Guide to Careers in Network Operations and Security
Securing digital networks and managing their operations is central to the broader mission of cybersecurity. These networks are comprised primarily of mainframe and desktop computers, servers, routers, and various types of workstations. It is these components of cyber infrastructures that network operations and security is primarily concerned with, just as software applications and individual user accounts fall within the purview of system security administrators and managers.
While network operation oversight and system security administration are related specializations that may overlap to some extent, depending on how an enterprise organizes is cyber workforce, ensuring the operational integrity and security of network hardware and other elements of IT system architecture is a responsibility assigned mainly to professionals with specialized training and experience in network operations and security.
Employment Opportunities in Network Operations and Security
Network operations security managers, administrators, and technical support specialists are employed throughout the economy by various types of business, as well as by government agencies, defense and military contractors, research universities, healthcare providers, technology firms, and other enterprises with large IT infrastructures. Indeed, any business, corporate entity, or organization that maintains its own networks of mainframe computers, servers, and workstations through local and/or wide area networks (LANs and WANs) is likely to employ one or more professionals with training in network operations and security. Even individuals and enterprises with relatively modest IT systems infrastructures require the services of network operations and security specialists periodically.
While many larger businesses and organizations choose to employ in-house network operations and security staff, some rely partially or fully on outside contractors to fulfill this function. This is also true of smaller businesses and organizations, as well as of individuals who have network operations and security needs. There are thus various employment opportunities for professionals with training in servicing and securing networks; installing, configuring, and troubleshooting LAN and WAN components (routers, hubs, and switches); and deploying security features such as network intrusion detection and protection systems, network firewalls, and virtual private networks (VPNs). These include staff positions in IT and cybersecurity departments at larger enterprises, and consultancy positions at IT management and cybersecurity firms that specialize in offering network operations and security services.
Among the job titles for these professionals are the following:
- Network Operations Security Manager
- Network Operations Specialist
- Network Services Administrator
- Technical Support Specialist
Knowledge, Skills, and Abilities (KSAs) for Network Operations and Security Professionals
Working in network operations requires in-depth knowledge of the components of network architectures and computer systems, digital network topology and protocols, and network communications (LANs and WANs), as well as skill in assessing network performance, identifying problems, remediating those problems, and integrating new systems and components into existing infrastructures. Common responsibilities in network operations management and oversight include monitoring network traffic flow, establishing routine schemas, performing regular maintenance on LAN and WAN components, and installing new network system components.
Network operations and security professionals must also be trained in the principles and best practices of cyber defense and security and be able to implement network backup and recovery procedures, diagnose and patch network vulnerabilities, and deploy security measures, such as spam filters, network intrusion protection systems (NIPSs), hardware firewalls, and anti-malware.
Much of what network operations and security professionals are called upon to do relies on technical knowledge of computer science, network architecture, and cybersecurity practices. However, maintaining and securing enterprise networks is commonly a team effort in which several technically skilled professions must work together and/or coordinate with other departments within an organization’s IT hierarchy, and some network operations and security specialists report to non-technical stakeholders and/or have outward facing positions that involve interacting with clients who may or may not have a technical background.
Thus, in addition to technical knowhow, it is helpful for those in the network operations and security field to cultivate strong professional and interpersonal communication skills and the ability to work effectively in a team setting. These are qualities that are commonly highlighted in job listings for network operations and security professionals. The sections below draw on job listings and on the National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity, which lists dozens of Knowledge, Skills, and Abilities (KSAs) for network services and network operations specialists.
General Technical Knowledge
- Common network attack vectors (DDoS, MitM, DNS tunneling)
- Common cyber threats and vulnerabilities (malware, phishing)
- Encryption protocols
- Network intrusion protection systems (NIPS) and intrusion detection systems (IDSs)
- Network security architecture concepts
- Personal Health Information (PHI) data security standards
- Payment Card Industry (PCI) data security standards
- Personally Identifiable Information (PII) data security standards
- Virtual private networks (VPNs)
- Web filtering technologies
Network Operations Knowledge and Skills
- Bandwidth management
- Best practices for processing, storing, and transmitting data
- Computer scripting and programming in Perl and Python
- Computer network diagnostic utilities and command-line tools, such as traceroute/TRACERT, ping, and nslookup
- Electronic communication systems
- LAN and WAN components (routers, hubs, and switches)
- Modes of network traffic flow, including Transmission Control Protocol and Internet Protocol (TCP/IP), the Open System Interconnection (OSI) model, and the Information Technology Infrastructure Library (ITIL)
- Network communication modes (e.g., LAN, WAN, MAN, WLAN, WWAN)
- Network backup and recovery protocols
- Network operating systems (NOSs)
- Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
- Server administration concepts
- Routing schemas
- Voice over Internet Protocol (VoIP)
- Wi-Fi technologies
- Analytical reasoning and problem-solving skills
- Familiarity with cybersecurity and privacy laws, regulations, policies, and ethics, including personal health information, payment card industry, and personally identifiable information data security standards
- Technical and professional communication skills
Training and Credentials for Network Operations and Security Professionals
Becoming a network operations and security professional requires a significant amount of technical knowledge and skill in the areas of computer science and engineering, information technology (IT) systems, and cybersecurity. There are a number of pathways to amassing this body of knowledge and developing the necessary technical skills, including academic training in computer science, IT systems, and cybersecurity, and on-the-job training in IT administration and management, information security, and network engineering.
Many employers, especially those looking to fill mid- and upper-level network operations and management positions, require or prefer candidates to hold a bachelor’s degree, and in some cases a master’s degree, in a relevant technical field. In addition to academic training options, individuals interested in becoming network operations and security professionals can also explore industry training programs and bootcamps, as well as certification programs that confer professional credentials that can enhance candidates’ qualifications.
Bachelor’s, Master’s, and Graduate Certificate Programs in Network Operations and Security
There are a number of majors offered at the undergraduate level that can prepare students for careers in network operations and security, including computer science, engineering, and information systems/IT management. There are also a significant number of accredited colleges and universities that offer a major in cybersecurity. Cybersecurity bachelor’s programs provide training and instruction in computer science, computer programming, IT systems, and the theories and practices of cybersecurity, offering a curriculum that is designed to prepare students for work in information security fields, including network operations and security.
For those who already hold a bachelor’s degree, there are graduate programs in cybersecurity that offer advanced training in many of the proficiencies required to work in network operations and security. These include master’s in cybersecurity, information security, and information assurance programs. There are also master’s in information technology and information systems management programs that have a designated specialization and/or elective coursework in network security.
Many schools offer graduate certificate programs in cybersecurity, network administration, and/or information systems management as well. These programs are similar in content to a master’s program concentration in that they consist of a small cluster of courses that focus on applied KSAs in a narrow area of practice. Studying cybersecurity, information systems management, and network administration at the graduate level can be a means of advancing into mid- and senior-level positions in network operations and security fields.
Professional Credentials and Certifications in Network Operations and Security
In addition to academic programs and on-the-job training, there are private industry groups and organizations that offer courses, bootcamps, and certifications in various IT and cybersecurity fields, including in network operations and security. Certified Information Systems Security Professional (CISSP), a credential administered by the International Information System Security Certification Consortium (ISC²), is one example of a cybersecurity credential that has broad applications and that is offered by a non-profit industry association.
Cisco Systems, an enterprise hardware, software, and communications company headquartered in California, offers several credentials, including Cisco Certified Network Associate (CCNA), an entry-level certification program that provides training and a professional credential in network operations, as well as CCNA Security, a two-part certification that involves passing a core Cisco security technology exam and a second exam in one of six subject areas (firewalls, identity services, email security, web security, VPNs, or security solutions). These credentials and several others that have applications in the field of network operations and security are included in the list below.
- Certified Network Defender (CND), offered by the International Council of Electronic Commerce Consultants (EC-Council)
- Certified Information Systems Security Professional (CISSP), and System Security Certified Practitioner (SSCP), offered by the International Information System Security Certification Consortium (ISC²)
- Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certified Information Security Manager (CISM), offered by ISACA (formerly the Information Systems Audit and Control Association)
- CompTIA Network+, CompTIA Security+, and CompTIA Server+, offered by CompTIA
- GIAC Certified Enterprise Defender (GCED), GIAC Information Security Professional (GISP), and GIAC Systems and Network Auditor (GSNA), offered by the SANS Institute’s Global Information Assurance Certification (GIAC) program
Examples of Jobs in Network Operations and Security
The examples below represent composites of actual job listings in the field of network operations and security. They are meant to offer an overview of some of the jobs that are available in this field along with details about what many employers are looking for in new hires.
Associate Network Services Engineer
- Primary Responsibilities: Provide post-sales technical support to cloud computing network customers; connect customer accounts to and from other networking vendor products; use scripting skills to create network provisioning automation; and administer bug scrubs, vulnerability scans, coding updates, and security patches.
- Education: Bachelor’s degree in a technical field such as computer science, information technology, or cybersecurity required; master’s degree preferred.
- Experience: One or more years in a customer service position in addition to technical background.
- Credentials: None specified.
- Technical Proficiencies: Scripting and programming skills; networking administration knowledge; familiarity with Ethernet technologies, virtual LANs, virtual extensible LANs, Ethernet VPNs, IP routing, and TCP/IP; and knowledge of UNIX/Linux systems.
- Other Attributes: Ability to write technical papers; analytical and problem-solving skills; and interpersonal communication skills.
Cybersecurity Network Engineering Specialist
- Primary Responsibilities: Design, implement, and maintain Linux-based enterprise cross-domain networks that allow for secure and reliable data transfers for general users; install and administer virus and malware filter technologies, such as PuriFile, Glasswall, and AV Scan; and ensure network systems comply with government information assurance and cyber security standards and practices through formal verification methods.
- Education: Bachelor’s degree in a technical field, such as information technology, information systems, or computer science.
- Experience: Four or more years in Linux network engineering and cybersecurity.
- Credentials: None specified.
- Technical Proficiencies: In-depth knowledge of virtual servers, physical servers, and associated technologies; in-depth knowledge of how files move across the network; in-depth knowledge of Linux systems engineering; and familiarity with network filter tools and technologies.
- Other Attributes: Technical research skills; ability to work with Security Technical Implementation Guides (STIGs); and eligibility for DoD security clearance.
Manager of Networking Services
- Primary Responsibilities: Provide management and support over enterprise computer networks; oversee maintenance and update the network and associated software; and manage networking staff.
- Education: Bachelor’s degree required, preferable in computer science, information technology systems, or cybersecurity.
- Experience: None specified.
- Credentials: Network security certification, such as CISSP, CND, or SSCP, preferred.
- Technical Proficiencies: Knowledge of networking concepts and operations, internet routing protocols, systems security tools, network architectures, server operating systems, and networking software applications.
- Other Attributes: Interpersonal communication skills; and the ability to manage technical staff.
- Primary Responsibilities: Design, test, and implement secure operating systems, networks, and database products; install network security upgrades; perform routine network operations and maintenance; implement, maintain, and support inter-organization communication networks; ensure the integrity, availability, and security of network infrastructure; recommend improvements in security protocols, including firewalls, electronic data traffic, and network access points; and prepare network security reports and briefings for government agencies.
- Education: Bachelor’s degree required.
- Experience: Ten or more years in network operations and security.
- Credentials: None specified.
- Technical Proficiencies: Knowledge of encryption technologies and methods; familiarity with penetration testing and vulnerability analysis tools and techniques; knowledge of firewall maintenance practices; familiarity with network analysis tools and their application; and an understanding satellite, LAN, and WAN network operations.
- Other Attributes: Capable of drafting requirements documents, correspondence, and procedural policies; ability to explain technical procedures and processes clearly and accurately; project planning and management skills, including scope of work, time estimation, and resource assignment; and eligibility for DoD security clearance.