Blog

Information Security Jobs And Salaries Continue To Rise As Demand Grows

Posted by Jeff Pelliccio on Jul 13, 2016 8:22:00 AM

In ICS insights

Information Security, also known as cyber security or network security, is the process of protecting information systems from any unauthorized type of access or threat. Information security also serves as a safety net from disruption or misdirection of the services a company provides. Every single company’s network risks theft or damage to either the hardware, the software, or the information stored on them, which is why every company needs security engineers.

Why are information security services so valued by companies? Well, companies aim to use the newest, most innovative technologies. While this means new security systems are concurrently strengthening with new technologies, it also means that hackers and threats are advancing just as quickly.

Cyber-crimes are expanding every day in strength and rapidity across the map. Security specialists believe that there are three types of companies in the United States: those who have been hacked, those who do not know they have been hacked, and those who will be hacked. The Symantec’s analysis of security threats in this same year disclosed that hackers worked on the offense faster than companies could implement defense systems. Hacks, threats, and bugs infiltrated the digital world at a staggering rate:

  • In 2014, there were more than 317 million new pieces of malware (that were recorded) that posed as potential threats to many companies.
  • That means nearly one million new threats were created each day.

Now just imagine what these hackers are capable of and what new knowledge they have obtained after two years in a world with constant technological growth.

There have been many serious network attacks over the past few years affecting notable companies and banks such as Anthem, the Federal Reserve Bank of New York, and JPMorgan Chase. Each case is unique in how the attack was performed, what information was seized, and what the repercussions of the company were in the aftermath.

Anthem

  • The Attack: In February 2015, the second largest health insurer in the nation, Anthem, had its network professionally hacked into. It was believed that the perpetrators in this case were Chinese government-sponsored hackers that began the attack months in advance.
  • Compromised Information or Assets: Approximately 88 million people became victims of having Social Security Numbers, employment details, and other personal information stolen via the attack.
  • Repercussions: In the aftermath, Anthem offered free credit monitoring services to those affected by this malicious intrusion of the company’s systems.

JP Morgan Chase

  • The Attack: Up until the cyber-threat at JP Morgan, the only types of breaching at banks involved personal identification numbers for A.T.M. accounts being stolen. Big Banks have invested heavily in information security defenses and therefore were perceived to be safe. It had been unheard of that a bank’s stronghold of internal computer systems could be compromised. JPMorgan Chase, the $2.6 trillion multinational banking and financial services company, experienced cyber-attack that was truly one of the first of its kind.  The hackers, who are believed to be Russian law enforcement officers with ties to the government, delved deeply into JPMorgan’s systems for an entire month prior to the detection of the attacks.
  • Compromised Information or Assets: Personal information such as, names addresses and phone numbers of account holders were retrieved from 76 million individuals as well as 7 small businesses.
  • Repercussions: Although there was no evidence showing that money or financial information was taken from customer accounts, it exposed the vulnerabilities of information security that affect huge, seemingly safe institutions on Wall Street and around the globe.

Are you looking for a Cyber Security Job? Click Here!

Federal Reserve Bank of New York

  • The Attack: System breaches have not only occurred in publicly held banks, but also within the Federal Reserve banking system of the United States. The Federal Reserve Bank of New York suffered a recent attack when hackers illegally withdrew from accounts the bank held for the Central Bank of Bangladesh. The Bangladesh Bank’s information system was breached by hackers who stole the bank’s official documentation to authorize payment transfers.
  • Compromised Information or Assets:  The thieves persistently sent over thirty requests for the New York Fed to transfer money from the Bangladesh Bank into several accounts in the Philippines. The hackers attempted to steal over $900 million, but only nabbed $81 million before the New York Fed became suspicious due to these questionable transfer requests being written to private entities, not other banks.
  • Repercussions: The remaining transfers were blocked once this red flag arose. As to the queries of where the money is now and who stole it is still unknown.

Still wondering why network security is so significant within a company and why security jobs are in such high demand? Perhaps these high-profile cases will convince you that even the most secure network systems like these found in managed health care, financial services, and government entities have been compromised over and over again- and will continue to be compromised over and over again- in cyber crimes that know no national boundaries.

Yes, these cases prove that comprehensive information security is essential, which is driving the desperate demand to hire competent IT professionals. Something else you may be wondering about the inflated demand for information security jobs is what specific job titles are proving to be prominent and what are their functions? Well, after extensive research on the job market from some of our top recruiters at ICS, results have shown that network security engineers, security architects, information security engineers, and chief information security officers are among some of the hottest security jobs in need so far this year.

If you are a hiring manager or even a Chief Information Officer, you need to know what security job will best protect your organization. If you are qualified to work in information security, you need to know which job will best suit your skills.

Network Security Engineer: ($67,356-$124,486)

  • Network Security Engineers are responsible for the implementing, maintaining and administering the corporate server architecture as well as the network security; this may include security systems such as firewalls or intrusion detection systems. They make contributions in part when it comes to the design, integration, and installation of hardware and software for a company’s computer system. Additionally, the security policy is enforced by the network security engineer.

Security Architect: ($81,676-$148,375)

  • The security architect is accountable for the maintenance of the security within a company’s system. It is believed that they should have a similar mindset to that of a hacker because if they are able to foresee a hacker’s actions or strategy to attack the system, then it becomes much simpler to prevent it. They must have a full understanding of the company’s system and know what the weaker points are so they can work to strengthen them to avoid it being the focal point of an attack. It is important that security architects are aware and mindful of the latest developments concerning both sides of the spectrum (security side and attacking side) so that their security system will be up to date and remain secure even against the newest potential threats. They are also responsible for creating and enforcing general user guidelines.

Information Security Engineer: ($61,200-$122,714)

  • Information security engineers are engineers specialized in forming solutions that conform to security policy, while also having the additional responsibility of averting system misuse and malicious behavior. They make certain that security is constructed into the design of the company’s system as if it were part of its foundation. In addition, they also maintain the company’s terminal access controller access-control system. The terminal access controller access-control system, otherwise known as TACACS, is a server that verifies users within the company, while also refusing access to those who are not in the system, thereby protecting information on the company’s computers system from unauthorized users. If the system ever becomes compromised due to a security breach, the information security engineer provides its guidance by taking lead of the security incident response.

Chief Information Security Officer: ($74,082-$239,307)

  • The Chief Information Security Officer is an executive-level manager who has a vital role in the IT/security department of a company. They manage the information asset management team, which ensures that company information is classified, stored, and secured correctly into the computer system. The CISO also directs and approves the design of the security system of the company as well as its policies, controls, and cyber incident response planning. If a security breach successfully compromises the system, investigations are run by the CISO to help figure out how it happened and how to prevent it from happening again in the future.

The unfortunate truth is there will always be good and bad; there will always be information security professionals and hackers just like there will always be cops and robbers. Fortunately, the justice that network security experts serve can be rewarded much more generously than that of a cop.