing security solutions using industry standard analysis criteria
- Responding to information security issues during each stage of a project’s lifecycle
- Defining, implementing and maintaining corporate security policies
While this is clearly a difficult time for cyber defense in many organizations as breaches and attacks continue to rise, there is opportunity for those seeking careers in cybersecurity. A recent article in Forbes cites security engineering roles as some of the best-compensated in the industry.
Demonstrate your knowledge of designing protocols and mechanisms to protect critical data and assets by earning ISC2 Security Engineering Certificates. Choose from online instructor-led or online self-paced education with content created by industry experts. You’ll open a full range of opportunities and stand out from your peers.
Learn more about ISC2 Security Engineering Certificates