Cyber Security Engineer

Who is a Cyber Security Engineer?

The term “engineer” has recently lost its true meaning in the field of information technology and has become generalized to a certain extent. This is mostly due to the vast and recent technological advancements which in turn created an abundance of security positions classified as security engineer. Generally speaking, a cyber security engineer is neither an entry nor a high level position and is pretty much a hands on and technical career.

The functions and responsibilities of a security engineer will vary in relation to their background, field, hard skills, and job description. It is pretty much a poorly defined position and it leaves a lot to be determined. Depending on the size, scope, and the products/solutions of a given organization i.e. what needs to be secured, the day to day duties of a cyber security engineer will differ in a way that makes two individuals that have the exact same job description peculiarly define their position. We should take into consideration that even one organization can embark on two distinct security projects that will require two completely different sets of skills. In brief, a cyber security engineer is a subject matter expert with flexible skills and knowledge who develops and maintains IT security controls for an organization.

The Ambiguity Behind this Role

Being a relatively new field, the industry does not have an accurate outline for cyber security engineering and its job positions. It is totally up to the hiring entities to describe their sought-after professionals, but job descriptions do not often give an accurate representation of this specific role and what entails. This has made a large portion of the information security industry fail at providing a constant definition of cyber security engineering. There is no universal theory of the role and the essence of security engineering remains ambiguous.

The liberal use of the term does not take anything from the role’s significance to an organization’s security posture and the information security industry in general. The position is far from expendable and is considered to be the ‘front line’ of cyber security. Generally speaking, cyber security engineers are versatile experts who have the opportunity to gain practical experience in a wide variety of fields simply because their roles allow and often require them to do so.

General vs. Specialized Security Engineers

An accurate categorization of security engineer will be through their levels of speciality within their organization; there can be general security engineers and specialized ones.

The generalized security engineer workforce can be defined as all subject matter experts who possess a broad collection of general competencies, skill, and knowledge in the cyber security industry that spans across many sub-fields. They are in charge of implementing and maintaining security controls such as firewalls, anti virus solutions, and intrusion detection systems. They can also be at the helm of other duties like vulnerability assessment, incident response, encryption, policy enforcement ..etc.

On the other hand, the specialized cyber security engineer workforce is commonly sought after by big organizations to deal with their ever-growing complex security operations and issues. These organizations look at security operations from a different perspective because they have specialized needs. A few examples of specialized engineers would be security consultants, ransomware solution providers, firewall administrators, web application penetration testers, secure code reviewers, and threat analysts. In short, while specialized security engineers may possess many general skills just like their generalized peers, their day to day duties will mostly strictly be in their field of interest.

Types of Cyber Security Engineers

Organizing the cyber security engineer position into an accurate yet static list of types is an unachievable task in today’s information security industry landscape. This particular position is as diverse as its field (cyber security) and its sector (technology). The duties and tasks executed by these professionals are often misunderstood and miscategorized by the human resources departments and hiring managers that the term “engineer” has become vague and sometimes misleading. The word ‘engineer’ stems from the term ‘engine’ and is defined by the merriam webster dictionary as follows: “a person who has scientific training and who designs and builds complicated products, machines, systems, or structures : a person who specializes in a branch of engineering”. Engineer as it stands does NOT reflect the current workforce and can lead to ambiguous/false descriptions of what they do.

If we strictly follow the merriam webster definition and apply it to today’s information security landscape, only a few true engineers will make it to the list. Among these are: data security engineers, network security engineers, systems security engineers, software security engineers, communication technology security engineers, application security engineers, web application security engineers, web security engineers, windows security engineers, linux security engineers, wireless security engineers, checkpoint security engineers, and biometrics security engineers.

A Security Engineer is NOT a Security Analyst

Security engineers and security analysts can sometimes have very similar duties and their responsibilities can often (and do often) overlap. While subject matter experts have pretty distinct views on the two roles and a good detailed list of their contrasting features, hiring managers and human resource departments offtimes don’t. One quick job search can result in many “Security Analyst/Security Engineer” available positions with job descriptions that can not justify their poor choice of words and confusion of the two positions.

A security engineer is an experts who takes on himself the hands-on duties of building, implementing, deploying, and maintaining cyber security solutions for a certain organization; solutions such firewalls, intrusion detection/prevention systems, honeypots, and security software. It is only after the engineer is done with his duties that an analyst will take on his. Given that these security controls are in place and functional, it is up to the cyber security analyst to test their practical effectiveness and ability to repel real world attacks. In simple terms, while security engineers build security systems and sustain them, it is the duty of a security analyst to periodically test the efficiency of these systems and to give feedback on their performance.

Becoming a Cyber Security Engineer

Due to its high levels of technicality, good compensations, further prospects, and industry demand, the cyber security engineering career path has become very attractive to both young and seasoned individuals looking for employment in the cyber security industry. A degree in computer science is almost mandatory and is always advisable, however it needs to be paired with one or more security certifications to demonstrate advanced knowledge. Other hard skills need to be learned such as programming and scripting. Good communication skills and ability to stick to tight deadlines are very important soft skills to have and they can make the difference between a great security engineer and a good one.

A proper way to start working towards this career path is to get a degree in computer science, obtain a significant security certification meanwhile (see next title), learn some programming/scripting languages such as python, ruby, and bash, and score an entry level position in the industry.

Qualifications of a Cyber Security Engineer

Each organization dictates a different set of qualifications for its open cyber security engineering positions. It all goes back to these organizations’ needs and what they require their security engineers to do on a regular basis as day-to-day tasks and duties.

Because this career path is highly technical, most organizations often require a 4 year college education with a degree in computer science to demonstrate the candidate’s fundamental knowledge about networks and computer systems. Some certifications are also required by nearly all job postings to prove further or advanced knowledge of a candidate in security, networking, and other related fields. The most sought-after certifications for this position are CEH (Certified Ethical Hacker), Security+, GSEC (Giac Security Essentials Certification), CISSP (Certified Information Systems Security Professional), and OSCP (Offensive Security Certified Professional).

The main requirement however, is verifiable past industry experience in the form of full time employment. Cyber security engineering is not an entry level job and will not be for anytime soon. The bars are high and what’s at stake make it mandatory that prospects have past experience. Organizations usually ask for 3 years of industry experience and the requirement for senior level positions can go up to 8 years.

Some job postings that require the candidate to deal with sensitive data will also ask for the candidate’s ability to obtain governmental security clearances such as the Department of Defense security clearance. Other organizations require the candidate’s willingness to pursue further accreditations and certifications and also their eagerness to go on sponsored continuous learning programs. The cyber security landscape is always shifting and hiring entities are taking note.

Duties of a Cyber Security Engineer

A general cyber security engineer will often be required to:

• Assess the effectiveness of firewalls, intrusions detection systems, intrusion prevention systems, honey pots, cryptography setups, and other security systems
• Configure and maintain routers, switches, virtual private networks, along with their software platforms
• Deploy and implement Security Information and Event Management systems
• Take responsibility of modifying, updating, or upgrading security platforms if changed take place
• Perform risk assessments by going through the process of asset reconnaissance, intelligence gathering, and vulnerability mapping to respond to threats and notify senior level positions of any significant information
• Design breach mitigation strategies along with offensive vulnerability assessments
• Develop customised security tools and script to meet the organization’s security needs.
• Coordinate and supervise third party penetration testing operations
• Be in charge of regulatory compliance projects and walk the organization through each technical and non-technical step
• Review and prepare technical analyses, reports, change proposals, and other necessary technical documentation
• Work closely with security managers and architects to achieve and carry out security programs in every little detail
• Work on security team accomplishments by operationally managing security measures which includes answering technical and procedural questions of other team members
• Devise and implement physical security systems such as access control devices, surveillance systems, and intrusion detectors
• Define processes for data retrieval, management, normalization, and transformation
• Research and recommend new and automated approaches to simplify complex security tasks

Career Development of Security Engineers

What’s next for a cyber security engineer in the career ladder will heavily depend on many factors such as their past duties, performance and achievements, current organization, and their willingness to venture into new paths and specialties.

One of the most common steps taken by seasoned security engineers is specialization. This will usually mean that engineers will leave their current organization for one that has an opening for a specialized rank within their workforce. Engineers who go this way will enjoy a new technical set of defined duties with less ambiguity surrounding their roles.

Another popular path for security engineers is to become a security architect. This job hands out a different batch of objectives that will make the individual in charge of the entire perspective on an organization’s security posture. A security architect will have a less hand-on position is more of a planner than an implementer. Other duties might require the security architect to oversee security programs, review and approve the work of cyber security engineers, provide technical supervision to junior level positions, and to plan security architectures hence the name.

Seasoned security engineers can also be qualified to become security consultants which in itself opens the door wide for future prospects. Security consultants come up with security strategies and determine the best plans to execute them. They can also perform technical assessment and deliver detailed reports to their organizations. Consultants are also required to provide technical and legal advice and are the most valuable workforce asset when it comes to compliance projects.

Further senior positions include executive level positions such as chief information security officer and security director.

Compensation and Salaries

A cyber security engineer will make a well-respected and lucrative career option for anyone willing to to obtain what it takes to qualify for this role. According to Indeed.com, the median salary for US-based security engineers is $82.162 and that figure increases to $100.987 in big cities such as New York and the San Francisco bay area. Seasoned generalized engineers will make up to $150.000 with the opportunity of earning over $175.000 if they could impress with their skills and become lead cyber security engineers.