A guide to 10 careers in cyber security (With salaries)
The Indeed Editorial Team comprises a diverse and talented team of writers, researchers and subject matter experts equipped with Indeed's data and insights to deliver useful tips to help guide your career journey.
Cyber security, or cybersecurity, is a growing industry and offers a wide range of career options. Roles in cyber security focus on protecting networks, computer systems and data from unauthorised access or interference. This can be in an in-house role, working as a cyber security specialist for a large company, as a consultant in a security firm, or even in a national governing body. In this article, we explain what cybersecurity is and provide a list of careers in cyber security, including salary information.
What is cyber security and what do cyber security jobs involve?
Cyber security consists of the processes an organisation puts in place to protect its data. There are many different ways data could be subject to a cyber attack. This could include threats originating from inside the company, for example, a dishonest or disenfranchised employee seeking to steal data to sell it, either for profit or to damage the company.
Cyber security roles involve putting measures in place to minimise this risk. Companies also use cyber security to prevent cyber attacks from criminals seeking to steal personal data, for example, credit card details. A number of public sector and private sector organisations employ specialists to focus on cyber security. Other cyber experts work in consultancy firms, where they work with a wide range of client organisations to provide specialist cyber security advice.
Careers in cyber security
If you are wondering how to get into cyber security, here is a selection of 10 popular careers in cyber security in the UK, including outlines of their primary duties and estimates of their average salaries:
National average salary: £15.13 per hour
Primary responsibilities: Not all jobs in cyber security require a university degree. Many large companies offer apprenticeships to people leaving school. This is particularly common in the energy industry and in telecommunications companies. These apprenticeships focus on developing real-world cyber security skills through a mixture of classroom and online training and hands-on experience, learning on the job.
Other organisations offer graduate trainee schemes focusing on cyber security. These may be an option for people from a wide range of technical backgrounds, for example, those with maths, engineering or computing degrees. The purpose of these schemes is to provide the necessary skills and qualifications to lead on to a full career in cyber security. This could also involve professional qualifications and certifications which allow graduates to develop a specialism in a particular area of cyber security, such as network defence qualifications or CompTIA certification in high-risk cyber security threats.
National average salary: £45,727 per year
Primary responsibilities**:** A number of bodies exist to provide strategic advice to the public and private sectors about cyber security. The largest of these is the National Cyber Security Centre, but various other organisations employ cyber security advisors whose role includes providing advice on protecting the organisation and its data online. The role of an advisor involves working with technical specialists to take detailed technical knowledge and make it accessible. This can include developing and launching public security awareness campaigns.
Cyber security advisors often work with industries under particular threat from cyber attacks. For example, the nuclear energy industry, research laboratories, weapons manufacturers and others working in advanced technology may find themselves under threat. Attacks may seek to steal intellectual property, such as blueprints or designs. Cyber security expert advisors help these kinds of companies keep their data, their customers and the industry safe.
National average salary: £61,743 per year
Primary responsibilities**:** Some companies routinely undertake a review of their cyber security measures and put in place new strategies to improve their overall security going forward. A specific cyber security project manager is likely to oversee these projects. As with any project management job, the role involves a significant focus on overseeing a budget and managing a specific project to achieve the desired goals within a specific time frame. It may also involve managing employed contractors for specific aspects of the project.
4. IT manager
National average salary: £43,828 per year
Primary responsibilities**:** An IT manager oversees the IT systems a company uses. This could involve procuring new equipment, updating existing equipment and using IT solutions to solve problems the company faces. Cyber security is integral to all of these duties. Whilst it is not the sole focus of an IT manager, ensuring that all updates and new systems are storing data safely and securely is fundamental to the job.
National average salary: £45,890 per year
Primary responsibilities**:** Systems integration engineers and administrators oversee the maintenance and configuration of various IT systems. In particular, they can have responsibility for installing cyber security software on local networks. They may also play a role in managing the human side of cyber security, that is – system access processes, so a company has a clear way of tracking which staff have access to sensitive files and folders.
National average salary: £72,914 per year
Primary responsibilities**:** Information architects are responsible for designing the structure and layout of a website or network. Those with a focus on security help a company by building the necessary security protocols into the IT networks a company uses. This could include implementing security software, such as virtual private networks (VPNs) and firewalls. They are also likely to play a role in vulnerability testing, to understand which aspects of a company's IT networks are most vulnerable to cyber-attacks.
National average salary: £33,707 per year
Primary responsibilities: A chief information officer has overall responsibility for a company's IT department. They put in place the cyber security strategies and make decisions about the best way for a company to implement technological solutions to upcoming issues. Whilst they have wider responsibility for the usage and functionality of the IT systems, cyber security is an important part of their role.
National average salary: £50,402 per year
Primary responsibilities: A security consultant works for a consultancy company or they may be self-employed. They work with multiple companies, under contract, to provide specialist cyber security advice. As part of their role, they may audit a company's existing cyber security measures to understand where there are issues or concerns. They study the measures in place and assess where breaches would be most likely. Finally, they provide advice to the company on how to remedy these issues.
National average salary: £35,026 per year
Primary responsibilities: Cyber intelligence analysts use intelligence and patterns of data to understand threats and put processes in place to mitigate them. They have a proactive role in writing reports and providing advice that helps a company look to the future and prepare for potential threats. Other IT specialists then implement the advice they provide, for example, by implementing access controls on particularly vulnerable parts of a company's IT system or adding firewalls.
National average salary: £46,779 per year
Primary responsibilities: Penetration testing, or 'white hat hacking', involves testing the security measures a company has in place. A penetration tester uses hacking skills to attempt to break into networks and computer systems or compromise websites. This kind of 'friendly' hacking allows a company to identify and fix security issues that leave their systems vulnerable. People with this speciality often work for specialist IT security consultancy firms, which offer their services to client organisations. This means they may gain a broad range of experience as they spend time working with different IT teams in various sectors.
The role may also involve testing the human aspects of cyber security. For example, a company may hire a specialist firm offering penetration testing, to send targeted phishing emails to members of staff, to understand how staff react and whether their actions (opening a suspicious email, clicking a link) would leave the company vulnerable to a cyber attack. A company uses this insight to implement cyber security training or new policies, where necessary.
Salary figures reflect data listed on Indeed Salaries at time of writing. Salaries may vary depending on the hiring organisation and a candidate's experience, academic background and location.
Please note that none of the companies mentioned in this article are affiliated with Indeed.
Explore more articles
- 10 awesome jobs in record labels with their salaries
- Dental technician vs dental hygienist (with roles and pay)
- What does a systems developer do? (With salary info)
- How to get a PR internship and the advantages of interning
- Creativity in marketing: what does a creative marketer do?
- 14 examples of creative careers (with salaries and duties)
- Management roles, and the key tasks managers complete
- Alternative careers for lawyers (with duties and tips)
- Q&A: how long does it take to become a massage therapist?
- Q&A: What Is an Intermediate Apprenticeship?
- What do financial advisors do? (Plus how to become one)
- Work from phone: 10 jobs you can do from your phone