If you’re looking to get into the professional field of cybersecurity, you may be asking yourself the question of specifically where you might work. In this article, I’ll answer the question of where cybersecurity professionals work, and shed some light on what life is like for professionals in our industry today.
So, where do cyber security professionals work? Cybersecurity professionals work in a wide variety of environments, ranging from working remotely or from home, working in a secured environment, government agency or for-profit company. Cybersecurity professionals may also travel by providing consulting at a variety of client locations.
Now that we’ve laid out that cybersecurity professionals can and do work from just about anywhere, let’s look at some of these specifics and see what it’s like working in these environments. Since there’s no place like home, let’s start there.
Ready to Start Your Cybersecurity Career?
If you're serious about starting your cybersecurity career, enroll in my FREE 5-part series "Strategies for New Cyber Careers". These strategies can help you determine your best path forward. I'll also send you my weekly cyber career newsletter with resources that every cyber professional needs to know.
Working in Cybersecurity from Home
Many people wish they could just quit their onsite job and work from the comfort of their own home, probably while still in their pajamas. Since much of the work for some positions in cybersecurity can be done remotely, for some cybersecurity professionals the dream of working from home is quite possible.
Working from home is an interesting work arrangement. The company will often provide you with the equipment that you need, such as a laptop or computer and VPN access, and may also reimburse you for use of your home internet service, which you’re using to connect. Many modern software tools and apps, such as Slack and Asana, have been developed to make this arrangement easier and make teamwork and filesharing more seamless. These tools also have the benefit of showing the company when you’re online and engaged, so they can know that you’re in front of your computer working.
It’s important to keep in mind that with some of the positives that come with working at home, a few negatives can come as well. For example, in the cybersecurity industry we’re always in a mode of learning new things. And learning new things doesn’t always come from books. Much of the learning that we do and the opportunities we find out about that move our careers forward come from networking with others while on the job. Simply talking to other people in the industry is something that is very valuable to our professional careers. If there’s no one else in the home office with you, often you miss out on these types of interactions and opportunities.
Even being connected through the apps mentioned above aren’t the same as being face to face with colleagues, especially when it comes to these types of conversations. If you’re in the position to work from home, and you believe that you have the home environment and motivation to be effective and do it well, don’t overlook the need to get out of the house on a regular basis to meet and interact with other cybersecurity professionals in a face to face format.
Working in Cybersecurity in an Office
An onsite job with a cybersecurity company can be like a typical nine-to-five, and it can also include a variety of other shifts, on-call hours, or swing shifts. Professionals who work in these jobs can benefit from the natural interaction with others that is built into an office environment, as well as the opportunity to interact with supervisors and technology directly instead of remotely.
Perhaps the biggest downside to cybersecurity jobs in an office environment is that these professionals do have to commute to and from work every day, which based on where you live and where the job is, can add an hour or more to your workday. Some professionals spend up to four hours or more on their daily commute, which is time that would be freed up if the job were remote or work-from-home, or they lived closer to their employer.
The good news is that positions in just about any part of cybersecurity can work for a business in an office environment, which means job opportunities can be found just about anywhere, in any industry. In fact, working onsite for a for-profit business is what many cybersecurity workers do, since not everybody can work in a government facility or from home.
Interestingly, it seems that most defense cybersecurity positions (i.e. protecting the technology assets of the organization) are in the private sector and require the employee to work onsite, at least for part of the time, in order to focus on the systems and network of the business.
Working in Cybersecurity in a Secured Facility
Many workers work in a semi-secured environment that is closed to outsiders and may even have onsite security personnel. Some cybersecurity professionals work in an environment that has additional security beyond these measures, due to the critical and sensitive nature of their work. Many of these positions require a security clearance and are often located at a government facility. These employees drive to and from work just like people who work in the private sector, however they may have to show identification just to enter the premises, and may not be allowed to carry personal items, such as cell phones, into or out of the facility.
Working in Cybersecurity Abroad
Another option for where cybersecurity professionals work is to work completely outside of the country.
Do cybersecurity professionals work abroad? Cybersecurity professionals can work abroad and may be sent by their employer for a project or to fulfill a contract. Government agencies, such as the Department of Homeland Security, also send cybersecurity staff aboard, with the DHS currently employing cybersecurity staff in over 75 countries.
In some cases, cybersecurity professionals may be fluent in a local language, which increases their opportunities to work abroad. In many cases, overseas jobs are highly lucrative due to the need that employers must place people in specific countries. These positions can include a stipend for living costs to cover housing, transportation and food, and may include transportation between the remote country and the United States.
We’ve heard of several cases where cybersecurity professionals will take on a six-month contract to work abroad because the pay for that time is more than they would make at home for an entire year, and the contract also includes living expenses or stipends.
Working in Cybersecurity at a Client Site
Often, cybersecurity positions will be required to work at a client site, at least part of the time. This arrangement can work in several different ways. First, when a company provides cybersecurity services to a client organization, the client’s needs may require that the cybersecurity professional visit the site when an issue arises that cannot be addressed remotely. This can occur at random times and can last for hours or days at a time.
Some arrangements require that the cybersecurity professional be located at the client site regularly for an extended duration. This can be a situation of a contractual support relationship where the company hires on the cybersecurity professional and provides them with a place to work as they assist the internal team for an extended period or for the duration of a project.
Some positions in cybersecurity will also require visits to a client site for meetings or briefings. This may include an initial customer visit, a penetration testing de-brief, or follow up meeting after services are rendered.
Now that we’ve addressed the locations, let’s look at other important aspects of where cybersecurity professionals work.
Working in Cybersecurity Contractually
Keep in mind that with any of the locations mentioned above, some work in cybersecurity is delivered contractually, which has a major impact on the nature of the work and where the work is located. As we’ve covered above, working as a contractor may place you on a client site or even abroad for an extended period of time, it may require that you travel to multiple client sites or work regularly at a client site for an extended period of time.
With any of the work arrangements that we’ve covered, it’s important to make sure that the job’s requirements meet your personal and professional needs and help you move toward your longer-term goals.
For example, a person we’ve spoken to had taken an overseas cybersecurity work opportunity with the military in the middle east, close to a war zone, because the pay was substantial and it would then afford them nine months of release time with their family after the six month contract was fulfilled. Another professional took on an opportunity to work abroad with a major cybersecurity company for a few months, just to be able to add it to their resume. And many people choose to move into an opportunity to work from home due to the flexibility that it may provide.
What Cities Do Cybersecurity Professionals Work In?
A lot of people think of Washington DC as the hotbed of cybersecurity jobs due to their assumption that cybersecurity is exclusively government-related work, but that’s not quite the case. There are a lot of cities on the west coast of the United States that employ many cybersecurity professionals. For instance, the city of San Diego, CA is strongly associated with the U.S. Navy, which employs a lot of people to work in cybersecurity, many of them in that location.
The city of San Jose, CA is a hotbed for cybersecurity jobs because the well-known Silicon Valley exists there. Other cities in the south, such as Austin, Texas are home to plenty of cybersecurity opportunities. Consider that companies like Advanced Micro Devices, Apple, IBM, and Intel have major presence in Austin, TX, and employ many professionals there.
The point here is that because cybersecurity can be worked from home, at a client site, abroad, and everywhere in between, there is substantial opportunity for cybersecurity professionals in nearly every part of the country.
Where Do Different Types of Cyber Security Professionals Work?
Since there are many different types of cybersecurity positions, let’s also discuss a few of these and where you might find these professionals working.
Where Do Penetration Testers Work?
Also known as an ethical hacker, penetration testers can work for the government or for a private sector business, or for a sub-contractor of either. Many penetration testers provide services to client companies or organizations outside of their organization. Although less common, penetration testers can also work in-house and ensure the security of a single business or company. Penetration testers are a branch of cyber security professionals that can found in just about any environment, especially those that require security audits of systems for compliance purposes.
Where Do Cybersecurity Analysts Work?
Cybersecurity analysts (also sometimes referred to cybersecurity engineers) are responsible for maintaining the security of a company’s computer systems and assets. They are primarily employed for a single company, and their main job duty is to thoroughly understand that organization’s systems and determine the best methods to protect them. Although less common, many cybersecurity analysts work for clients in an outsourced manner, and therefore may work remotely or on location at a client site.
Where Do Forensic Examiners Work?
This branch of cybersecurity (also referred to as forensic analysts) often works with law enforcement and is closely related to forensic science in criminal justice work. Professionals in this industry often work for law enforcement agencies, although some will work for for-profit companies or work as a consultant. Forensic Examiners work like detectives and use their technical skills to locate files and information that may be hidden, often for the purpose of solving crimes. Working as a forensic examiner can also call for odd hours of work, simply due to the nature of processing evidence.
One of the great things about the cybersecurity field is the wide variety of opportunities that it offers. Professionals in the cybersecurity field can have a completely different work environment and experience than similar positions, just because of the nature of the employer and the work arrangement. Cybersecurity professionals should use this flexibility to build the best situation for their careers and their personal lives. Keep your resume and your LinkedIn profile updated, and your mind open to new opportunities to see where it can take you.