Pros and Cons of Cyber Security Jobs: We Asked 21 Professionals

Before getting into any career field, it’s important to know what the job entails and what a typical work day is like. People also ask what the pros and cons of different types of jobs are.  Cyber security is a wide career field with lots of different job titles that work in a lot of different industry sectors, but I was curious about what cyber security professionals considered the pros and cons of their jobs, so I asked.

What are the pros and cons of working in cyber security?  The most cited pros of cyber security jobs are good salaries, plentiful career options, interesting work and the ability to advance.  The most cited cons are continual learning requirements, on-call or overtime hours, and pressure to defend against ever-present and evolving attacks.

Let’s take an in-depth look at what cyber security professionals say are the pros and cons of their work.

Pros of Cyber Security Careers

No two cyber security jobs are alike.  There are so many differences that really affect what a job is and what it entails that at best we can only make generalizations about the good and bad aspects of cyber security careers.  To see some specific examples of cyber security careers, check out these career paths, where we’ve reviewed what a lot of common cyber security jobs entail.

Considering that cyber security jobs exist in the public and private sector, and in nearly every industry, and can involve both offensive and defensive tactics, and are always changing, the best we can do is ask the professionals themselves what they believe are the strengths and weaknesses of their jobs.  Here are the pros that we found:

Pro #1:  Good Salaries.  Cyber security professionals are generally well paid once their careers are established.  Their compensation is strong compared to the average employee at most organizations, and salaries appear to be increasing.  Here are a few comments:

  • “My new job starts at $130,000 and within a few years I should be making what my co-workers are earning, which is around $180,000.”
  • “All of our cyber professionals are earning six figures or more.”
  • “You can easily earn more than $150,000 if you have expertise and certifications, especially on firewalls.”
  • “I could earn about $20,000 more with a security clearance.”
  • “I’m earning over $80,000 and I started in the field a little more than a year ago.”
  • “I’d like to work with you, but you can’t afford me.”

Pros #2:  Cyber Jobs are Everywhere.  The cyber security professionals we talked to work at banks, investment firms, federal government agencies, telecommunication companies, health care providers, IT services organizations, universities, local governments, public school systems, and government contractors.  Companies in nearly every industry sector need to have qualified cyber security professionals, either in house or on contract.

Pro #3:  Being in Demand. Cyber security is certainly in demand.  (Check out our article on why cyber will continue to be in such high demand over the next decade.)  The unemployment rate for cyber security is less than one percent (and has hit zero percent in some areas), meaning that there are more jobs than people to fill them.  Our cyber security professionals were well aware that they can leave their current employer and be re-employed quickly, and very possibly for more money.  Here are a few comments:

  • “I get interview offers weekly from recruiters who find me on LinkedIn.”
  • “I was contacted by Google asking if I’d be willing to come to California.”
  • “I’ve received offers from more than six other companies this year.”
  • “Even if I lost my security clearance, I’d be able to find a job for more than $160,000.”

Pro #4:  Ability to Advance.  Because there are so many different types of cyber security jobs and the demand for qualified professionals is so strong, employees who have the desire to advance are able to do so if they choose.  Since cyber security is an unregulated industry (compared to medicine, which requires a license, for example), there are many ways to advance your career. This includes earning additional certifications, degrees or skill sets through training (we cover the expected costs for cyber security training in this article, including options that are free.)

Pro #5:  Opportunity to be Self Employed.  There are plenty of IT and cyber security professionals that we spoke with that chose to be self-employed.  Because technology is often outsourced and consulting is commonplace, there are plentiful opportunities to work independently as a self-employed professional in the cyber career space if you so choose.

Pro #6:  Opportunity to Learn New Things.  Almost all of the cyber security professionals we talked to love their work, and specifically love that they can support their family well and do so by doing work that they find interesting.  These professionals seem to enjoy the process of learning new things and being challenged with new technology.

  • “I love that I have the opportunity to learn something new every day.”
  • “No two days are the same.”
  • “There is always something new to learn and try out.”

Cons of Cyber Security Careers

No job is perfect, and cyber security jobs certainly have their downsides.  The cyber security professionals we talked with were able to list a number of negatives about their jobs, but for the most part seemed to feel that they were just part of the territory and that all jobs have some downside as well.  These professionals acknowledged the negatives of their jobs but felt the positives outweigh the negatives, leaving hem with jobs that they found interesting and enjoyed. Here are some of the cons that they revealed to us.

Con #1:  On-Call and Demanding Hours.  A cyber security attack is a critical problem, and unfortunately can happen at any time, so many cyber security professionals are in a situation where they are expected to be accessible at any time, including weekends or evenings.  The number of times that they may actually be contacted varies greatly, which can make this negative a non-issue or a real problem, depending on the situation. Here are a few comments:

  • “I may have to respond to an email while I’m on vacation.”
  • “We rotate on call every three weekends.”
  • “The first thing I do when I wake up is to check my messages from the office.”
  • “If the office needs to get ahold of me, they know how to reach me.”
  • “When we were implementing this new system, it was all hands on deck.”
  • “I worked from Friday morning until Sunday night without leaving the office.”

Con #2:  Some Tasks are Repetitive or Boring.  There are probably boring aspects to every job, and cyber security professionals claimed they have them too.  This was mostly related to tasks involving documentation, checking incident log files, and attending meetings.

Con #3:  Job Pressure.  Similar to the demand for being on call, some cyber security jobs are high pressure, because of the constant nature of the possibility of a hack or an attack.  Here are a few comments:

  • “An attack can happen at any time.”
  • “We get hacking attempts every day, and there’s a lot of pressure constantly to protect against them.”
  • “We have to be prepared for anything, which feels like we can lose at any time.”
  • “Getting hacked would be very high profile, and not in a good way.”
  • “Hacking attempts against our company are so relentless that I am required to brief our CEO daily on the status of our systems.”

Con #4:  The Learning Treadmill Never Stops.  No other field seems to move at the pace of cyber security.  This is both a blessing and a curse, since it can provide new and interesting things to learn and it weeds out those that do not keep up.  But the treadmill of learning in cyber security means that in this field, you need to be constantly learning just to stay in place. That can certainly be a challenge.  (If you’re interested in how to learn cyber security on your own, we’ve compiled this resource.)  Here are some of the thoughts that were shared with us.

  • “I know that I won’t be able to do this job forever.  It will get harder to learn as I get older and I won’t be able to keep up with the younger guys.”
  • “The constant learning can be exhausting.”
  • “My employer didn’t upgrade the technology that I support, so my skills became stale.  Now I’m behind.”
  • “Since I went into management I didn’t work with the technology as much as i should have.  Now I’m a generalist. It would be too hard to get back into the field at my level.”

Con #5:  Lack of Resources.  Most managers know that cyber security is important, but it is very common in the cyber security field to have management that doesn’t really understand what you do and the importance of your work.  Because of this, jobs in cyber security require constantly communicating to management and advocating on your own behalf. This seems to not be the case everywhere, but some cyber security professionals mentioned this as a negative, which usually occurs in larger organizations that are not in the cyber security industry.

Conclusion

There are pros and cons to every job, and they vary greatly based on the environment of the specific job, but also on the individual and how they handle their jobs and their overall outlook on their work.  There are a lot of ways that you can see the pros and cons of cyber security work first hand. Checking out interviews online and finding opportunities to job shadow are a great way to get a feel for what a career in cyber security is all about.

Related Questions

Is cyber security in demand.  Cyber security has a low unemployment rate and is one of the fastest growing fields on the planet.  You can check out our information on cyber security demand here.

Are cyber security jobs boring?  All careers have positives and negatives, however they are often determined by the attitude and viewpoint of the person in the job.  What one person finds boring, another finds interesting. It is important to know what you’re good at and what you enjoy.

Do I need a degree if I want to get into cyber security?  Most cyber security careers do or will require a degree at some point.  We’ve analyzed what the odds are of getting a cyber security job without a degree in this article.

Matt Day

Matt Day

Matt Day is a cybersecurity professional with over twenty years of experience in the IT, cybersecurity and technology training fields. He has a degree in Computer Information Science and holds CompTIA A+, Network+, Security+, CySA+, and Cisco CCNA certifications. Matt is the author of the book CCENT Troubleshooting Guide.