The same way that minimum wage varies by state (despite a federal minimum), people in different areas can make more or less money doing the same jobs. For Information and Security Analysts, there are a wide variety of industries and geographical variations that go into the average salary. The industries with the highest concentration of Information Security Analysts are Financial, Computer Services, Data Processing, Telecommunications, and Enterprise Management. You may find it interesting that although those are the highest concentration of Information System Security Analysts as recorded by the Bureau of Labor Statistics (BLS) in 2019, the industries with the top pay are completely different. While the job description and duties may stay the same, not all industries value Analysts the same way. Similarly, pay discrepancies may also vary based on Location.
As the BLS shows, variations in wages differ not only by industry but by location. Information Analysts get paid more in New York and New Jersey than they do in Virginia and California.
This information has implications for your job search. Once you’ve decided to become a Information Security Analyst, decisions such as industry and location can affect how much you can get paid. If you have flexibility in terms of your location selecting industries that value the role can result in much higher salaries over time.
My background is in Computer Engineering, Electrical and Computer Engineering to be exact. I have worked the last 10-15 years in Quality Assurance performing system audits, software testing, writing documentation including test plans and test scripts, and identifying levels of risk within the organizations I have supported. While it was easy for me to pen point the required tasks that I performed to support my task of getting a Project Management Professional certification, I found it a bit more difficult to identify tasks that I performed specifically within the Cyber Security space. That task is made a bit easier by the National Institute of Standards and Technology (NIST) SP 1800-181 NICE Framework. The NICE framework identifies tasks that are frequently included as being part of a cyber security work role. Advise senior management on risk levels and security posture for example (T0003) is an integral part of being a Privacy Officer or Privacy Compliance Officer, an Information System Security Manager and a Communications Security Manager three highly sought after roles within the Cyber security space. Through this resource I am able to translate the skills that I have been doing for years, into demonstrated work experience to support the shiny new Cyber security job I want. Once you have identified your Cyber experience you can provide specific examples of times you had to advise on risk or update your resume to target your career change. If you don’t have the skills for the target job you’ve identified in the Cyber security field you can see what type of experience you need to get in the door. Black Girls Hack will be tying the NICE Framework with the Bureau of Labor Statistics occupational outlook to provide What Can I Do cheat sheets that show various job categories within Cyber and what you need to do to get in those jobs.
According to the Bureau of Labor Statistics, there are approximately 5.3 million people in Computer and mathematical occupations. Of that number only 25.8% are Women, and only 8.7% are Black. For Information Security Analysts during this same time frame there were 125,000 people reported. Of these 17% were women and 15% were Black. Women are grossly underrepresented in Computer related fields representing 23.6% of other computer related jobs with Black women representing only 12.7%. Black Girls Hack was created to help show Black women and girls the job prospects in Cyber Security, people in the field who look like them who are doing the jobs, and provide training and resources to help reduce the gap in the Cybersecurity field.
One of the questions I get most from people looking to switch or start fresh in a new career is where do I start? The answer: All roads lead to cyber. There is no one right way to get into cyber security.
I was reading a book on Imposter Syndrome by a guy who transitioned from a career in BARTENDING into cyber security. He used his knack for communication and his skills as a people person to get into Social Engineering. My point is that there are so many types of jobs in cyber security that you can use get your feet in the door.
The key to getting into cyber security is knowing where to start. There may be multiple skills or knowledge areas that you have that translate into a particular sector of Cyber security. What are you good at? What do you enjoy doing? What skills do you use at your current job, or which skills would you like to use? The National Institute of Science and Technology(NIST) developed a workforce framework to help translate skills and knowledge areas into specific jobs. NIST’s Workforce Framework, called the National Initiative for Cyber security Education (NICE) Cyber security Workforce Framework is set up into workforce Categories, Specialty Areas, Work Roles, Tasks, Knowledge Descriptions, Skills, and Abilities. Review the lists of Skills, Abilities, and Knowledge Descriptions and take note of which ones you have and or which ones you would like to learn. From there in Appendix B you can find which jobs use those specific skills. That will tell you the names of the types of jobs you should be looking for.
In the What Do I Want To Do category within the BlackGirlsHack blog, you will find a listing of those jobs tied back to salary, pay, required amount of education, and Job Outlook for the next 10 years which represents the projected percent change in employment from 2018 to 2028.
Representation Matters. Black children see Actors on Television and on Movies, and Athletes playing major league sports and they want to be the people that they look up to. Black girls and women need to see black women in Science Technology, Engineering and Mathematics (STEM). The Representation Matters blog was created to show black girls and women people who look like them who are in STEM and Cyber security fields. The Representation Matters blog will showcase black women in Cyber Security who are hack or who do work in the cyber security field.