cybersecurity careers what are the opportunities?files.meetup.com/1698110/momo presentation.pdf ·...
TRANSCRIPT
Colleen Riccinto, Founder and PartnerCyber Talent Search
Cybersecurity CareersWhat Are the Opportunities?
Hector Acosta, Research & Policy Analyst Workforce Intelligence Network (WIN)
Topics We’ll Cover
• Cybersecurity and the mobile/wireless industry
• Demand for security talent
• Security job postings and salary data▪ Trends, salaries, companies, skill sets▪ U.S. and Michigan
• What motivates today’s cyber warriors
• Tips for getting and/or keeping a cybersecurity job
A Little Bit about Colleen
Bachelor of MusicFrench horn performanceDuquesne University, Pittsburgh, PA
M.A. in Written CommunicationEastern Michigan University
• Sales and business development• Entrepreneurship and leadership• Security awareness training• Technical writing
Certifications• Connected Vehicle Professional I,
Certified by SAE and CVTA
• Certified Identity Theft Risk Management Specialist
A Little Bit about Hector
B.A. - HistoryUniversity of Michigan, Ann Arbor
Research and Policy AnalystWorkforce Intelligence Network
Certifications• Economic Modeling Specialists,
International Analyst• State of Michigan Labor Market
Intelligence
How Can We Help You the Most?
• People In a Security Role
• People Looking to Get Into Cybersecurity
• People Who Hire Security Pros
Cybersecurity and the Mobile/Wireless Industry
and the
Demand for Security Talent
$8 Billion Acquisition
“Today, less than 40% of new vehicles in the U.S. market are equipped with telematics systems and the penetration in other markets is far lower. In the coming decade, Navigant Research expects that to grow to near universal installation in North America and Europe with the Asia Pacific following not far behind.”
- Sam Abuelsamid, Forbes Contributor and Senior Analyst with Navigant Research
Reaction to Samsung’s Acquisition of Harman
“The deal – Samsung’s biggest acquisition in its history-reshapes the pecking order in the global automotive supply chain, reflecting a quickening pace of innovation and an increased role for companies with deep pockets and a keen understanding of mobile services.”
“Samsung will gain insight into the changing behavior of consumers when the lines blur between the auto and mobile industries.”
- Jonathan ChengWall Street Journal, November 14, 2016
Mobile Vulnerability Trendsfrom Internet Security Threat ReportSymantec, April 2016
Security A Top Concern for IoT Developersfrom IoT Developer SurveyIEEE, April 2016
“More than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74 percent over the past five years, according to a Peninsula Press analysis of numbers from the Bureau of Labor Statistics.”
March 31, 2015
The analysts from Frost & Sullivan forecast a shortfall of 1.5 million by 2020. This number is compounded by 45 percent of hiring managers reporting that they are struggling to support additional hiring needs and 62 percent of respondents reporting that their organizations have too few information security professionals.
Global Information Security Workforce Study, 2015
Job Postingsand
Salary Data
Where Does this Data Come From?
• Leading provider of job market analytics
• Collect millions of online job postings from close to 40,000 online sources
• Use our patented technology to mine and code detailed data from each job listing
• Southeast Michigan collaborative effort between 10 community colleges, 6 workforce boards and economic development partners
• Provide current and actionable labor market intelligence
• Strengthen and sustain an employer-driven talent system
• Improve institutional, local, state, and federal talent development policy
Let’s Define Some Terminology
Burning Glass’s Classification Parameters
• Cyber security-related title
• Network security, information security, information assurance, and penetration tester
• Require a cybersecurity certification or request cybersecurity-specific skills
• Information assurance, cryptography, computer forensics, malware analysis, 800-53, and ArcSight
• Job opening vs. job posting
• Metropolitan Service Area (MSA)
If You Think This Is Some Serious Growth . . . Increasing National Demand for Security Professionals
-
50,000
100,000
150,000
200,000
250,000
300,000
350,000
2010 2011 2012 2013 2014 2015 2016 EOYProjection
National Cyber Security Job Postings
37% increase from 2014 – 2015
62% increase from 2010 – 2016
19% average yearly increase
Data: Burning Glass Technologies, January 2010 – August 20162016 EOY Projection: Workforce Intelligence Network
Check Out What’s Happening
75% increase from 2014 – 2015
310% increase from 2010 – 2016
33% average yearly increase0
1,000
2,000
3,000
4,000
5,000
6,000
2010 2011 2012 2013 2014 2015 2016 EOYProjection
Cyber Security Job Postings in Detroit
Data: Burning Glass Technologies, January 2010 – August 20162016 EOY Projection: Workforce Intelligence Network
75%
59%
0% 10% 20% 30% 40% 50% 60% 70% 80%
Detroit
U.S.
Increase in Cyber Security Job Postingsfrom 2014 to 2015
Data: Burning Glass Technologies,
1 Information Security Analysts 1,289
2 Computer Systems Engineers/Architects 317
3 Software Developers, Applications 295
4 Computer Network Architects 228
5 Network and Computer Systems Administrators 219
6 Information Technology Project Managers 189
7 Computer User Support Specialists 182
8 Database Administrators 108
9 Computer Systems Analysts 101
10 Marketing Managers 68
Top 10 Cyber Security OccupationsIn Michigan, based on number of job postings
Data: Burning Glass Technologies, January 2016 – August 2016
1 Software Developers, Applications 17,506
2 Computer Systems Engineers/Architects
5,622
3 Computer Systems Analysts 4,011
4 Information Technology Project Managers
3,720
5 Computer User Support Specialists 3,496
6 Web Developers 2,619
7 Database Administrators 2,596
8 Network and Computer Systems Administrators
2,235
9 Software Quality Assurance Engineers and Testers
2,127
10 Business Intelligence Analysts 2,012
Top IT OccupationsIn Michigan, based on number of job postings
11 Information Security Analysts 1,948
12 Computer Programmers 1,783
13 Computer Network Architects 1,559
14 Database Architects 629
15 Data Warehousing Specialists 556
16 Computer and Information Systems Managers
523
17 Computer Occupations, All Other 455
18 Computer and Information Research Scientists
416
19 Computer Network Support Specialists 365
20 Document Management Specialists 320
Data: Burning Glass Technologies, January 2016 – August 2016
Show Me the MoneyDetroit salaries are 5% to 14% less than the national average for Information Security Analysts
Data: United Statues Bureau of Labor Statistics
$50,000 $60,000 $70,000 $80,000 $90,000 $100,000 $110,000 $120,000 $130,000 $140,000 $150,000
90th percentile
75th percentile
Median
25th percentile
10th Percentile
90th percentile 75th percentile Median 25th percentile 10th Percentile
Detroit MSA $124,030 $105,290 $86,403 $61,734 $51,958
U.S. $137,093 $114,379 $91,062 $70,533 $54,579
Actual Salaries of Information Security Analysts
Security Jobs DO Pay MoreInfoSec Analysts earn 8% more than other IT jobs
$86,403
$79,976
$76,000 $78,000 $80,000 $82,000 $84,000 $86,000 $88,000
Median Salary of Information Security Analysts vs all IT Occupations in Detroit MSA
All IT occupations Information Security Analysts
This salary difference over a 30 year career is $193,000.
Data: United Statues Bureau of Labor Statistics
0
50,000
100,000
150,000
200,000
250,000
National
National Openings vs. Program Completions
Annual Openings (2014) Program Completions (2014)
0
2,000
4,000
6,000
8,000
Annual Openings (2014) Program Completions (2014)
MI Openings vs. Program Completions
Annual Openings (2014) Program Completions (2014)
Note: Only about 60% of completions are a Bachelor's + and not all degrees are equivalent (online offerings, for-profit colleges)
You’ve Got Job SecurityJob openings vs. program completions for IT occupations
• Supply-demand gap for IT occupations is real. • But, with ongoing workforce development efforts in Michigan, notable progress is
being made to diminish the gap.
Data for IT Openings: United Statues Bureau of Labor StatisticsData for Completions: Integrated Postsecondary Education Data System (IPEDS)
• 80% of job ads required a Bachelor’s degree
• Only 1 in 4 information security analysts are women
What about the degrees? And the women?
1Certified Information Systems Security Personnel (CISSP)
933
2Certified Information Systems Auditor (CISA)
441
3 SANS/GIAC Certification 383
4Certified Information Security Manager (CISM)
348
5 IT Infrastructure Library 216
6 Security Clearance 170
7 CISCO Certified Network Associate 157
8CISCO Certified Network Professional (CCNP)
154
9 Project Management Certification 138
10Certified in Risk and Information System Control
136
Top CertificationsIn Michigan, listed in job postings
11CISCO Certified Internet Work Expert(CCIE)
125
12Microsoft Certified Solutions Expert (MCSE)
73
13Microsoft Certified Systems Administrator (MCSA)
57
14 Institute of Internal Auditors (IIA) 54
15 TOGAF 53
16Systems Security Certified Practitioner
47
17Certified in the Governance of Enterprise IT
45
18 Certified Public Accountant (CPA) 42
19 Security+ 42
20 Network+ Certified 41
Note: 58% of records have been excluded because they do not include a certification. As a result, the chart below may not be representative
of the full sample. Data: Burning Glass Technologies, 1/1/16 – 8/31/16
A LQ greater than 1 indicates a greater share of the local employment than the reference area.
Concentrations of IT Talent2015 Information Technology Employment Location Quotient (LQ)
Data: United Statues Bureau of Labor Statistics
1 California 24,633
2 Virginia 19,696
3 Texas 14,029
4 New York 10,472
5 Maryland 9,062
6 Florida 8,390
7 Illinois 8,374
8 New Jersey 7,028
9 Georgia 6,952
10 North Carolina 6,113
Top States for Security Job Postings
11 Colorado 5,923
12 District of Columbia 5,685
13 Massachusetts 5,438
14 Pennsylvania 5,284
15 Arizona 4,586
16 Ohio 4,529
17 Michigan 4,349
18 Washington 4,316
19 Minnesota 4,153
20 Oregon 2,649
Data: Burning Glass Technologies, 1/1/16 – 8/31/16
1 Washington DC 25,193 13.04%
2 New York 14,334 7.42%
3 Los Angeles 7,975 4.13%
4 Dallas 7,286 3.77%
5 Chicago 7,246 3.75%
6 San Francisco 6,670 3.45%
7 Atlanta 5,905 3.06%
8 Baltimore 5,324 2.76%
9 Boston 4,918 2.55%
10 San Jose 4,144 2.15%
Top Cities for Security Job PostingsIncludes the metropolitan service area
11 Philadelphia 3,806 1.97%
12 Minneapolis 3,756 1.94%
13 Denver 3,552 1.84%
14 Phoenix 3,545 1.83%
15 Seattle 3,431 1.78%
16 Detroit 3,186 1.65%
17 Charlotte 2,793 1.45%
18 San Diego 2,704 1.40%
19 Miami 2,577 1.33%
20 Houston 2,405 1.24%
Data: Burning Glass Technologies, 1/1/16 – 8/31/16
1 Detroit 3,186 75.6%
2 Lansing 279 6.6%
3 Ann Arbor 276 6.5%
4 Grand Rapids 225 5.3%
5 Kalamazoo 69 1.6%
6 Flint 53 1.3%
7 Niles-Benton Harbor 40 0.9%
And in
8 Battle Creek 26 0.6%
9 Saginaw 22 0.5%
10 Jackson 20 0.5%
11 Monroe 7 0.2%
12 Midland 6 0.1%
13 Bay City 4 0.1%
14 Muskegon 1 0.0%
Top cities for security job postings
Data: Burning Glass Technologies, 1/1/16 – 8/31/16
Computer Systems Design and Related Services
General Medical and Surgical Hospitals
Motor Vehicle Manufacturing
Insurance Carriers
Motor Vehicle Parts Manufacturing
Top Industries for Cyber Security JobsIn Michigan, based on number of job postings
Note: 53% of records have been excluded because they do not include an industry. As a result, the chart below may not be representative of the full sample.
Data: Burning Glass Technologies, 1/1/16 – 8/31/16
1 General Motors 123
2 Henry Ford Health System 95
3 Ciber Incorporated 79
4 DCS Corporation 59
5 Oracle 57
6 Blue Cross Blue Shield of MI 56
7 Ford Motor Company 48
8 Michigan State University 43
9 Ally Financial 36
10 Diplomat Pharmacy 34
Top Employers in MichiganBased on number of cyber security job postings
11 Deloitte 30
12 Johnson Controls 28
13 TRW Automotive 26
14 Stryker 25
15 University of Michigan 24
16 Quicken Loans 23
17 AlixPartners 20
18 Ascension 20
19 Jones Lang LaSalle 20
20 DTE Energy 19
Data: Burning Glass Technologies, 1/1/16 – 8/31/16
Note: 42% of records have been excluded because they do not include an employer. As a result, the chart below may not be representative of the full sample.
What Motivates Today’s Cyber Warriors
and
Tips for Getting and/or Keeping a Cybersecurity Job
Cyber Security CensusUnderstand what motivates today’s security professionals and how to train and recruit the next generation.
• Surveyed 500 cyber pros
• 40 different industries
• 43 states, the District of Columbia, and Puerto Rico
Note: No longer available online. Email me for a copy.
What Motivates Cyber Pros?
Source: Semper Secure Cyber Security Census, August 2013
Why People LeaveIf you don’t train them, your competition will.
• New job with greater growth opportunity*
• New job with better total compensation*
• New job with more prestige or at a better organization*
• Dislike their immediate supervisor, often gets in the way of their career
growth and access to training
• Bait and switch job description, no longer doing what they were hired to do
• For CISOs, high churn rate due to burnout
and increasing levels of responsibility
Check out: 50+ Useful Cyber Security Online Courses You Should Explore, Heimdal Security
* Source: Semper Secure Cyber Security Census, August 2013
What’s Most Important to You About Your Job?Emphasize the technology and the career opportunities associated with it.
* Source: Semper Secure Cyber Security Census, August 2013
9. Developing a Robust Communications Strategy
Break It Down
• Cut the acronyms• Define everything• Don’t make assumptions about
what people already know• Avoid military language
• Don’t call your security plan “countermeasures” or the risks to the organization “threat agents”
Communication Tips for Cyber Pros
Larry Kamer, Crisis Communications Strategist, Faculty, Carnegie Mellon University CISO Certificate Program
TechnologyBusiness
S
T
R
A
T
E
G
Y
Be Pro-Strategy
First Who, Then What
• Get the right people on the bus
• (And the wrong people off the bus)
• Get the right people in the right seats
• Then figure out where you want to drive it
“Those who build great companies ultimatelyunderstand that the ultimate throttle ongrowth for any great company is not markets,or technology, or competition, or products. Itis one thing above all others; the ability to getand keep enough of the right people.”
Jim Collins, Good to Great
Cast Your Net Here5 higher ed institutions in Michigan designated National Centers of Academic Excellence in Cyber Defense (CAE-CD) by the National Security Agency and Department of Homeland Security
• Seek out graduates from these schools, not just the recent ones
• Volunteer to speak at a student cyber club meeting
• Build relationships with faculty and advisors
https://www.nsa.gov/resources/educators/centers-academic-excellence/cyber-defense/
People Looking to Change JobsFirst determine what you value professionally, personally, and financially. Then, find or create opportunities that align with your values.
• If all you’re looking for is a raise, ask for one first.
• Generally, less is more with your resume. Note your biggest
accomplishments and how they benefited the company, not every step in
the process.
• Don’t be afraid to mention a salary range at the
beginning of the process. Respect your time.
• Expect a counteroffer, but don’t take it.
National Cybersecurity Workforce Framework
National Cybersecurity Workforce Framework
Cyber Events and Competitions
Colleen RiccintoFounder and Partner
734-678-8193
Ann Arbor, MILocal and national clients and candidates
Thank You
Hector AcostaResearch and Policy Analyst