There are an estimated 469,930 cybersecurity job openings in the United States — and you might have the skills necessary to fill one of them.
As tech continues to transform our lives, more people are needed to defend these technologies and keep up with their advancements, says Okey Obudulu, Chief Information Security Officer (CISO) for Skillsoft, the company that owns Codecademy. “The blatant attacks on companies’ networks have led more and more companies to really get serious around the demand for cybersecurity professionals,” he says.
Cybersecurity is an umbrella term for protecting computer systems, networks, people, and organizations from online threats and bad actors. The roles within a cybersecurity team range from Penetration Testers who hack into an organization’s network to uncover vulnerabilities, to Incident Response Analyst who are essentially detectives who solve crimes with digital data.
Learn something new for free
A lot of cybersecurity professionals get their start in other technical jobs, like Software Developer or Network Administrator, explains Ricki Burke, founder of CyberSec People, a global cybersecurity recruitment and staffing company. With the right cybersecurity skills on your resume, you can feel confident about breaking into the industry.
Curious which skills cybersecurity recruiters are looking for in job-seekers? Here are the programming languages, technical capabilities, and marketable skills you should know about to get a job in cybersecurity. When you’re ready to start learning, take a look at our updated cybersecurity catalog with 30+ free courses that teach you foundational cybersecurity skills. These video-based courses are a great way to prepare for popular cybersecurity certifications.
Coding
One of the most in-demand cybersecurity jobs is a Security Engineer, which is a programmer who can design secure systems and software, Ricki says. “When I talk to a lot of security companies, their version of a modern security professional can code, they can build, and they can problem-solve through automation,” he says.
The role of a Security Engineer is a lot like a Software Engineer, so coding and scripting knowledge is a must-have, Ricki says. It’s pretty common for developers to pick up some security-specific skills and then transition into the cybersecurity space, he says.
The more technical skills you grasp, the more opportunities you’ll have to contribute across a broader domain, Okey says. If you’re just starting your coding journey and wondering what you should learn, these are the programming languages that are used in cybersecurity:
- Command Line
- Python
- C and C++
- JavaScript
- HTML
- SQL
- PHP
Feel confident in your coding abilities, but want to know more about cybersecurity? Check out our skill path Fundamentals of Cybersecurity to learn the attack techniques that threat actors use to gain access to computers and systems, and strategies that can protect you.
Threat-hunting
According to Ricki, there are lots of opportunities for jobs within SecOps, which is the term for IT and security teams who work with the security operations center (SOC). “Security operations essentially are like the defenders of the company or organization,” he says. Threat Hunters, for example, are Security Analysts who proactively look for threats in systems. (You can think of Threat Hunters as kind of like security guards at a museum who are always on the lookout for intruders.)
Mature companies with robust cybersecurity teams often hire Threat Hunters to comb sources and accumulate “threat intelligence,” Ricki says. These people need to know how to gather intelligence and analyze it using techniques like packet-sniffing. In our course Introduction to Ethical Hacking, you’ll learn about the tools used in packet-sniffing and get to practice using the network analysis tool TCPDump to perform packet analysis.
In order to be successful in these types of roles, you need to have an in-depth understanding of not only the technology used to find threats, but also how your findings correlate to the industry at large. “Business context is fundamental,” Ricki says. “You can be the best hacker in the world, but if you can’t explain what the vulnerabilities actually mean for business, then it means nothing.”
Automation
Understanding automation can give you a leg up when you’re applying for cybersecurity jobs, because companies rely on automating security tasks (like identity and authentication) as they scale, Ricki says. For example, an organization might want someone who can develop automation APIs that allow them to detect and triage cyber threats faster and more efficiently. You can learn how to build web APIs in our course Create REST APIs with Spring and Java, or take your API skills to the next level with API Development with Swagger and OpenAPI.
People in cybersecurity use Python to automate lots of tasks, like pentesting and SOC analysis. In a malware analysis, for example, Python can be used to automate the process of searching through files and ports. Want to learn Python? Our Python courses cover everything from machine learning to data analytics.
Risk management
“Cybersecurity is not just technology — it’s more of a risk management function,” Okey says. Organizations need people who can develop best practice standards around security and make sure people are following them. These jobs tend to be less technical, but they’re critical to a company’s safety, Ricki says. You can learn how to create industry-standard cyber resilience policies for individuals and organizations in our course Fundamentals of Cyber Resilience and Risk Management.
Larger companies typically have Governance, Risk, and Compliance (aka “GRC”) specialists within information security teams, Ricki says. These folks are responsible for establishing security frameworks, policies, and guidelines that protect an environment. For example, someone in a GRC role might train team members in specific security protocols, as well as assess the security risk of third-party vendors that an organization wants to use.
In certain sectors, like healthcare or finance, companies are looking for GRC professionals who have backgrounds in the field, because they have a high-level comprehension of the business’ broader needs, Ricki explains. “Say you’re a nurse who wants to become a security person: You know way more than some outsider coming into the business who has never worked in healthcare before,” he says. Don’t hesitate to leverage your past work experience or industry knowledge, because it could help you stand out in a pool of applicants.
Get started in cybersecurity
Whether you’re starting from scratch or hoping to supplement your technical experience, we have lots of cybersecurity courses and paths for you to consider. Explore our new free cybersecurity courses to get a taste of what’s out there.
In our course Introduction to Cybersecurity, you’ll learn the fundamentals of network security and authentication, plus grasp concepts that you need to protect yourself from common cyber attacks. Then, you can take your knowledge a step further with the path Fundamentals of Cybersecurity, where you’ll learn about basic social engineering techniques like phishing. And you can discover how to think like a hacker with our new course Intro to Ethical Hacking.
When it comes time to apply for cybersecurity jobs, the Cybersecurity Analyst Interview Prep path is great practice for completing scripting challenges and answering cybersecurity interview questions.
This blog was originally published in October 2022 and has been updated with recent data and new course launches.