While other types of IT jobs like network administrators or software developers are more common and well-known, cyber security jobs are smaller in number but fast increasing in importance. As our global economy has led to more Internet-based computing and connectivity the world over, organizations have grown ever more vulnerable to hacking and cyber-attacks. And just as a business might hire security even when there’s a local police force, so must a business hire cyber security staff. It is ultimately the duty of the organization to protect their proprietary data as well as any customer information they are privy to.
These cyber security professionals are in short supply, however. Last year, NASSCOM reported that India alone would need 1 million cyber security professionals by 2020, while job portal Indeed reported a spike of 150 percent in cyber security roles between January 2017 and March 2018. Companies like KPMG have doubled the size of their cyber security teams in recent years.
The recent overwhelming need for cyber security is the result of several factors:
1. Digital India and Demonetization
According to Ashok Pamidi, the senior director of NASSCOM, while the government’s initiatives such as Digital India and demonetization have pushed companies towards digital transformation, doing so has also made them vulnerable to cyber-attacks. In turn, this has led to a demand for cyber security professionals who can help companies achieve digital transformation without compromising security.
2. General Data Protection Regulation (GDPR)
Although the GDPR didn’t go into effect until late in May 2018, companies across the world have been preparing to safeguard their database from cyber crimes and comply with GDPR rules. This has driven a need for cyber security experts.
3. Aftermath of WannaCry Ransomware
A year ago, in May 2017, government agencies and organizations across the world fell prey to the WannaCry ransomware, which infected over 200,000 computers in 150 countries within just three days. According to the latest numbers, it led to damage estimated up to hundreds of billions of dollars! The attack launched a debate on the vulnerability of data and the pressing need for stronger cyber laws and security systems. It has also caused many organizations to be more aware of the perils of cyber security loopholes and take steps to safeguard their organization from future attacks.
What Does This Mean for IT Professionals?
Regardless of the reasons for the increase in demand, the pressing problem is a shortage of people trained and capable enough to fill the growing number of cyber security roles. NASSCOM reports that despite having the largest IT talent pool in the world, India simply lacks skilled cyber security professionals. In fact, the need for experienced professionals is so high that companies are willing to pay a premium salary of over Rs 1.5 to 4 crore to top talent. This has increased the cyber security budget by 71% as observed by PwC in its 2016 report.
The jobs that are seeing this sharp increase in pay include the following cyber security job in Inda:
Cyber Security Jobs in India
1. Network Security Engineer
The network security engineer is a critical position within every organization. This person ensures the security systems are implemented within the organization to counter and stop threats. Their main responsibilities include maintaining systems, identifying vulnerabilities, and improving automation. They also oversee the maintenance of firewalls, routers, switches, various network monitoring tools, and VPNs (virtual private networks).
The minimum salary of a network security engineer begins at Rs 4 lakhs and can go up to 8 lakhs per annum.
2. Cyber Security Analyst
A cyber security analyst helps in planning, implementing, and upgrading security measures and controls. They continuously monitor security access and perform internal and external security audits to ensure there are no loopholes or evidence of security lapses. A cyber security analyst is also responsible for conducting vulnerability testing, risk analyses, and security assessments, and for managing the network. In addition to these tasks, the analyst trains fellow employees in security awareness and procedures, so they are aware of the best practices to be followed to avoid security breaches.
The salary of a cyber security analyst begins at Rs 6 lakhs per annum.
3. Security Architect
A security architect plays a crucial role in designing the network and computer security architecture for their company. The security architect helps in planning, researching and designing elements of security. Without a security architect, a company’s security system is vulnerable to attacks. The security architect first creates a design based on the needs of the company and then works together with the programming team to build the final structure. Besides building the architecture, they also develop company policies and procedures for how their company's employees should use the security systems and decide on the punitive action in case of lapses.
The average pay of a security architect begins at Rs 17 lakhs per annum.
4. Cyber Security Manager
Cyber security managers are responsible for the maintenance of security protocols throughout the organization. They create strategies to increase network and Internet security related to different projects and manage a team of IT professionals to ensure the highest standards of data security. A cyber security manager also frequently reviews the existing security policies and ensures the policies are currently based on new threats. They also perform regular checks on all servers, switches, routers and other connected devices to make sure there are no loopholes in the security.
The average salary of a cyber security manager begins at Rs 12 lakhs per annum.
5. Chief Information Security Officer (CISO)
According to a report by PWC, over 80 percent of companies now have a CISO on the management team. This trend shows that companies have grown aware of the threats of cyber crimes and the potential damage such attacks can cause. The CISO is a senior-level executive within an organization that ensures that the cyber security plan is aligned with the business’s vision, operations, and technologies. The CISO works with the staff to identify, develop, implement, and maintain processes across the organization to ensure there are no security breaches. They respond to incidents and set up appropriate standards and controls to mitigate security risks without causing any interruption to the business. They are also responsible for overseeing the implementation of security policies and procedures within the organization.
The average salary for top CISOs is anywhere between Rs 2 crores to 4 crores.
6. Information Security Manager
An information security manager detects loopholes that make information systems susceptible to attacks. They are responsible for detecting and preventing cyber threats within the company’s data, computers, and networks. Businesses can face major losses if they fail to protect sensitive customer information and violate data protection laws. Hence, large corporations hire information security managers to make sure that the company data, systems, and networks do not get hacked.
The average salary of an information security manager in India ranges from Rs 15 lakh per annum to Rs 16.5 lakh per annum.
7. Cybersecurity Engineer
A cybersecurity engineer creates and executes secure network solutions. In order to strengthen technology initiatives and take them to the next level, cybersecurity engineers are an integral part of the system. There is a huge demand-supply gap in the required workforce capabilities for this position, so companies value the in-depth knowledge and experience these professionals bring to the table.
The average salary of a cybersecurity engineer in India ranges from Rs 10 lakh to Rs 11 lakh per annum.
8. Application Security Engineer
An application security engineer looks after the stability of the internal and external applications of an organization. They would have in-depth knowledge and expertise in dealing with the privacy and compliance aspects of third-party applications such as Azure or AWS. Any organization that wants to integrate such software into its day-to-day operations would want to hire these cybersecurity professionals. Application security engineers also prevent cyber threats that disrupt the integrity of the entire application infrastructure.
The average salary of an application security engineer in India stands at Rs 9 lakh per annum.
9. Ethical Hackers
Ethical hackers are a valuable resource to organizations because they have a lot of intuitive knowledge and skills to reveal hackers’ logic. They test and pick apart the vulnerabilities of networks, systems, and applications. They also conduct security tests daily, weekly, monthly, or quarterly depending on the needs of the organization. Ethical hackers are gaining momentum in the market today because they provide insider information to protect organizations from high-level cyberattacks.
In India, ethical hackers with 0-3 years of experience can make Rs 3.5 lakh per annum. Certified professionals with industry experience can earn as high as Rs 15 lakh per annum.
10. Incident Manager
An incident manager determines the appropriate resources and proficiencies to resolve security incidents in an organization. They form teams when something goes wrong, and take full ownership of the results. Hence, it is an executive-level role that requires leadership aptitude and problem-solving abilities. Typically, you can advance to this managerial role after obtaining suitable credentials that demonstrate your skills.
The average salary of an incident manager in India ranges from Rs 5 to 8 lakh per annum.
11. Cybersecurity Consultant
A cybersecurity consultant works independently with businesses with their cybersecurity issues. For this, you must have enough industry experience with professional certifications and showcase your potential to employers. Most companies usually hire cybersecurity consultants on a contractual basis.
The average salary of a cybersecurity consultant is approximately Rs 6.5 lakh per annum.
12. Cloud Security Engineer
A cloud security engineer builds, maintains, and continuously improves the cloud-based networks and systems of an organization. They handle all of the organization’s cloud computing environments and core infrastructure, platforms, and software. They also provide security recommendations on service design and application development.
The average salary of a cloud security engineer is approximately Rs 7.9 lakh per annum.
For more details on salary trends of each cyber security job, you can also check out this salary calculator.
Those are the top cyber security jobs in India today, but plenty of other roles exist and go unfilled, including information risk auditors, firewalls, and security device development professionals, security analysts, intrusion detection specialists, computer security incident responders, cryptologists, and vulnerability assessors.
As organizations across a wide range of different industries such as banks, government, retail, and BFSI sectors actively recruit cyber security professionals, the job demand will only go up. The challenge is to meet that demand by making sure people are getting trained for these critical security roles. And once they are trained, exciting and well-paying jobs await!
The article was originally published on CSO.