As cybercrime attacks continue to rise in the U.S., companies across diverse industries seek information technology (IT) specialists who can secure sensitive information against theft and exploitation.
This guide helps you prepare for a career in network security by detailing employment options based on degree level. You can also learn about professional development opportunities like industry certification options, massive open online courses (MOOCs), and fellowships.
Why Pursue a Career in Network Security?
Cybercrime is an urgent and growing threat to private businesses. The Insurance Information Institute estimates that these security breaches cost the global economy about $445 billion every year.
These attacks also affect public safety due to the prevalence of consumer fraud and identity theft. By pursuing a network security career, you can join a community of professionals dedicated to preventing incidents of cybercrime and bringing criminals to justice.
In addition to thinking critically and solving complex problems, successful network security professionals must be able to communicate technical information to a variety of audiences. They must also understand core IT concepts like web applications, systems analysis, and database administration.
Network Security Career Outlook
The Bureau of Labor Statistics (BLS) projects that computer and IT occupations will grow by 11% between 2019 and 2029. The BLS also projects information security analyst positions to grow by 31% during the same period, adding nearly 41,000 new jobs to the economy.
The table below uses PayScale data to provide average annual salaries for careers in network security based on a worker's experience level. Salary potential also varies based on industry, employer, geographic location, and individual qualifications.
|Security Consultant (Computing/IT/Networking)||$68,030||$76,040||$98,540||$115,710|
|Information Security Analyst||$59,670||$67,410||$82,230||$95,150|
|Information Security Manager||N/A||$93,910||$112,530||$120,140|
|Chief Information Security Officer||N/A||$122,540||$127,640||$166,200|
Skills Gained With a Network Security Degree
Network security programs are available at every degree level and can provide you with the comprehensive training needed for career entry and advancement. Undergraduate students develop core information technology competencies by learning to analyze problems and discover appropriate computing solutions. They also delve into the national and global impact of cyberterrorism.
Graduate students develop advanced skills and can often pursue concentrations in areas like software development, criminal justice, and computer engineering. The following section provides a list of skills gained during a network security program.
- Data Analysis
This skill involves the evaluation of digital information for errors, patterns, and meanings. Students learn to aggregate and validate information into large groupings or sets, which they then present using data visualization techniques. Data analysis skills are also relevant to business intelligence, healthcare administration, and supply chain management.
- Computer Programming
Computer programming covers topics like systems design, troubleshooting, computer languages, and software development. At the introductory level, students gain skills in object-oriented programming and control structures. At higher levels, they learn to implement and monitor entire operating systems.
- Information Systems
Network security students learn to apply data analysis and computer programming knowledge to practical settings. They build networks and systems that assess, store, and protect financial data, consumer records, and private correspondence. A thorough understanding of these systems helps network security engineers evaluate data for decision-making purposes.
- Risk Management
Risk management involves the ability to anticipate and respond to cyberattacks. Learners discover how to identify risk types and enact proper countermeasures, which may include training teams, clients, and employees on best IT practices.
- Interpersonal Communication
Network security professionals must develop the ability to communicate highly technical information to nontechnical audiences, closing gaps in an organization's information network and protecting digital assets.
Network Security Career Paths
- Digital Forensics
This multidisciplinary concentration combines criminal justice, forensic science, and information technology. Students learn to recover digital information from computer systems and mobile devices. They also develop the analytical skills necessary to evaluate compromised information networks. Course topics include digital evidence recognition, cybercrime, and computer architecture. This concentration greatly benefits learners who want to work for government agencies and within the judicial system.
- Software Development
Students who want to cultivate a broad IT skill set can pursue a software development concentration, completing coursework in advanced database systems, software engineering, and product quality assurance. They can focus their studies on developing, implementing, and protecting mobile applications and cloud software. This concentration opens the door to several employment opportunities, as many industries need software developers.
- Health Information Management
Healthcare security specialists organize, code, and protect organizational records and patient information. They also help managers and stakeholders make data-driven decisions. Health information management students learn about healthcare data management, research methodologies, and network infrastructure.
- Computer Engineering
This concentration combines electrical engineering and computer science, preparing students for careers as information systems managers and network architects. Computer engineering provides a well-rounded curriculum that includes classes in broadband architecture and communications network design. Students also explore machine learning, artificial intelligence, and bioinformatics for embedded systems and software.
- Data Analytics
A branch of data science, analytics involves the collection, analysis, and application of digital information. Students learn to use statistical tools and software to evaluate large datasets to extract patterns and meaning. Within the field of network security, data analysts support cybercrime investigations and penetration testing. This concentration also prepares students to pursue careers as business intelligence officers, digital marketers, and computer scientists.
How to Start Your Career in Network Security
The FBI's Internet Crime Complaint Center documented over 460,000 reported incidents in 2019. Cybercriminals engage in phishing scams and confidence fraud, compromise business emails, and steal financial information. The growing frequency and effectiveness of these attacks results in high demand for skilled network security professionals, particularly among financial institutions, healthcare providers, software developers, and enterprise management firms.
Although you do not necessarily need a college degree to work in IT, postsecondary degree programs offer the training and professional development resources needed to jumpstart your career in network security. Additionally, a degree is a prerequisite for many industry certifications, as well as management, research, and consulting roles.
Associate Degree in Network Security
Associate programs in network security total at least 60 credits, and most full-time students graduate in about two years. Distance learners can enroll in accelerated online tracks, taking eight-week asynchronous classes year-round to finish in less time. Graduates can pursue entry-level careers in administrative support and web development or enroll in bachelor's completion programs.
Associate-level curricula generally include courses like routing and switching, network and infrastructure defense, and Microsoft Windows server administration. Depending on the program, students may also delve into more advanced topics like data visualization and penetration testing.
What Can You Do With an Associate in Network Security?
- Computer Support Specialist
Support specialists work as part of a company's network department. They assess computer systems to identify and troubleshoot problems. They also perform routine maintenance to optimize system performance and create backup files to aid in disaster recovery. These specialists may also provide training to new users and help consumers fix common errors.
- Web Developer
These professionals create websites based on their clients' specifications. They can focus on front-end development (which focuses on the site's layout) or back-end development (which covers technical construction, speed, and capacity). Freelance web developers usually cultivate a full-stack skill set to improve their employability.
- Network Systems Administrator
Network administrators oversee the day-to-day functions of their organization's interconnected computer systems. They may work with leadership to update IT needs, installing new software and hardware as needed. These professionals are also responsible for enforcing network security standards, granting access to new users and monitoring for cyberattacks. Some employers may hire candidates with an associate degree for this position.
Bachelor's Degree in Network Security
Bachelor's programs in cybersecurity and network security help students develop core skills in technical communication and applied statistics. They also allow students to explore advanced IT concepts in areas like digital forensics, cloud technologies, and legal issues related to cyberlaw and personal privacy. Learners engage in practical skill development by completing laboratory training and internship experiences.
Some colleges enable students to further personalize their curriculum by pursuing a concentration (e.g., information assurance) or a complementary minor (e.g., project management). These programs often culminate in a research project that aligns with a student's interests and professional objectives.
Most bachelor's programs take four years, but students can graduate sooner by enrolling in an intensive online bachelor's program in cybersecurity.
What Can You Do With a Bachelor's in Network Security?
- Information Security Analyst
These analysts monitor their company's networks and systems for intrusion. They investigate threats and pursue disaster mitigation. To bolster cybersecurity defenses, these specialists implement layered strategies that use firewalls, data encryption, and privacy controls.
- Ethical Hacker
Also known as penetration testers, ethical or "white hat" hackers assess the strength of an organization's system security measures with the full permission of their clients. They may also provide recommendations for updated protocols and software/hardware. To keep up with the evolving cybersecurity landscape, ethical hackers must follow emerging IT trends and any new techniques employed by malicious hackers.
- Software Developer
Like web developers, software developers can focus their work on one of two main subfields. Applications developers create task-specific programs for computers and mobile devices. Alternatively, systems developers create the underlying programs that enable computers to run as intended and the user interface controls for everyday electronics.
- IT Auditor
IT auditors evaluate an organization's cybersecurity infrastructure for effectiveness, ensuring the system meets designated objectives and regulatory compliance. They are also an integral part of risk management, helping clients spot and shore up weaknesses. Internal auditors work for a single company and report to an audit director, while external auditors work independently and report to shareholders.
- Cybersecurity Engineer
These engineers build the security networks and systems designed by the company's IT architects, consultants, and managers. They install and test development tools and applications, optimizing performance and troubleshooting problems as necessary. The best cybersecurity engineers have extensive knowledge of available and emerging products.
Sources: BLS and PayScale
Master's Degree in Network Security
Midcareer professionals who aspire to management positions and career changers looking to break into the IT field may want to enroll in a master's program in information systems security. The curriculum requires at least 30 credits, and full-time students often graduate within two years. Many colleges offer intensive online security programs that allow full-time learners to graduate in one year.
In lieu of a generalist cybersecurity degree, learners can also enroll in a computer engineering track or a program that focuses specifically on network security. Required courses may include wireless/mobile networks, analyzing information risks and benefits, malware reverse engineering, and advanced ethical hacking countermeasures.
What Can You Do With a Master's in Network Security?
- Network Security Architect
Network security architects design systems and frameworks that defend against intrusion at every identifiable access point. They also create IT policies and procedures, as well as the processes by which security incidents are documented. To oversee such a complex and multifaceted enterprise, architects must possess knowledge of many cybersecurity concepts, including data privacy, access management, and disaster recovery.
- Information Security Manager
As the head of a project team or an entire cybersecurity department, these professionals manage their organization's daily security operations. They collaborate with executives to develop IT policies/standards and work with other managers to ensure top-to-bottom compliance. Information security managers are also responsible for creating budgets, hiring and training personnel, and supervising the investigation of cyberattacks.
- Information Security Consultant
These specialists evaluate the strength of computer networks, systems, and applications. They create and implement solutions based on these findings and the needs of their clients. A master's degree can signal expertise in the field to potential clients.
Doctoral Degree in Network Security
Network security professionals who aspire to the highest leadership positions within their organizations or careers in research and postsecondary teaching can earn a doctorate. The two main options in network security are a doctor of science (D.Sc.) and a doctor of philosophy (Ph.D.). The former path offers practitioner training that emphasizes business competencies, while the latter track focuses more on basic and applied research.
These programs require 60-120 credits, and students typically graduate in 4-6 years. Learners who enroll in a network security D.Sc. program develop the management skills needed to improve strategic performance and guide the decision-making process. Ph.D. candidates spend most of their time conducting original research in pertinent IT areas, such as digital forensics, smart grid security, cyber-infrastructure, and social engineering.
What Can You Do With a Doctorate in Network Security?
- Chief Information Security Officer
Also called CISOs, these executive leaders develop the strategies and oversee the daily operations that protect a company's enterprise assets. In addition to approving security policies and response plans, CISOs also ensure that employees understand and comply with these standards. They also perform research, learning how to use emerging technology to bolster their company's cybersecurity defenses.
- College Professor
Postsecondary teachers provide instruction on topics related to their academic disciplines through lectures, seminars, and laboratory sessions. Outside the classroom, professors offer career guidance and connect students with internship and research opportunities. They also pursue their own projects, conducting research and showcasing their findings in scholarly journals and at conferences.
Sources: BLS and PayScale
How to Advance Your Career in Network Security
After earning a degree and starting your first job, you can strengthen your skills by accruing practical experience. Your abilities to produce creative solutions and work well in cross-disciplinary teams can eventually lead to more responsibilities and better pay.
This section covers additional ways to advance your network security career, such as by earning industry-specific certification and taking advantage of research-focused fellowship opportunities.
Certifications and/or Licensure
While certain network security careers may require state licensure, most do not. Instead, you can bolster your employability by pursuing industry certification. Because of the highly technical nature of cybersecurity, some employers may actually require these credentials.
Vendor-specific opportunities include the Microsoft security engineer certification path, which offers three levels of professional designation: fundamentals, associate, and expert. You can also enroll in the Cisco certified network professional training program, choosing the security technology track. Although there are no concrete requirements to begin Cisco's certification process, candidates usually have at least three years of work experience before they can pass the two exams leading to certification.
Security professionals can also earn vendor-neutral certification from organizations like the Computing Technology Industry Association and ISACA. The International Information System Security Certification Consortium ((ISC)) is another leading provider. (ISC) offers several credentialing programs, including the certified information systems security professional, certified secure software lifecycle professional, and healthcare information security and privacy practitioner credentials.
Enrolling in a graduate program is a popular path for professionals who want to advance their network security careers. However, before you spend the time and money earning a master's or doctoral degree, consider less costly forms of continuing education, such as free online classes. Platforms like Coursera and edX offer a variety of technology-focused MOOCs, some of which may help you earn professional certification.
In recent years, IT giants like Apple and Google have described their unconventional stance on recruitment, stating that they value demonstrable skills — not just a college degree. Additionally, Google offers a low-cost training program that prepares you for its professional cloud security engineer certification exam.
Graduate students can also take advantage of fellowships that provide financial support and grant access to career training and networking opportunities. For example, the National Science Foundation sponsors a three-year cybersecurity fellows program for master's and doctoral students who have made innovative STEM research achievements.
Network security specialists should continue to hone their skills and engage with industry associations to maintain their current credentials and advance into the next tier of industry recognition. For example, (ISC) requires certified information systems security professionals to accrue 120 continuing professional education credits over each three-year renewal cycle.
Ninety of these credits must come from "Group A" activities, which include unique work experiences and contributions to the profession. The remaining 30 credits are filed under "Group B," which covers any nonsecurity professional development activity. Failure to fulfill these renewal requirements within 90 days of a certification's expiration date results in suspension of the certification and eventually total cancellation of an individual's title and membership.
You can also advance your network security career by expanding your circle of colleagues and mentors and connecting with potential employers. In addition to local networking events, many IT organizations hold annual conferences. Major gatherings include Cisco Live, Black Hat USA, and the international RSA Conference.
How to Switch Your Career to Network Security
Most employers prefer network security professionals who have previous experience and a bachelor's degree in a computer related field. However, you can still find employment with an associate degree/certifications and some relevant experience.
If you come from a nontechnical background and do not have the means to pursue a new degree, you should first look toward gaining certifications. These credentials prove to employers that you have the foundational skills needed to succeed in a network security role. While certification tracks may still require a significant time commitment, they are shorter than full degree programs and can help you secure an entry-level job.
Where Can You Work as a Network Security Professional?
- Computer Systems Design and Related Services
Systems design professionals work in teams to test, refine, and update computer applications and security systems. They also help clients select and install systems to meet business requirements.
- Management of Companies and Enterprises
Network security and information systems managers work in diverse industries like finance, marketing, health services, and communication. They oversee the everyday operations of an organization's computer systems and security protocols. They also manage long-term goals and projects.
- Credit Intermediation and Related Activities
A subset of banking and financial investment, credit intermediation involves lending funds through banks and brokerages. Network security professionals who work in this industry fill analyst positions, managing user access and protecting sensitive financial information.
- Management, Scientific, and Technical Consulting Services
Organizations hire consulting firms to strengthen general operations, improve employee efficiency, and solve challenges. As consultants, network security professionals provide a wide array of services, including risk assessment, penetration testing, and software installation and updates. They can also act as corporate educators who train staff on proper IT security measures.
- Insurance Carriers
Like credit intermediation companies, insurance carriers must handle sensitive financial information. They employ cybersecurity specialists who implement multilayered systems to prevent business interruption and protect consumer data and organizational records.
Interview With a Professional in Network Security
Dennis Chow is the director of network penetration testing at a Fortune 100 company and has 11 years of cybersecurity practitioner experience, with specialities in digital forensics and incident response. Dennis acted as a technical architecture lead for a Department of Health and Human Services grant in cyberthreat intelligence for the nation's overall healthcare system. Dennis also served in the U.S. Air Force and has advised agencies like NATO.
- Why did you decide to pursue a career in network security? Was it something you were always interested in?
My thoughts on moving into the cybersecurity space began in middle school. I believe I always had an interest in security as a whole; however, network security seemed to be the most enjoyable.
As I've moved up in my existing skill sets and career within IT, I realized that I could reap the benefits of a lengthy and lucrative career by exercising existing network analyst knowledge with security applications.
- What is so valuable about earning a degree in this field right now?
When I was in school, degrees specific to cybersecurity were rare and almost nonexistent. Colleges and trade schools are finally catching on and making programs related to the demand in this field. Initially, the first generation of degrees or certificates were based on theory and not enough hands-on tactical skill sets.
Many institutions learned from this and are now revamping to include practical skills in this field. Getting a degree with this as the concentration goes a long way to making it easier to obtain certifications and core skills. Many public sector institutions look for these degrees, sometimes in lieu of a certification.
- Can graduates of computer science programs find network security positions all over the country?
The one thing to remember about network security positions is that employers are looking for hands-on practical skills and experience. Many computer science graduates make the mistake of focusing only on programming as their core skill set. While this may land them some entry-level positions in information security as a whole, this probably wouldn't result in a successful, immediate transition to network security.
Computer science students should take every opportunity they can to learn network engineering practices, including building their own switches, routers, firewalls, and intrusion-detection systems from common open-source and community projects. This will greatly improve your chances of getting employed straight out of school.
- What did your career trajectory look like after you graduated? How did you end up in your current position?
My career trajectory initially seemed like it was going to be in IT systems engineering and management for a long time, based on what were then my current skills. I ended up trying to promote and do my own exploration in security by writing practical, entry-level white papers and showcasing my work to peers.
Only after I was able to properly communicate my aptitude in security did a company give me a chance at a security operations center analyst role, working the night shift.
After a decade of work and progression, I'm now a director of network penetration testing at a Fortune 100 company. Most of this was attributed to self-studying for cybersecurity certifications and practicing my craft on my own time after work. Another component of this was socializing some of my craft by making articles and tutorials about network forensics and incident response.
- What are the pros and cons of working in the network security industry?
Some of the great things about working in the security industry space as a whole is that there are always new challenges and — at least right now — the salary and demand are high. I've met interesting and highly skilled individuals at all age and education levels. The security community is quite small compared to other industries. We all know of each other in some way.
Working in security does have its downsides. For starters, it does take a while to ramp up to getting an entry-level role in security without adequate opportunities and an IT background.
The pace of our craft is constantly increasing the need for new and different skills. It gets difficult to keep up with them, and at some point you'll need to decide for yourself if you're going to stay a technical contributor or move into management.
- What advice would you give to computer science graduates seeking a job in network security after graduation?
Plan ahead by obtaining certifications and hands-on practical skills before graduation. If you can't afford certifications, do yourself a favor and take on network security-related projects by building your own IPS, firewall, network switch, and router at your house using virtual machines and open-source projects. Truly take the time to master the skills you learn in your courses, books, and other reading.
Another piece of advice is to network early. Go after internships and figure out how to align yourself with network security-related tasks, projects, and work. Showcase your skills on professional social media and public code repositories. Join and attend security-related conferences and prepare to work a room to build your network of contacts.
Lastly, keep up with the news and current events on a global, national, and local level. Hiring managers love to hear how you can apply recent events to security applications when you interview.
Resources for Network Security Majors
This section provides a list of resources that can help grow your network security career. Options include MOOCs that may lead to certification and influential trade magazines and academic journals. You can also learn about major organizations in the IT field and the benefits available to members.
- Professional Organizations
Computing Technology Industry Association: CompTIA connects technology practitioners, students, and educators. The association helps members build their professional network through online forums, regional working groups, and national conventions. CompTIA operates multiple award programs, including research funding for students. By joining, you can pursue certification programs in areas like IT fundamentals, penetration testing, and cloud essentials.
Cloud Security Alliance: Founded in 2008, CSA sets industry standards for cloud computing and information security. The organization boasts more than 100,000 members who connect through online special-interest groups and more than 100 global chapters. The alliance offers research funding, skill-building webinars, and in-person training. You also can obtain certification in areas like cloud security; global consultancy; and security, trust, and assurance registry.
International Information System Security Certification Consortium: (ISC) serves over 150,000 members who work in all facets of information technology and security. The consortium connects professionals through local meetings, online communities, and international conventions. (ISC) delivers self-paced and instructor-based online classes. By joining, you can study for certification in areas like software security, security administration, healthcare, and leadership and operations.
Open Web Application Security Project: OWASP is a global nonprofit organization dedicated to improving software security in all sectors. The organization provides impartial and practical knowledge through free guides, best practice standards, and technological strategies. As a member, you can connect and collaborate with peers through local chapter meetings, international gatherings, and online forums.
SANS Institute: Founded in 1989, the SANS Institute serves more than 165,000 information security professionals worldwide. By joining, you can access more than 400 training courses offered in 90 cities. The institute also offers webinars on topics like law of data security and investigations, open-source intelligence, and intrusion detection. You also can obtain certification in over 40 specialized areas, including Python coding.
- Open Courseware
Cloud Computing - University of Illinois at Urbana-Champaign: Totaling six courses, this specialization provides a comprehensive introduction to cloud computing systems and culminates in a six-week project. Students learn about cloud networking and the related difficulties of maintaining storage systems that require disks and processors.
Introduction to Cybersecurity - New York University: Students and career changers benefit from this four-course specialization, which covers the fundamentals of modern security methods and technologies. Learners examine major cybersecurity threats and countermeasures, including real-time detection and mitigation. The specialization culminates in a project.
IT Project Management - University of Washington: This program allows network security professionals to earn a certificate in five months by completing a three-course sequence. Students develop the personal leadership skills needed to successfully oversee diverse teams. The program also guides learners through the project lifecycle, teaching them how to create a schedule, maintain a budget, and enact control tools to maximize business benefits. This course requires a fee.
Software Testing Management - University of Maryland Global Campus: Over eight weeks, this introductory class helps students cultivate the technical and leadership skills needed to work as software engineers. Participants learn how to schedule and document testing procedures, evaluate metrics to improve analyses, and implement quality initiatives that align with industry standards. Students who pay a fee receive a verified certificate.
ACM Transactions on Privacy and Security: One of over 50 peer-reviewed journals published by the Association for Computing Machinery, TOPS covers information and network security. Readers can learn about emerging privacy methods and systems, as well as relevant policies and technologies. Recent content includes open-access research on user authentication, public-key password protocols, and the economics of information security investment.
Dark Reading: Dark Reading is one of the most popular cybersecurity news platforms, with a readership that consists of researchers, executive leaders, and network security practitioners. The site features content across various communities, including threat intelligence, attacks and breaches, and cloud security. Users can also access webinars and join discussions with colleagues and IT experts.
IEEE Transactions on Information Forensics and Security: The Institute of Electrical and Electronics Engineers boasts an online library of more than 5.3 million items. TIFS features content related to biometrics, surveillance applicants, and information security. Readers can access popular articles on topics like identity-based data sharing, real-time eyeblink detection, and reversible secret image sharing.
Infosecurity Magazine: This publication delivers printed and online content (including podcasts) that highlights emerging cybersecurity trends, expert opinions, and news. Readers can access articles on many broad topics, such as business continuity, digital forensics, data protection, and identity access management. The site also offers news on training events and online summits.
Journal of Cryptology: The official research publication of the International Association for Cryptologic Research, this open-access journal features original findings on modern information security. Covered topics include computational number theory, quantum cryptography, and novel applications of conventional algorithms. The Journal of Cryptology accepts submissions in English for peer review and publication.
Frequently Asked Questions
- Is network security a good career?
Yes. There is high demand for network security professionals. The BLS projects significant job growth for computer and information systems managers (10% growth) and information security analysts (31% growth) between 2019 and 2029.
- How do I start my career in network security?
You can start your career by earning a postsecondary degree and taking advantage of the training, research opportunities, and career guidance offered by accredited colleges and universities. You can also consider earning industry certification through organizations like CompTIA and the EC-Council.
- What kind of jobs can you get with a network security degree?
An associate degree leads to generalist positions like computer support specialist and systems administrator. A bachelor's degree enables you to pursue more specialized roles like ethical hacker and IT auditor. Leadership positions often require a graduate degree.
- What network security jobs pay the most?