Browse Definitions :
Cybersecurity outlook 2022: Consultants cite 5 trends 10 cybersecurity best practices and tips for businesses

Top 8 in-demand cybersecurity jobs for 2022 and beyond

Cybersecurity is a challenging career path, filled with professional opportunities. Learn about the top cybersecurity jobs and the training and background they require.

Before we break down the most in-demand jobs in cybersecurity, consider the following facts about the state of cybersecurity:

  • In 2020, just a few months after the COVID-19 pandemic hit, the number of cyber attacks increased by 63%, according to "The Impact of the COVID-19 Pandemic on Cybersecurity" by the Information Systems Security Association and independent industry analyst firm Enterprise Strategy Group, a division of TechTarget. Moreover, the "2020 Year End Report: Data Breach QuickView" by Risk Based Security found there were 3,932 publicly reported breach events during the year, resulting in the exposure of 37 billion records -- a 141% increase over 2019.
  • If 2020 wasn't bad enough, 2021 was worse. The number of breaches through the end of September 2021 had already exceeded the total 2020 number by 17%, according to the "2021 Q3 Data Breach Analysis and Key Takeaways" from the Identity Theft Resource Center.
  • The alarming increase in the number of breaches and cyber attacks is compounded by another worrisome trend: the rising cost of breaches. The average global cost of a breach has increased to $4.35 million in 2022, up from $4.24 million in 2021, according to the "2022 Cost of Data Breach" report from IBM and the Ponemon Institute. In the United States -- the favorite playground of threat actors -- the average cost of a breach in 2022 has shot up to $9.4 million.

Indeed, organizations have their work cut out for them cybersecurity-wise, which is why they need competent cybersecurity professionals who can bring the right balance of skills, knowledge, best practices and experience to protect the company. In addition, the "2022 Cybersecurity Skills Gap" report from Fortinet found that 60% of firms struggle to recruit cybersecurity talent while 52% find it hard to retain them, putting many organizations at risk.

This problem represents a world of opportunities for skilled cybersecurity professionals. With 76% of company boards recommending a higher security headcount, according to the Fortinet report, the demand for trained, certified and skilled cybersecurity professionals is at an all-time high -- particularly for the eight specialists described below.

Who are these specialists? What are their skill sets? What does a career in cybersecurity look like for each of them? What's the role type? And what's the average salary for each role?

Read on to learn about the most in-demand cybersecurity jobs.

1. Cybersecurity engineer

Role level: Advanced/Experienced

Role type: Technical

Average salary: $98,497/year

A cybersecurity engineer builds information security (infosec) systems and IT architectures and protects them from unauthorized access and cyber attacks. Cybersecurity engineers develop and enforce security plans, standards, protocols and best practices, and they build emergency plans to get things up and running quickly in case of a disaster.

Proactive thinking, planning and action are critical to this role. Cybersecurity engineers often spend a lot of time finding system vulnerabilities through penetration testing and figuring out how to deal with them before they become serious security issues. They may also review the organization's legal, technical and regulatory areas that affect IT security, and recommend modifications for the same.

Other duties include:

  • creating and installing firewalls and intrusion detection systems;
  • updating security software, hardware and facilities, or evaluating new ones for implementation; and
  • running encryption programs.

In addition, a cybersecurity engineer's job includes dealing with a detected security issue by moving data or information, or by working with outside teams to help the organization recover from a data breach.

People in this role must have strong communication skills to explain complex issues to management and to lay out the best ways to implement the latest security plans and procedures. They may also have to work with law enforcement following an attack.

Education and skills

  • Bachelor's degree or higher: computer engineering, cybersecurity, infosec or a related field;
  • secure coding practices and vulnerability detection;
  • risk assessment;
  • secure network design and architecture;
  • firewall architecture;
  • computer forensics;
  • identity and access management;
  • virtualization technologies;
  • defending against advanced persistent threats, malware, phishing and social engineering; and
  • encryption technologies.

Certifications

2. Infosec analyst/Cybersecurity analyst

Role level: Entry-level/Mid-level/Experienced

Role type: Technical

Average salary: $77,474/year

A security analyst's role is fairly broad, and may encompass numerous responsibilities, such as monitoring security best practices, protocols and procedures with the right tools, and ensuring practices are properly implemented and followed. People in this role analyze reports from these tools to proactively identify unusual or anomalous network behaviors. They may also control file access and credentialing, network updates and firewall maintenance.

A well-trained security analyst will have a solid understanding of how data is stored and managed, and the different kinds of cybersecurity threats, including ransomware attacks, social engineering and data theft. They may perform penetration testing and vulnerability scans and recommend relevant changes to improve security.

At large companies, security analysts may work in a security operations center to specifically monitor, detect, contain and remediate threats. At midsize and smaller organizations, security analysts may play a broad role, handling everything from security analysis and intrusion detection, to firewall maintenance, antivirus updates and patch updates. Since they have expertise in security risks and best practices, they may be asked to train employees on cybersecurity hygiene.

Education and skills

  • Bachelor's degree: computer science, cybersecurity, infosec or a related field;
  • proprietary network management;
  • penetration testing;
  • security incident triaging;
  • risk assessments;
  • data encryption; and
  • firewall design, configuration, deployment and maintenance.

Certifications

3. Network security architect

Role level: Advanced/Experienced

Role type: Technical and managerial

Average salary: $126,166/year

A network security architect plays a critical role in improving the security strength of enterprise architecture, while maintaining network productivity, efficiency, availability and performance. Network security architects help translate business needs into functional systems, define appropriate policies and procedures for those systems, and even help train users and administrators. They also keep an eye on budgetary and operational constraints. This is why people and managerial skills are important skills to have in this role.

To ensure ongoing security throughout the network lifecycle, network security architects undertake defensive measures like firewall and antivirus configuration, and offensive measures like penetration testing. They also oversee network changes to ensure minimal risk to the organization. They're expected to have advanced knowledge of different security tools and techniques related to firewalls, penetration testing and incident response. They must also be aware of computer systems' networking requirements, including routing, switching and trust domains, as well as security best practices, technologies and industry-standard frameworks.

They conduct network and systems analyses to identify and select the best control mechanisms for the required security level. They must be aware of various access control mechanisms, including role-based access control, mandatory access control and discretionary access control.

Education and skills

  • Required: Bachelor's degree in computer science or a related field;
  • Preferred: Master's degree in cybersecurity;
  • strategic planning;
  • ITIL and COBIT IT process models;
  • knowledge of TCP/IP networking and networking security;
  • Open Systems Interconnection 7-layer model;
  • intrusion detection systems;
  • risk management;
  • single sign-on identity management systems;
  • VPN layers and connections; and
  • protocol encryption.

Certifications

4. Security software developer

Role level: Mid-level/Senior/Lead

Role type: Technical

Average salary: $73,980/year

A security software developer's role is perfect for someone who wants to write software code and is also interested in infosec. By combining their technical programming knowledge with product development and security analysis skills, a security software developer creates software and adds security to it to "harden" it from potential attack. To do this, they must have up-to-date knowledge of the threat landscape, which is why entry-level roles in this area are virtually nonexistent.

A security software developer should be able to conceptualize tomorrow's threats today and take action to address those threats early. They should also balance product speed, functionality, user experience and security, so there are no unnecessary tradeoffs or costly errors. Security software developer's will typically work with other professionals like designers, engineers and testers, so in addition to technical knowledge of software architecture, design and coding, they should have strong communication and collaboration skills.

In general, security software developers are in great demand, and have plenty of opportunities in IoT and other emerging areas of technology.

Education and skills

Mid-level roles:

  • Bachelor's degree in software development or software engineering,
  • secure coding practices,
  • security controls and
  • Penetration testing, which is preferred but not always required.

Advanced roles: Items listed above, plus the following:

  • infosec,
  • cryptography,
  • project management and
  • network security.

Certifications

Table of cybersecurity career requirements
A quick look at the job titles, educational requirements and salaries for various stages of a cybersecurity career.

5. Penetration tester/Ethical hacker

Role level: Junior/Associate/Mid-level/Senior/Lead

Role type: Technical and reporting

Average salary: $87,925/year

Ethical hackers are the private eyes of the cybersecurity world. Also known as white hat hackers, they act like the bad guys to understand the attackers' motives, approaches and threat actions. They conduct penetration testing to find vulnerabilities and gaps in security protocols for networks, OSes, devices and web-based applications. They also suggest relevant fixes before these vulnerabilities can be exploited by bad actors. They play a proactive role in safeguarding the organization's information and systems.

Since they often work in highly confidential and time-sensitive projects, ethical hackers should be trustworthy, and able to tolerate high levels of stress and uncertainty. They should also be creative, and highly organized to effectively record and track their projects. Most importantly, they must constantly update their knowledge, skills and techniques to preempt cybercriminals' activities, and assist in incident handling and forensic analysis to improve the organization's security posture.

Some organizations differentiate between pen testers and ethical hackers. In these firms, pen testing is one of the functions of an ethical hacker who also has strong tactical cyber skills plus deep knowledge of the organization's vulnerabilities and vulnerability management approach. In others, the two roles are considered interchangeable.

Education and skills

  • Bachelor's degree: infosec or a related field;
  • penetration testing methods and tools, e.g. Network Mapper, Wireshark and Kali;
  • knowledge of Python, Golang, Bash and PowerShell;
  • OWASP Top 10 vulnerabilities; and
  • social engineering.

Certifications

6. Application security engineer

Role level: Junior/Mid-level

Role type: Technical and communication

Average salary: $127,327

In the software development lifecycles (SDLCs) of the past, security was viewed as something that could be reviewed and then simply tacked on to the finished software product once development was complete. But as we have seen, organizations are increasingly vulnerable to cyber attacks and data breaches. To stay safe from such serious threats, organizations need to ensure that security is not tacked on but baked into software applications. And this is primarily the responsibility of an application security engineer.

This specialist ensures developers follow secure coding practices at every step of the SDLC. They also help the development team test the application against specific security risks and parameters prior to its release.

The app sec engineer is responsible for engineering the software in a secure manner. And for this, they must be able to do the following:

  • understand development environments -- many app sec engineers are former coders and programmers;
  • understand how code is written and how the software is built;
  • perform code reviews, application vulnerability scanning and pen testing;
  • prioritize vulnerabilities and help developers to assess and remediate them;
  • understand how the application will run in the production environment and how it could be vulnerable in the real world; and
  • maintain technical documentation.

An app sec engineer plays a vital role in improving application security and ensuring the final product can successfully operate in the current threat landscape. Ideally, this person should have coding experience. However, they can do their job even if they lack this experience, provided they can effectively communicate with the dev team and other teams in the product engineering pipeline and explain any security issues in the context of the application's code.

Education and skills

  • Bachelor's degree: computer science or a related field;
  • knowledge of encryption techniques in databases and the cloud;
  • prefer someone with working knowledge of software development, network engineering, security protocols, systems engineering, web application security and cryptography;
  • clear conceptual understanding of the SDLC;
  • familiarity with secure coding best practices;
  • knowledge of existing and emerging security threats; and
  • robust communication and soft skills.

Certifications

More on building a cybersecurity career

Enhancing your cybersecurity knowhow is a great way to start moving into a job on a security team. Check out these resources for some initial steps to take:

10 cybersecurity certifications to boost your career in 2022

Top 10 cybersecurity online courses

Top 10 cybersecurity interview questions and answers

7. Malware analyst

Role level: Mid-level/Experienced

Role type: Technical, plus reporting and communication

Average salary: $165,000

In 2021, ransomware attacks rose by 93% compared to 2020 levels, according to the "2021 Annual Threat Monitor Report" from NCC Group. Governments and healthcare organizations were the favorite targets of ransomware attackers, experiencing an increase in such attacks by 1,885% and 755%, respectively, according to the "2022 SonicWall Cyber Threat Report."

Malware types and capabilities are constantly evolving, which explains why more organizations are falling victim to this threat. Worse, many companies are struggling to keep up with new and emerging forms of malware that spread quickly and are difficult to detect. This is why the demand for malware analysts is surging like never before.

A malware analyst identifies and examines malware-related threats. They also analyze malware-related incidents that have already happened. Their goal is to understand the nature of such threats and attacks to do the following:

  • reverse engineer malicious code;
  • understand how an attack was deployed and why it was successful or not;
  • develop and refine malware protection tools; and
  • document suitable methods to avoid malware threats in future.

Since malware analysts must understand code as well as threats, they're required to combine the skills of both security engineers and programmers. Many malware analysts first gain several years of experience in programming and software development before they step into this niche role.

A competent malware analyst must also have strong digital forensics skills, know how to use debugger tools like OllyDbg and dev environments like IDA Pro, and be aware of cutting-edge attack techniques and anti-attack methods. It's unlikely a recent graduate would have all these skills and capabilities, which is why most malware analysts are mid-senior-level cybersecurity professionals.

Education and skills

  • Bachelor's degree: computer science, cybersecurity or a related field;
  • experience with programming: C/C++ preferred since many malware strains are written in these languages;
  • ability to write scripts in Python, Perl and Ruby;
  • strong knowledge of tools like IDA Pro, OllyDbg, RegShot, WinDbg, Immunity Debugger and TCP view;
  • working knowledge of Windows API and Windows OS internals;
  • ability to reconstruct unknown TCP/IP protocols, file formats and data structures; and
  • ability to write technical reports and to communicate with dev teams and senior leadership.

Certifications

8. Computer forensics analyst/Digital forensics examiner

Role level: Entry-level/Mid-level/Senior

Role type: Technical, reporting and communication

Average salary: $75,018

A computer forensics analyst -- also known as a digital forensics examiner, forensic technician or cyberforensic analyst -- is the crime scene investigator of the cybercrime world. This specialist is of immense value when it comes to investigating cybercrimes that have affected an organization and figuring out how to prevent them from happening again.

Through their investigations, computer forensics analysts discover how a threat actor gained access to the enterprise network and what security gaps must be plugged to prevent the recurrence of such unauthorized access events. They also analyze digital evidence left behind by the attacker, prepare evidence for legal or law enforcement purposes and, when required, provide expert testimony during court proceedings.

Other crucial tasks performed by a forensics analyst include the following:

  • analyzing log files to determine the perpetrator(s) of a network intrusion or attack;
  • performing file signature analysis and file system forensic analysis;
  • gathering and analyzing intrusion artifacts, such as source code, malware or system configuration details; and
  • working with the security team to mitigate future cybersecurity incidents.

This is a critical role in cybersecurity teams. Moreover, it requires a knowledge of cybersecurity from a technical, criminal and legal perspective, which fresh graduates typically can't yet bring to the table. Therefore, most digital forensics roles are in the mid-senior career range. However, some companies in the private sector, as well as some local, state and federal government agencies, do hire forensics analysts at the entry level, provided the candidate can show they have the required knowledge and skills.

Education and skills

  • Bachelor's degree in computer forensics or similar area;
  • knowledge of anti-forensics tactics, techniques and procedures (TTPs);
  • knowledge of data carving tools and techniques, malware analysis tools and binary analysis;
  • knowledge of and experience with forensic tool suites, analyzing anomalous code, analyzing volatile data, processing digital evidence and preserving evidence integrity;
  • ability to interpret tool results to ascertain TTPs;
  • ability to conduct bit-level analysis and analyze memory dumps to extract information;
  • ability to identify obfuscation techniques;
  • an understanding of law and criminal investigation techniques; and
  • strong analytical and communication skills plus attention to detail.

Certifications

Wrap-up

As the number, scope and scale of cyber attacks increases, the demand for qualified cybersecurity professionals is also on an upswing. Not only is the field interesting and fulfilling, it offers numerous opportunities for career growth, high rewards and the chance to make a real difference to organizations and industry.

Next Steps

Cybersecurity career path: 5-step guide to success

How to land a job in cybersecurity

Digital transformation redefines cybersecurity skills careers

Dig Deeper on Security

SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • What is cybersecurity?

    Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.

  • Android System WebView

    Android System WebView is a system component for the Android operating system (OS) that allows Android apps to display web ...

  • data masking

    Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used ...

SearchCIO
  • privacy compliance

    Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or ...

  • contingent workforce

    A contingent workforce is a labor pool whose members are hired by an organization on an on-demand basis.

  • product development (new product development -- NPD)

    Product development, also called new product management, is a series of steps that includes the conceptualization, design, ...

SearchHRSoftware
  • talent acquisition

    Talent acquisition is the strategic process employers use to analyze their long-term talent needs in the context of business ...

  • employee retention

    Employee retention is the organizational goal of keeping productive and talented workers and reducing turnover by fostering a ...

  • hybrid work model

    A hybrid work model is a workforce structure that includes employees who work remotely and those who work on site, in a company's...

SearchCustomerExperience
  • Salesforce Trailhead

    Salesforce Trailhead is a series of online tutorials that coach beginner and intermediate developers who need to learn how to ...

  • Salesforce

    Salesforce, Inc. is a cloud computing and social enterprise software-as-a-service (SaaS) provider based in San Francisco.

  • data clean room

    A data clean room is a technology service that helps content platforms keep first person user data private when interacting with ...

Close