5 soft skills you need to be a successful security pro
The pace of new cybersecurity professionals entering the field is not keeping up with the demand, and the talent gap has been growing wider in the last few years. Considering the dire need, you may think that a job in cybersecurity is guaranteed. But employers aren’t just looking for trained candidates with specialized technical skills — they want to see people skills, excellent communication and other “soft” skills.
FREE role-guided training plans
Many cybersecurity education or training programs don’t teach soft skills, focusing instead on technical competence and proficiency. That means that if you want to succeed in this career, you may need to find ways to develop soft skills on your own and seek out opportunities that give you a more rounded experience.
The cybersecurity labor market
Currently estimated at nearly three million globally, the cybersecurity talent shortage is the highest in North America (at nearly 500,000 workers) according to the (ISC)2 annual Cybersecurity Workforce Study. In the United States, cybersecurity also has a much smaller supply of workers compared to other sectors. CyberSeek, an initiative funded by the private sector and the National Initiative for Cybersecurity Education (NICE), estimates the average supply-to-demand ratio in the industry at 2.3, compared to 5.8 for all jobs.
Cybersecurity workers are not only in high demand, they’re also paid well. A 2016 McAfee-sponsored report by the Center for Strategic and International Studies (CSIC) found that U.S. cybersecurity jobs paid $6,500 more than IT jobs in general, which comes to a 9.5 percent premium.
While the majority of organizations struggle to fill their cybersecurity openings, they increasingly want employees who have soft skills. In a 2017 survey by Tripwire, all 315 IT professionals said soft skills were important when they hired for their security teams, and 72 percent said the need for those skills has grown in the last two years.
Top soft skills you need
So what soft skills should you develop for a successful cybersecurity career? Here’s a list of some the most desirable:
- Problem-solving
- Communication
- Analytical thinking
- Collaboration/teamwork
- Attention to detail
1. Problem-solving
An important skill in many jobs, problem-solving is crucial in cybersecurity, where you’re constantly facing scenarios that you have to troubleshoot. Troubleshooter was the third most-important skill that Tripwire respondents identified — and to troubleshoot, you need to know how to approach a problem systematically.
A group of about three dozen Virginia employers that were part of a NICE-sponsored study said that communication and problem-solving were both the most critical and the 3. most difficult soft skills to find among cybersecurity applicants. Panelists on a 2018 Wall Street Journal cybersecurity forum echoed those sentiments:
“There’s a lot of people graduating from fine cybersecurity programs but they’re missing that core skill set of problem-solving, (having) no fear,” Theresa Payton, president and chief executive of Fortalice Solutions and former chief information officer of the White House, was reported as saying at the panel event.
2. Communication
Communication skills are also important in just about any profession, and cybersecurity is no exception — 60 percent of Tripwire’s respondents identified it as the most important skill. Yet, according to the CSIS study, 70 percent of the IT decision-makers surveyed found communication a scarce skill among college graduates.
4. You may need to present technical security information to a variety of stakeholders, answer nontechnical questions, “translate” technical knowledge into business value, develop and write policies and build strong professional relationships. You may also need to take on the role of a security advocate, promoting security practices to diverse audiences. All these activities require verbal or written communication, and perhaps both.
3. Analytical thinking
Somewhat related to problem-solving, analytical thinking was selected as the top required soft skills in the Tripwire survey (identified by 65 percent of the respondents). Analytical thinking is the ability to solve complex problems by breaking them down into smaller components. It usually involves a process like identifying the problem, gathering information, developing and testing a solution and so forth.
While analytical thinking is an innate ability for some people, you can develop this skill by applying your curiosity in a variety of situations — being observant, learning how things work, asking questions and analyzing your decisions. Then, like anything else, you need to apply this in practice.
4. Collaboration/teamwork
Solving security problems doesn’t happen in a vacuum, nor do you have all the answers. You’re often working in a team, collaborating with peers or other stakeholders and seeking other people’s expertise to find solutions. You need to learn how to build consensus as well as cultivate relationships.
Part of the ability to collaborate and work as a team comes from being an excellent communicator and problem-solver, but you also need good people skills, an open-minded attitude and patience, among other things.
5. Attention to detail
Steve Jobs famously said, “Details matter; it’s worth waiting to get it right.” As one story goes, he once left an urgent voicemail on a Sunday morning for Vic Gundotra, Google senior vice president and Google+ architect. The urgency was that the second O in Google’s logo on the iPhone was the incorrect yellow gradient, and Jobs wanted it fixed the next day.
In cybersecurity, the wrong logo color won’t ruin your day, but plenty of other missed details might. You’ll need to be detail-oriented when you dig deep to find the root of a data breach, analyze logs after an attack or conduct digital forensics. Oftentimes, you have to do these things while working fast under pressure, making that another highly useful soft skill.
Conclusion: Using your soft skills to outsmart attackers
Whether you’re developing cybersecurity products or working on the detection or remediation side, you have to think like a hacker. That’s where many of the soft skills come into play, and you’re using them in tandem with your technical skills to help protect your organization. Seeking professional development opportunities to help you enhance your soft skills and your career will be much more successful.
FREE role-guided training plans
Sources
- (ISC)² Report Finds Cybersecurity Workforce Gap Has Increased to More Than 2.9 Million Globally, (ISC)2
- Survey: 81% of Infosec Pros Say Required Job Skills Have Changed amid Skills Gap, Tripwire
- Survey says: Soft Skills Highly Valued by Security Team, Tripwire
- Hacking the Skills Shortage, Center for Strategic and International Studies
- The Cybersecurity Workforce Gap, Center for Strategic and International Studies
- Bridging the Cybersecurity Talent Gap in Hampton Roads, Hampton Roads Cybersecurity Education, Workforce and Economic Development Alliance
- Cybersecurity Requires Insatiable Problem-Solving Skills; Technical Skills Can Be Taught, Wall Street Journal blog
- Analytical Skills: Definitions and Examples, Indeed.com
- 7 Steps to Improve Your Analytical Thinking Skills, TalentBridge
- 5 Soft Skills Young Cybersecurity Professionals Need to Get Ahead, Dark Reading
- A Story About Steve Jobs and Attention to Detail, NPR
In this Series
- 5 soft skills you need to be a successful security pro
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity