The Short Version
Security Specialist is a catchall description for a wide variety of entry to intermediate-level IT security jobs.
In the majority of cases, you will be responsible for designing, testing, implementing and monitoring security measures for your company’s systems.
Security Specialist Responsibilities
As part of your job, you may be required to:
Analyze and establish security requirements for your systems/networks
Defend systems against unauthorized access, modification and/or destruction
Configure and support security tools such as firewalls, anti-virus software, patch management systems, etc.
Define access privileges, control structures and resources
Perform vulnerability testing, risk analyses and security assessments
Identify abnormalities and report violations
Oversee and monitor routine security administration
Develop and update business continuity and disaster recovery protocols
Train fellow employees in security awareness, protocols and procedures
Design and conduct security audits to ensure operational security
Respond immediately to security incidents and provide post-incident analysis
Research and recommend security upgrades
Provide technical advice to colleagues
In a large organization, you will typically report to a Security Manager.
Security Specialist Career Paths
Like Security Analysts and Security Engineers, Security Specialists occupy a muddy middle ground in an organization’s hierarchy. Before becoming a specialist, you may get your start as a:
After becoming a Security Specialist, you can aim for a senior-level security job such as a:
IT Project Manager
The highest paid and highest ranked security jobs include:
The term “Security Specialist” is also known in the business as an:
Information Security Specialist
IT Security Specialist
Computer Security Specialist
Network Security Specialist
NOTE: From what we’ve seen on job boards, Computer Security Specialists seem to have fewer high-level responsibilities than Security Specialists.
SECURITY SPECIALIST SALARIES
Payscale has two categories for IT Security Specialists:
The median salary for a Security Specialist is $74,580 (2014 figures). Overall, you can expect to take home a total pay of $45,481 – $114,105.
The median salary for a Computer Security Specialist is $64,349 (2014 figures). Overall, you can expect to take home a total pay of $38,332 – $105,903.
Total pay figures include your base annual salary, bonuses, profit sharing, tips, commissions, overtime pay and other forms of cash earnings, as applicable.
SECURITY SPECIALIST JOB REQUIREMENTS
It’s going to depend on the job. In entry-level positions, you may be able to get away with an associate’s degree or 4 years of experience in lieu of a degree. For higher-level positions, many employers will expect a bachelor’s degree in Computer Science, Cyber Security or a related technical field.
Don’t have a BS? You could consider a master’s degree with a concentration in IT security, training and/or professional certifications. Employers are also interested in seeing what kind of work experience you have had.
For entry-level positions, requirements can be as low as 1-2 years. For senior-level positions, expectations climb to 5+ years of experience with extensive work in IT security.
We’re going to hedge a little, since every employer is going to have very specific needs. That being said, it’s always good to ground yourself in fundamentals such as:
IDS/IPS, penetration and vulnerability testing
TCP/IP, computer networking, routing and switching
DLP, anti-virus and anti-malware
Firewall and intrusion detection/prevention protocols
Secure coding practices, ethical hacking and threat modeling
Windows, UNIX and Linux operating systems
ISO 27001/27002, ITIL and COBIT frameworks
PCI, HIPAA, NIST, GLBA and SOX compliance assessments
C, C++, C#, Java or PHP programming languages
Security Information and Event Management (SIEM)
In basic terms, Security Specialists play independently but work well with others. In other words, employers want to see you have strong oral and communication skills, a curious, analytical mind and the ability to solve complex technical problems.
Certifications For Security Specialists
We’ve listed some – but by no means all – of the options available. If you have time, reserve a 1/2 hour to scroll through job descriptions on LinkedIn – employers often specify precisely what certifications they favor.
Security+: CompTIA’s popular base-level security certification
CCNA: Cisco Certified Network Associate – Routing and Switching
CEH: Certified Ethical Hacker
GSEC / GCIH / GCIA: GIAC Security Certifications
CISSP: Certified Information Systems Security Professional