On this page
Types of careers
Cyber security professionals protect the systems we rely on
Advancements in technology have changed the way people communicate, bank, shop, and pass the time. The growing threat of cyber attacks has made governments and industries more aware of the need to protect and defend the information and systems Canadians rely on. As a result, cyber security is growing as a recognizable discipline that encompasses multiple specialities in science, mathematics, business, social sciences, and computing and engineering faculties.
Although only a subset of businesses participates directly by producing or selling cyber security solutions, or by building or operating networks, every business uses technology to deliver its products and/or services securely and efficiently to consumers. Cyber security, as a result, has become more important to protect the computer systems of all businesses in all industries.
Cyber security professionals are...
In demand
The number of jobs for cyber security professionals in Canada continues to grow year after year. This trend is not unique to Canada, there are millions of vacant cyber security positions available around the world.
Well paid
There is a an ever-growing need for cyber security professionals and that need helps to generate competitive salaries and benefit plans across the market.
Diversity required
Today’s cyber security professionals know that the best solutions come from diverse teams. Having people of different backgrounds and experiences working together on a problem creates the best, most effective solutions.
Diversity provides access to a greater range of talent. It provides greater insight into clients’ needs. It helps open doors to new markets and helps make a company more profitable and resilient.
Cyber security is for everyone!
Finance and banking
The industry maintains valuable information such as client identities, bank account information, financial assets, and intellectual property.
Health
Systems hold sensitive patient information and encompass medical implant devices such as pacemakers that may be exploitable.
Transportation
An industry vulnerable to cyber attacks to air and ground transportation systems. As well, the industry holds sensitive and valuable information such as birth dates, and passport numbers.
Safety
Emergency response teams, law enforcement, call-center communications-management software, CCTV systems, interactive voice response systems, and emergency alert systems are all vulnerable to attack.
Government
Cyber attacks on governments are increasing daily because a successful attack provides access to large amounts of private and sensitive information.
Communications
The industry transmits a large amount of sensitive information such as online retail transactions, email messages, web-browsing activity, social media platforms, and user’s private information.
Energy and utilities
An ideal target for cyber attacks on industrial control systems to access data or to cause physical damage to infrastructures.
Who is hiring?
Everyone!
That may be an exaggeration, but it is not far from the truth. Businesses of all kinds have proprietary information they need to protect. They also have the personal information of their employees, clients, suppliers, and business partners to protect.
Every online retailer, bank, school, law firm, medical facility, utility, and government has information and systems that need protection. Companies that engineer systems or new technologies, or companies that perform design work have intellectual property that needs to be protected.
Basically, if a business uses the Internet or a network to perform their tasks, they need cyber security professionals! Cyber security is fundamental to good business.
Private sector companies and government agencies both offer exciting career opportunities. Plus, the skills and experience acquired in either sector are attractive to both types of employers. So, mobility from one to another is always an option.
The facts below highlight why cyber security professionals are in high demand:
- any device that is connected to the Internet is vulnerable to cyber attacks
- worldwide, there will be ~38.6 billion devices Internet-connected devices by 2025Footnote 1
- cyber attacks happen every 39 secondsFootnote 2
- in 2020, the estimated ransom demands in Canada totaled $796 millionFootnote 3
- cybercrime is the cyber threat that is most likely to affect Canadians and Canadian organizationsFootnote 4
What do cyber security professionals do?
The great part about cyber security is that it encompasses many different fields. Yes, there are the extremely technical roles. But there are also many different fields that contribute to a business’s security posture (how good their cyber defences are).
As today’s companies do more of their business online, the need for cyber security professionals continues to grow.
Job roles can be separated into four basic categories. Let your interests guide you when choosing a career path.
Cyber security professionals work in diverse fields and perform important roles, such as:
- defending our nation
- securing our telecommunications infrastructure
- safeguarding our money
- protecting our electrical distribution systems
- protecting our identities
- ensuring our medical information remains private
- stopping ransomware attacks
- and many more
Govern and support
Manage and provide direction and support to ensure an organization conducts effective cyber security work. Roles include cyber legal advisor, policy analyst, privacy officer, and risk analyst.
Protect and defend
Detect, prevent, respond to, and recover from cyber incidents and threats. Roles include cyber threat assessor, data scientist/modeler, big data analyst, cyber security analyst, information security analyst, vulnerability assessment analyst, and penetration tester.
Design and develop
Develop, secure, test, and integrate hardware, software, and systems throughout a product’s life cycle. Roles include security architect, security engineer, application developer, and secure software developer.
Operate and maintain
Administer, maintain, and support to ensure effective and efficient performance and cyber security. Roles include network security operator, cryptanalyst, and technical support specialist.
No experience? No problem.
So, you’ve decided to make the jump and enroll in a cyber security program. Now what, you ask? “Will I be able to find a job in the field after school if I have no work experience in cyber security?”
The odds are in your favor.Consider this: graduates of cyber security programs tend to be quickly recruited by public and private sector organizations. In fact, the shortage of cyber security professionals is so pronounced that organizations are retraining employees in basic cyber security skills on the job! As a skilled graduate of a cyber security program, you are sure to be an attractive candidate for many employers.
To increase your odds, do the following:
network
get a LinkedIn account and start connecting with people in the industry. Businesses post jobs there and recruiters use it as a tool to find candidates.
understand the basics of IT
understanding the fundamentals of IT, such as administering and configuring systems, networks, database management and coding will go a long way towards getting your first job.
focus your interests
it is impossible to be an expert in all categories. Focus on an area such as networking security, and understand it well. Think ahead 5 to 10 years to your dream job, then look for an entry-level position that will give you the right skills.
gain practical experience
gain as much hands-on experience as possible. A coop position or internship will help you get a sense of IT procedures and real-world business operations. Even if you’re not in a program that offers these types of positions, you can accomplish a lot with self-directed learning. Many universities or certification authorities offer free online resources.
Cyber security professionals come from all programs
Organizations of all kinds face a formidable task when it comes to protecting their networks and the important information those networks store, process, or transmit. Surprisingly, the responsibility of protecting those networks does not rest solely on the shoulders of the highly technical staff who design, operate, and maintain the networks.
Every employee has a role to play!
Employees need to behave in a safe and cyber-secure manner. To do so, they must be trained. Therefore, learning and teaching professionals are required to develop and deliver courses. But, what does “safe and secure manner” really mean? Perhaps a policy analyst or a communication expert can help define the needs of the organization.
Organizations must also ensure they are compliant with the growing list of laws and standards. This points to a need for lawyers and policy makers who understand the implications of cyber security on day-to-day operations. To hire the people with the appropriate skills, human resources professionals must know what certifications and experience to look for.
Similarly, effectively enforcing cyber security policies requires coordination between groups within an organization. This requires the ability to work with diverse groups to define technical measures that have the right balance between security and usability.
To remain cyber secure, businesses need staff that have knowledge beyond that of just computers. There is a need for cyber security professionals who specialize in business, law, criminal justice, risk management, statistics, human resources, social and political science, and many other disciplines. Even knowing a foreign language can help get a job in cyber intelligence.
Bottom line
You don’t need to be highly technical or understand the inner workings of a computer to work in cyber security. However, you do need to understand the basics of the cyber security eco-system. Many universities and colleges offer introductory cyber security courses; take one as an elective to see if working in this field interests you. If so, try taking more advanced courses or getting an entry-level security certification. Your institute may even offer courses to prepare you for certification exams.
Career pathways
Get a
certification
Entry-level positions
- IT support specialist
- Computer network support specialist
- Junior cyber security analyst
Get a college diploma or
graduate certificate
Entry-level positions
- Network support specialist
- Network security operator
- System administrator
- Security administrator
- Cyber security operations analyst
With work experience
- Penetration tester
- Vulnerability analyst
- Cyber security specialist
- IT support specialist
- Technical support specialist
- Cyber security supervisor
Get a bachelor’s or
graduate degree
Entry-level positions
- IT security specialist
- Security tester
- Incident responder
- Cyber security operations analyst
- Vulnerability analyst
With work experience
- Cyber security researcher
- Cyber security engineer
- Cyber security architect
- Digital forensic analyst
- Information system security manager
- Cyber Security Manager
Certifications employers value
Certifications are a great way to kick start your career as they are focused on ensuring you have the skills required to do the job. Make sure to figure out which one will be best for your chosen career path. Certifications can be earned through self-study or in class. Some certification classes and exams are offered through multiple vendors and some college programs will prepare you to write a certification exam. Explore our Certifications in the field of cyber security guide to find out more about the more in-demand, globally recognized cyber security certifications.
Cyber security education
Post-secondary cyber security programs
Just as quickly as technology advances, career options and educational disciplines grow. Many Canadian colleges and universities currently offer great cyber security programs, and every year new programs are created. For a list of cyber security programs in Canada, please check out our Post-secondary cyber security related programs guide.