''Everybody is scared to death with what is going on with viruses, spam, denial-of-service attacks,'' says Dan Woolley, a vice president at Computer Associates International Inc. ''They're trying to figure out what is happening and how to protect themselves from it. That security has become a hot job doesn't surprise me at all.''
It also didn't surprise the analysts at Challenger, Gray & Christmas, a global outplacement firm based in Chicago, who put chief security officers and other security specialists high on its list of Hottest Jobs in 2004. The only other IT-related job that made the Top 10 list was IT consultant. Other jobs that made the list include pharmacist, accountant, investigator and nurse.
Security also found its way onto the analysts' list of Hottest Industries in 2004.
Even with hiring increases in these areas, it will not be easy to obtain a job,'' says John Challenger, CEO of the outplacement firm. ''Special skills are required in several areas and competition is increasing dramatically. Many people overlook the fact that they are competing with older workers who are returning to the workforce, as well as college graduates just entering the workforce.''
Woolley, a longtime player in the IT security industry, notes that three years after the dot-com bubble burst leading into the beginning of a recession, there are a lot of IT people looking for work right now. But not all of them have the technical chops to handle IT security.
''CIOs are saying they can't find enough security people,'' says Woolley. ''We've got patching and legislative controls, and perimeter and inside issues. We just can't find enough security people to do the work. You've got lots of IT people but a lot of them aren't trained in security. When it comes down to the nitty gritty of securing corporate information, there are not a lot of them out there.
''There is a real need for down-and-dirty security people,'' he adds. ''People who can deploy firewalls, upgrade systems, remediate environments that have been hit with breeches, and can get patches updated,''
Gordon Haff, an analyst at Illuminata, an industry analyst firm based in Nashua, N.H., says hiring managers need to be careful when it comes time to finding IT security specialists.
''People with a real deep expertise in security are a rare commodity,'' says Haff. ''It's a rather involved and complex field. You have people calling themselves security experts and they really aren't. It behooves a company to hire people who have been carefully checked out, particularly when the implications of properly implementing security are so severe.''
Graham Cluley, a senior technology consultant for Sophos, Inc., an anti-virus company based in Lynnfield, Mass., says IT security is a good field for technical people to get into but it won't be an easy ride.
''I certainly think it's true that in a time of recession when companies are cutting back, they can't afford to cut back on security,'' says Cluley. ''So IT security is a good area to look into. But it's different from going around and checking printers. It's an exciting area, but you have to be on top of it -- the viruses, the patches, the technology -- all the time.''