Enterprises are going to be on the hunt for security professionals with the skills and certifications required to embrace the explosive demand for mobile devices and the cocktail of mobile security threats associated with them, according to several security industry career experts.
If I had those skills, or had the capacity to develop those skills, that would be an area I would absolutely consider developing. I think there’s quite a job market there in the next year or two.
Jeff Snyder, president, SecurityRecruiter.com
Security job recruiters and career advisors predict that in 2012 the swelling attraction to smartphones, tablets and other mobile devices will trigger substantial growth in jobs requiring IT security expertise. In particular, organizations are keen to nail down applicants with skill sets related to developing and maintaining mobile app security and enforcing mobile device security policies, according to Jeff Snyder, president of Woodland Park, Colo.-based SecurityRecruiter.com.
“The applications are now being written for mobile devices, and that brings up some different issues,” Snyder said.
Enterprises have been too focused on network security issues over the last few decades and as a result, according to Snyder, few organizations have spent enough time on creating secure applications.
“That’s where a lot of the vulnerabilities lie,” Snyder said. While secure application development has improved, other experts acknowledge that many firms lack enough developers skilled in creating secure Web applications and far fewer have the staff knowledgeable in creating hardened mobile applications.
Job recruiters and career advisors say application security has remained a sought after career path for decades, and those looking for career advancement may want to hone their skills in mobile security. Many enterprises are wild to implement Google Android and Apple iOS mobile applications that enable employees to log into company systems as well as engage customers with mobile apps. As a result, this stampede is leading toward a lack of mobile secure coding expertise, Snyder said.
“If I had those skills, or had the capacity to develop those skills, that would be an area I would absolutely consider developing. I think there’s quite a job market there in the next year or two,” Snyder said. “There are not a lot of people out there who have that experience.”
Enterprises have been slow to come to terms with and provide for the wave of security measures necessitated by smartphones and other mobile devices connecting to the corporate network, said David Foote, CEO and co-founder of independent research and analysis firm Foote Partners LLC. Now is the time for enterprises to plan ahead; and as many have not, the ramifications within the security job market will be huge, Foot said.
”I cannot fathom how little they really understand of how serious this is coming at them,” Foote said.
New technology, no matter what it is, has security ramifications, said Lee Kushner, recruitment expert and CEO of L. J. Kushner and Associates. Technology is constantly evolving and surging forward, sending enterprises scrambling and opening gateways for incredible industry and employment opportunities, Lee said.
“If these times have taught anybody anything, it’s the importance to reinvest in your career and continue to grow and push yourselves,” Lee said.
So what exactly is it that security recruiters are searching for as they look to hire during this mobile revolution? Recruiters recommend the path to cybersecurity career success is found by having a well-rounded skill set and the ability to communicate effectively in a business environment.
“If you want to stand out, go do the things most people don’t do; learn how to speak; learn how to write; things a computer science education didn’t advent,” Snyder advised.
The technical computing world and the business world are crossing paths more frequently, and with mobile technology taking over the way enterprises operate, the line that separates the two is greyer than ever, Foote said.
“What companies come to me for is generally to find those people who are technologists, but they’re also very savvy business people,” Snyder said.
IT security professionals need to know as much as possible about the structure and practices of the business at stake, the career experts said. When security pros are truly seeking to elevate themselves within their field, increasing business and industry knowledge is the surest path, Snyder said.
“When companies are using a search firm to fill a position, then they’re going to usually expect that a candidate’s going to have industry experience,” he said. “In other words, if it’s a bank, they want someone who’s coming out of a bank; if it’s a retailer, they want someone coming out of retail; and if somebody’s going after that job on their own, then the bar isn’t usually sent quite as high.”
The security profession is becoming increasingly unilateral, spreading across boundaries and seeping into all factions of trade; mobile technology is accelerating this process, Foote said. Millions of IT professionals are employed who don’t have traditional job titles, according to Foote. Despite lacking these customary classifications, when questioned, hiring managers often say they selected an employee because of their great IT skills, he said.
The secret lies in “being able to demonstrate you’ve continually grown and invested in your career, and you have an aptitude to kind of be able to evolve; it’s those types of folks who are winning the most highly sought after roles,” Kushner said.