Reports of hacks and data breaches keep making news. Sometimes they come in bunches and leave many of us close to being scared out of our wits.
Companies looking to protect their networks and their data can’t afford to simply be scared. They have to make sure those networks and data are secure.
How do they achieve that goal, when so many IT departments are already overworked and understaffed? By looking for cybersecurity consultants. And that brings up the question of the skills they need to require.
Like other areas of information technology staffing, cybersecurity jobs require a mix of knowledge, hard skills, soft skills, and passion.
Working knowledge of the leading cyber tools, especially SIEM (Security information and event management) tools, along with in-depth knowledge of networking hardware and software, is essential. Knowledge of hacker tools and tactics, and familiarity with the so-called “dark web” are also necessary.
The hard skills include a solid understanding of system administration and programming experience. Many cybersecurity roles need programming and scripting skills as well. That’s because scripts are used to reduce repetitive tasks and programming experience is beneficial to understand how application and operating systems work to know how they are vulnerable.
The soft skills include the usual – communication, collaboration, and teamwork – and also the insight to think like a hacker in order to build cyber safeguards. But in this job, the ability to teach non-technical users security concepts without talking down to them is also crucial. Many companies have learned through experience that even the most hardened systems can be overcome by a single careless user responding to a phish email.
So a good cybersecurity consultant should never use a phrase like “stupid user.” Ever.
Cybersecurity specialists also need attributes like a passion for thinking about security 24/7; after all, network intrusions don’t happen only during business hours. And hackers seemingly never sleep, so cybersecurity personnel are constantly thinking about the next potential vulnerability.
We know that competition for skilled cybersecurity gurus is fierce, and this list is not exactly exhaustive. We simply wanted to give hiring managers a general idea of the capabilities they should look for before bringing a cybersecurity consultant on board at a competitive rate.
And we wanted to guide consultants looking for lucrative cybersecurity gigs an idea of the skills they need before presenting themselves to any company.
We know cybersecurity is a dynamic field. Watch this space for updates.