The broad term that is used amongst industries to refer to this kind of job is security specialist. However, some organizations refer to the same job function in some other terminologies that seem to be more confined such as:

• Information Security Specialist
• IT Security Specialist
• Computer Security Specialist
• Network Security Specialist

I think it is worth noting that when having a more confined term such as Computer Security Specialist, it is mostly the case that responsibilities are not of the same high level like a Security Specialist position.

Looking at the PayScale figures, there are mainly two categories of security specialists for which the salaries vary.

• The first category is Security Specialist. For this position, the average salary is $74,580. However, there is a great gap between the minimum and maximum salaries for this job again according to how difficult the position is. The minimum is $45,481 while if you work for an organization that relies heavily on cybersecurity and accordingly on you as the security specialist there, you should expect up to $114,105 to have annually.
• The second category is Computer Security Specialist. This position though has a lower average salary of $64,349. Also, the gap between the minimum and maximum salaries for this position is really huge. One can expect to earn a salary of $38,332 and up to $105,903.

Please note that total pay figures include your base annual salary, bonuses, profit sharing, tips, commissions, overtime pay and other forms of cash earnings, as applicable.

The level of cybersecurity job always determines what sort of degree is required from a potential candidate to be well prepared for the position. When it comes to entry level positions, having a bachelor’s degree in computer science or cybersecurity is not really a must. An associate’s degree or four years of experience in the field would be acceptable. However, when it comes to high level positions, one has to earn a bachelor’s degree in computer science, cybersecurity, or equivalent degrees.

Still, if someone is interested in the field but she did not earn a computer science degree nor a cybersecurity one, she still can join a master’s degree and specialize in IT security. Also, earning professional certificates and trainings would be really desirable for an employer who would really appreciate the experience.

Well, it really depends on the job. If the job is an entry-level one, then there is a need of 1 to 2 years in the field. On the other hand, if it is a senior level job, then experience for at least 5 years in the field of IT security is required.

While the exact skills for each job vary according to the exact requirements set by the organization, a perfect candidate should be well founded in many aspects given by the following points.

• A candidate should be comfortable with dealing with IDS and IPS.
• She should be able to perform any vulnerability testing tasks.
• She should also be standing on a solid ground when dealing with computer networking concepts like routing and switching. Needless to say, that basic networking protocols like TCP/IP should also be grasped well be a perfect candidate.
• She should also be comfortable dealing with anti-malwares, antiviruses, and DLP.
• She has to be knowledgeable of security protocols meant for intrusion detection and intrusion prevention.
• She should be comfortable dealing with and setting up firewalls and security rules.
• Knowledge of the basics of secure coding practices is also great.
• She should also know how to perform tasks like ethical hacking and threat modeling.
• The main operating systems: Windows, Unix like systems should be all grasped by a perfect candidate as well.
• Frameworks such as ISO 27001/27002, ITIL and COBIT are really desirable.
• Background of the compliance assessments such as PCI, HIPAA, NIST, GLBA and SOX is a must especially for big organizations.
• Experience with programming languages such as C, C++, C#, Java or PHP is also needed.
• Knowledge of Security Information and Event Management (SIEM) is really useful and desirable for a security manager to function perfectly in her position.

A security specialist works both individually and in teams with others within an organization. This means that an employer looks for a candidate who have solid technical knowledge, analytical persona, clever at problem solving skills, and those who have good oral and communication skills are really preferred over others who lack them because of they will work with others.

The following list that is provided here works fine as a guideline for the certifications that one should seek to convince any employers with her skills. Nevertheless, this does not mean that these are the only certificates that one should shoot for. I recommend that you can have a look at LinkedIn and see what certificates employers seek according to the requirements of their job postings.

• Security+: CompTIA’s popular base-level security certification
• CCNA: Cisco Certified Network Associate – Routing and Switching
• CEH: Certified Ethical Hacker
• GSEC / GCIH / GCIA: GIAC Security Certifications
• CISSP: Certified Information Systems Security Professional