What Does a Security Specialist Do?
The Short Version
Security Specialist is a catchall description for a wide variety of entry to intermediate-level IT security jobs.
In the majority of cases, you will be responsible for designing, testing, implementing and monitoring security measures for your company’s systems.
Security Specialist Responsibilities
As part of your job, you may be required to:
- Analyze and establish security requirements for your systems/networks
- Defend systems against unauthorized access, modification and/or destruction
- Configure and support security tools such as firewalls, anti-virus software, patch management systems, etc.
- Define access privileges, control structures and resources
- Perform vulnerability testing, risk analyses and security assessments
- Identify abnormalities and report violations
- Oversee and monitor routine security administration
- Develop and update business continuity and disaster recovery protocols
- Train fellow employees in security awareness, protocols and procedures
- Design and conduct security audits to ensure operational security
- Respond immediately to security incidents and provide post-incident analysis
- Research and recommend security upgrades
- Provide technical advice to colleagues
In a large organization, you will typically report to a Security Manager.
Security Specialist Career Paths
- Security Administrator
- Network Administrator
- System Administrator
After becoming a Security Specialist, you can aim for a senior-level security job such as a:
The highest paid and highest ranked security jobs include:
The term “Security Specialist” is also known in the business as an:
- Information Security Specialist
- IT Security Specialist
- Computer Security Specialist
- Network Security Specialist
Security Specialist Salaries
Payscale has two categories for IT Security Specialists:
- The median salary for a Security Specialist is $74,580 (2014 figures). Overall, you can expect to take home a total pay of $45,481 – $114,105.
- The median salary for a Computer Security Specialist is $64,349 (2014 figures). Overall, you can expect to take home a total pay of $38,332 – $105,903.
Total pay figures include your base annual salary, bonuses, profit sharing, tips, commissions, overtime pay and other forms of cash earnings, as applicable.
Security Specialist Job Requirements
It’s going to depend on the job. In entry-level positions, you may be able to get away with an associate’s degree or 4 years of experience in lieu of a degree. For higher-level positions, many employers will expect a bachelor’s degree in Computer Science, Cyber Security or a related technical field.
Don’t have a BS? You could consider a master’s degree with a concentration in IT security, training and/or professional certifications. Employers are also interested in seeing what kind of work experience you have had.
For entry-level positions, requirements can be as low as 1-2 years. For senior-level positions, expectations climb to 5+ years of experience with extensive work in IT security.
We’re going to hedge a little, since every employer is going to have very specific needs. That being said, it’s always good to ground yourself in fundamentals such as:
- IDS/IPS, penetration and vulnerability testing
- TCP/IP, computer networking, routing and switching
- DLP, anti-virus and anti-malware
- Firewall and intrusion detection/prevention protocols
- Secure coding practices, ethical hacking and threat modeling
- Windows, UNIX and Linux operating systems
- ISO 27001/27002, ITIL and COBIT frameworks
- PCI, HIPAA, NIST, GLBA and SOX compliance assessments
- C, C++, C#, Java or PHP programming languages
- Security Information and Event Management (SIEM)
In basic terms, Security Specialists play independently but work well with others. In other words, employers want to see you have strong oral and communication skills, a curious, analytical mind and the ability to solve complex technical problems.
Certifications for Security Specialists
We’ve listed some – but by no means all – of the options available. If you have time, reserve a 1/2 hour to scroll through job descriptions on LinkedIn – employers often specify precisely what certifications they favor.
- Security+: CompTIA’s popular base-level security certification
- CCNA: Cisco Certified Network Associate – Routing and Switching
- CEH: Certified Ethical Hacker
- GSEC / GCIH / GCIA: GIAC Security Certifications
- CISSP: Certified Information Systems Security Professional