HOW TO CHOOSE BETWEEN IN-HOUSE AND CONSULTANT CYBER SECURITY JOBS
The cyber security jobs market is growing and the recent pandemic has widened the skills gap. As outlined in our global cyber security report for 2023, 72% of employers believe that events in recent years have had a significant impact on their cyber risk profile. However, 90% claim that the skills gap is affecting their organisations’ ability to implement their proposed cyber security strategy.
Currently, there are 3.5 million unfilled cyber security jobs worldwide, creating a near-zero unemployment marketplace for highly experienced professionals.
This situation poses a crucial decision for cyber security experts: should you opt for an in-house or consulting role? Let's examine the pros and cons of each to help you make an informed choice.
WHAT DOES A TYPICAL IN-HOUSE CYBER SECURITY ROLE ENTAIL?
If you work in-house with a specific company, you will work with the same team and IT environment every day. Each cyber security role is different but your responsibilities may include assessing potential threats to your corporate network, prioritising threats, escalating threats and investigating any breaches. Many cyber security professionals are also involved in training programmes to promote awareness and prevention, as well as develop response and recovery plans.
A standard in-house cyber security role is usually nine-to-five, unless there’s an issue. However, those working in a Security Operations Centre (SOC) may work alternating night shifts.
WHAT ARE THE PROS AND CONS OF WORKING IN-HOUSE?
• In-depth immersion in the organisation's IT infrastructure and operations.
• Collaboration with business leaders and across the organisation.
• Potential lack of exposure and getting stuck with mundane tasks.
• Limited room for change or wider business impact.
WHAT DOES A TYPICAL CONSULTING ROLE ENTAIL?
When consulting, you will work on a specific short-term project before moving on to the next one. These projects can vary in length but are usually a few months in duration, where you often work with multiple clients.
In an MSSP role, you typically work with several long-term clients as well. The day-to-day responsibilities are similar to a consulting role but you get the opportunity to work with the same set of organisations.
IS A CONSULTING OR MSSP ROLE BEST FOR YOU?
• Exposure to various business and IT environments.
• Ideal for individuals seeking diversity and expanding their skill set.
• Short-term engagements can be exhausting and limit deep dives into specific problems.
• Reliance on sales and a pipeline of customers can pose risks.
• Limited opportunity to influence the employer's working methods.
With both a consulting and MSSP role, it’s important to assess whether your personality is suited to these fast-paced engagements with multiple clients.
To conclude, cyber security is a dynamic and exciting field for any IT professional to work in. It’s also filled with plenty of opportunities – but you must assess all your career options to find a work environment that suits your interests and goals.