While other types of IT jobs like network administrator or software developer are more common and well-known, cyber security jobs are smaller in number but fast increasing in importance. As our global economy has led to more Internet-based computing and connectivity the world over, organizations have grown ever more vulnerable to hacking and cyber attacks. And just as a business might hire security even when there’s a local police force, so must a business hire cyber security staff. It is ultimately the duty of the organization to protect their proprietary data as well as any customer information they are privy to.
These cyber security professionals are in short supply, however. Last year, NASSCOM reported that India alone would need 1 million cyber security professionals by 2020, while job portal Indeed reported a spike of 150 percent in cyber security roles between January 2017 and March 2018. Companies like KPMG have doubled the size of their cyber security teams in recent years.
The recent overwhelming need for cyber security is the result of several factors:
Digital India and demonetization: According to Ashok Pamidi, the senior director of NASSCOM, while the government’s initiatives such as Digital India and demonetisation have pushed companies towards digital transformation, doing so has also made them vulnerable to cyber attacks. In turn, this has led to a demand for cyber security professionals who can help companies achieve the digital transformation without compromising security.
General Data Protection Regulation (GDPR): Although the GDPR didn’t go into effect until late in May, 2018, companies across the world have been preparing to safeguard their database from cyber crimes and comply with GDPR rules. This has driven a need for cyber security experts.
Aftermath of WannaCry ransomware: During 2017, government agencies and organizations across the world fell prey to the WannaCry ransomware, which infected over 200,000 computers in 150 countries within just three days. According to the latest numbers, it led to damage estimated up to hundreds of billions of dollars! The attack launched a debate on the vulnerability of data and the pressing need for stronger cyber laws and security systems. It has also caused many organizations to be more aware of the perils of cyber security loopholes and take steps to safeguard their organization from future attacks.
What does this mean for IT professionals?
Regardless of the reasons for the increase in demand, the pressing problem is a shortage of people trained and capable enough to fill the growing number of cyber security roles. NASSCOM reports that despite having the largest IT talent pool in the world, India simply lacks skilled cyber security professionals. In fact, the need for experienced professionals is so high that companies are willing to pay a premium salary of over Rs 1.5 to 4 crore to top talent. This has increased the cyber security budget by 71% as observed by PwC in its 2016 report.
The jobs that are seeing this sharp increase in pay include the following five cyber security roles:
#1 Network Security Engineer
The network security engineer is a critical position within every organization. This person ensures the security systems are implemented within the organization to counter and stop threats. Their main responsibilities include maintaining systems, identifying vulnerabilities, and improving automation. They also oversee the maintenance of firewalls, routers, switches, various network monitoring tools and VPNs (virtual private networks).
The minimum salary of a network security engineer begins at Rs 4 lakhs and can go up to 8 lakhs per annum.
#2 Cyber Security Analyst
A cyber security analyst helps in planning, implementing and upgrading security measures and controls. They continuously monitor security access and perform internal and external security audits to ensure there are no loopholes or evidence of security lapses. A cyber security analyst is also responsible for conducting vulnerability testing, risk analyses, and security assessments, and for managing the network. In addition to these tasks, the analyst trains fellow employees in security awareness and procedures, so they are aware of the best practices to be followed to avoid security breaches.
The salary of a cyber security analyst begins at Rs 6 lakhs per annum.
#3 Security Architect
A security architect plays a crucial role in designing the network and computer security architecture for their company. The security architect helps in planning, researching and designing elements of security. Without a security architect, a company’s security system is vulnerable to attacks. The security architect first creates a design based on the needs of the company and then works together with the programming team to build the final structure. Besides building the architecture, they also develop company policies and procedures for how their company’s employees should use the security systems and decide on the punitive action in case of lapses.
The average pay of a security architect begins at Rs 17 lakhs per annum.
#4 Cyber Security Manager
Cyber security managers are responsible for the maintenance of security protocols throughout the organization. They create strategies to increase network and Internet security related to different projects and manage a team of IT professionals to ensure the highest standards of data security. A cyber security manager also frequently reviews the existing security policies and ensures the policies are current based on new threats. They also perform regular checks on all servers, switches, routers and other connected devices to make sure there are no loopholes in the security.
The average salary of a cyber security manager begins at Rs 12 lakhs per annum.
#5 Chief Information Security Officer (CISO)
According to a report by PWC, over 80 percent of companies now have a CISO on the management team. This trend shows that companies have grown aware of the threats of cyber crimes and the potential damage such attacks can cause. The CISO is a senior-level executive within an organization who ensures that the cyber security plan is aligned with the business’s vision, operations and technologies. The CISO works with the staff to identify, develop, implement and maintain processes across the organization to ensure there are no security breaches. They respond to incidents and set up appropriate standards and controls to mitigate security risks without causing any interruption to the business. They are also responsible for overseeing the implementation of security policies and procedures within the organization.
The average salary for top CISOs is anywhere between Rs 2 crores to 4 crores.
Those are the top five cyber security jobs in India today, but plenty of other roles exist and go unfilled, including information risk auditors, firewall, and security device development professionals, security analysts, intrusion detection specialists, computer security incident responders, cryptologists and vulnerability assessors.
As organizations across a wide range of different industries such as banks, government, retail, and BFSI sectors actively recruit cyber security professionals, the job demand will only go up. The challenge is to meet that demand by making sure people are getting trained for these critical security roles. And once they are trained, exciting and well-paying jobs await!
#6 Security Trainer
Role of a security trainer is to train employees in security best practices. Average salary for security trainers begins at 4 Lakhs per annum.
#7 Security Auditor
Report on a security system’s effectiveness and suggest ways to improve it. Because a security auditor is more high-level and uses established standards to evaluate a system. Average salary for security auditor begins at 5 Lakshs per Annum.