The very peak of cyber security careers, the commander in chief leading security teams into virtual battle, the advocate for new IT initiatives company-wide; it’s safe to say that the role of Chief Information Security Officer or CISO is a powerful one.
As you may have guessed, a position with such power also requires substantial prior experience; so IT or security professionals who have been in active service for between 7 and 12 years are the most eligible contenders for CISO jobs. They will also be able to command impressive salaries, following in-depth negotiation of course. According to Payscale the current average UK salary for a Chief Information Security Officer comes in at around £86,394, while IT Jobs Watch estimates it to be £120,000.
As you enter into discussion around your base salary, health insurance and stock options, depending on your level of experience and education you’ll be in a position to extract a comfortable compensation package.
Speaking of education, what must an aspiring CISO or CSO (Chief Security Officer) do to lay the groundwork for their career in cyber security? As is common across the industry at large, earning a bachelor’s degree in computer science, information technology, cyber security or similarly relevant subject area is step number one. Your degree will open the door to an entry level or junior role as a programmer or analyst.
Setting your sights on the top spot, though, means reinforcing your commitment to self-education with accredited industry certifications and further training. Working in cyber security you must always be in the know about the latest trends, software, technology, and hacker methods via newswires, blogs, publications and so on, but to progress to Chief Information Security Officer opportunities, you must invest the time and money.
CISA, CISM and CISSP are the most widely recognised certifications within the industry but while you’re working on attaining those, don’t neglect your day job. You want to keep moving up the ladder with a view to securing a promotion to Security Analyst, engineer, consultant or auditor. From here the only way is management level and ultimately overseeing your own team of security professionals.
While the cyber-specific certs are a must, if CISO jobs are your quest than it may also be worth looking into completing an MBA. This will give you both the cyber security skills and the ability to apply those within the wider context of the business and its security needs. In your role as CISO it will be up to you to devise strategic plans for deploying Information Security technologies and making the necessary enhancements to existing programs. You will be pivotal to the development of corporate security policies and procedures and a prominent voice in discussions with key business stakeholders with regards risk management and how to respond in the event of a breach.
It is likely you will report into the CIO and/or CEO of your company. While the CIO looks at all general technical issues affecting the business, your key focus is security. You must be able to synchronise your recommendations for security with the plans those figureheads have for the company as a whole. Understanding how those decisions are made and what motivates the people driving your business forward will help you be a successful and effective CISO.
You may also be interested in the below articles:
- Cyber Security Job Types
- Top 5 traits of successful Cyber Security professionals
- How to become a Cyber Security Consultant