In an organization, a cryptographer is responsible for developing systems that can encrypt sensitive information. They use algorithms and cyphers (messages written in secret code) to achieve this.
Cryptographers can find work in a variety of organization types, including private, governmental, and non-governmental. To attain a role in this subset of cybersecurity, you’ll most likely need a minimum of a Bachelor’s degree. Other relevant certifications can also help you get the top jobs in the field.
We have prepared a thorough guide on the cryptography career path, so you can find out if this is the right choice for you. We reveal how to become a cryptographer, as well as other important aspects of this career, including salary expectations and the best companies hiring cryptographers.
What is cryptography?
Many organizations handle large amounts of sensitive and vulnerable data in their IT and network systems. To prevent cyber criminals from accessing this information, a cryptographer will work to encrypt it. This means converting the data into a code (known as a cypher).
Cryptography is the art of writing codes (encrypting information) and translating the coded information back to its original format (known as decryption) to reveal its contents. Cryptographers develop systems, using algorithms and cyphers, that ensure only the sender and recipient of coded messages can view their contents. One way to achieve this is to create ‘keys’ (other pieces of code) that the sender and recipient can use to decrypt an encrypted message. Without the key, you won’t be able to see the message.
We can divide cryptography into two varieties: a symmetric type and an asymmetric type. In the case of the former, the same key is used for both encryption and decryption. A sender and recipient must already have this shared key beforehand. However, symmetric cryptography means there is a risk someone could intercept the sharing of this key and find out what it is.
Asymmetric cryptography adds a higher level of protection. With this kind of cryptography, there are two types of keys: a public key and a private key. Both the sender and recipient have the same public key but they each hold a distinct private key. The private key is kept secret at all times, while the public key can be freely distributed. When a cryptographer encrypts data with a public key, it can only be decrypted with the recipient’s private key.
A cryptographer will generate keys using cryptographic algorithms, well-defined instructions that a computer can follow to turn a message into code. The better the algorithms, the greater the degree of security. Cryptographers also work to ensure that private keys can be kept private.
A cryptographer will use algorithms to mask information like account and credit card details and wireless networks. This ensures that cyber criminals cannot steal information and use it for financial gain. Major corporations, military organizations, and government agencies also rely on cryptography to prevent cyber terrorism.
What does a cryptographer do?
The exact role of a cryptographer will vary, depending on the organization, qualifications you have, your level of experience, and other relevant factors. However, as a cryptographer, you can expect to have the following main responsibilities:
- Managing cryptographic keys, including generation, exchange, storage, use, revocation, and replacement of keys
- Providing technical support to governments, businesses, and firms to solve security-related problems
- Protecting vital information from interception or deletion
- Identifying weaknesses in security systems, algorithms, wireless networks, cellphones, and emails
- Designing stronger security systems to resolve weaknesses and prevent further vulnerabilities
- Developing and testing mathematical models to analyze data and solve security issues
- Testing models for reliability and accuracy
- Testing new cryptography theories and applications
- Ensuring online transactions are secure
- Updating methods for the efficient handling of cryptographic processes
- Advising staff on the best cryptographic methods and applications
One of the main techniques cryptographers employ includes security tokens: these are physical devices holding information that authenticates a person’s identity. You plug the token into a system (for example, into the computer’s USB port) to gain access to a network service, much like swiping a security card to get into an office.
Another common technique is key-based authentication: this is a method that employs asymmetric algorithms that confirm a person’s identity. It acts as an effective substitute for a password and involves using keys to gain access to a secure system.
What skills are required to become a cryptographer?
Like with jobs in other subsets of cybersecurity, cryptography requires specific knowledge and skills. With the general job description of a cryptographer in mind, as well as the possibility of additional duties, you will need the following hard and soft skills:
- Analytical skills – a strong understanding of mathematical principles including algebra and number theory
- Technical abilities – being able to create complex algorithms using programming languages like Java, Python, C, and C++
- Effective communication – being able to communicate with teams effectively, both in written form and verbally
- Excellent command over encryption, key exchange, and digital signatures
- Embracing new challenges
- Problem-solving skills
- Keeping up to date with cryptographic standards and developments in the field
- A strong desire to learn
How to become a cryptographer
If the daily life of a cryptographer sounds appealing, you may be wondering what steps you need to take to enter the field. Below is a five-step process, illustrating how to get trained as a cryptographer through to getting hired.
Here’s how to become a cryptographer:
- Strategize and create a career plan
- Gain a relevant degree
- Look into useful certificates
- Know where to look for work
- Enhance your knowledge
We’ll go into more detail on each of these steps below.
1. Strategize and create a career plan
Even if you have a career goal in mind, such as a particular position you want to eventually attain, you will still need a plan for getting there. This should include things like which qualifications and certificates are relevant for your desired cryptography position. If you are undecided about which role to go for, then your best bet is to research the requirements for all of them. This may help you decide which job to focus on.
When planning, it’s a good idea to factor in whether you want to work for a private firm, government agency, or NGO. This could influence the kind of degree and certificates you should study. Sometimes, it may be difficult to get a definite answer about job requirements. After all, each company and industry may want – or desire – different sets of knowledge and skills. If in doubt, you can always contact a recruiter directly to see what the general requirements are.
2. Gain a relevant degree
Most entry-level cryptographer positions will require at least a Bachelor’s degree in cybersecurity or another relevant subject. This should be the minimum for mid-level positions too. You can secure more senior positions with a Bachelor’s degree and several years’ experience. But if you want to attain a high level of seniority quicker, then it may make sense to pursue a Master’s degree. This will provide you with a more advanced level of technical knowledge and skills. Relevant subjects include:
- Computer science
- Computer engineering
- Data science
- Software engineering
- Computer programming
Here are a few examples of top Bachelor’s degrees to consider:
- Colorado State University’s Bachelor of Science in Computer Science (B.S.) (online)
- Western Governors University’s Bachelor of Science in Software Development (online)
- Southwestern College’s Bachelor’s in Computer Programming (online)
If you already have a relevant Bachelor’s degree under your belt, it’s time to get in touch with recruiters to find out if the qualification is right for the specific job you are aiming for.
3. Look into useful certificates
While a degree may be necessary for your chosen role, certain certificates may also be required, or at least preferred. Make sure you check the required or desired certificates for a job before enrolling onto a certificate program. You don’t want to waste your time and money.
Here are some of the most important certificates a budding or current cryptographer should keep in mind:
- EC-Council’s Certified Encryption Specialist (ECES)
- CISSP – Certified Information Systems Security Professional
- GIAC’s (Global Information Assurance Certification) GPEN certification
- CompTIA Security+
- CEH – Certified Ethical Hacker Certification
- GIAC’s (Global Information Assurance Certification) GPEN certification
- IACRB’s CPT – Certified Penetration Tester
- IARCB’s CEPT – Certified Expert Penetration Tester
- CompTIA’s PenTest+
- EC-Council’s Certified Blockchain Professional (CBP)
4. Know where to look for work
Once you have the necessary degree and qualifications, you can start your job hunt. Without job experience, or very little, you will likely need to focus on entry-level positions. But if you have some relevant experience, even if it’s in IT and not specifically in cryptography, you have the chance of securing a mid-level role.
Here are some useful resources listing government jobs in cryptography:
On the other hand, you might want to work in the private sector. Here are a few of the top companies that hire cryptographers:
You’ll also find no shortage of cryptographer vacancies on major job sites like LinkedIn, ZipRecruiter, Glassdoor, and Indeed. You can narrow your search by using niche sites such as CyberSecJobs.com.
Refer to the salary section below to find out which companies pay particularly well for cryptography roles.
5. Enhance your knowledge
Once you’ve secured a job, you can start to feel more confident about your medium- and long-term career goals. Over the next few years, you can continue your education, which will allow you to reach your goals sooner. Options for further learning include an online Master’s degree in cybersecurity or one or more of the above certificates.
Both Master’s degrees and certificates can often be completed online, in the evenings, on the weekends, and part-time. This will enable you to study while holding down a job. It may also be possible for your current employer to provide financial support for your studies.
A few online Master’s degrees to consider include:
- University of Illinois Springfield’s Master of Science in Computer Science
- Rochester Institute of Technology’s Master of Science in Data Science
- Boston University’s Master of Science in Software Development
However, you may feel drawn to other areas of cybersecurity. A position as a cryptographer can make you a suitable candidate for roles in computer forensics, penetration testing, security consulting, and security architecture.
The final aspect of cryptography we will look at is the salary you can expect to earn. Depending on which site you visit, you’ll discover a range of average salaries for cryptographer roles. We recommend using PayScale, as it’s a salary aggregator that takes into account salary averages from several sites. It’s widely regarded as a reliable source of information. According to PayScale:
- The average salary for a cryptographer is $200,000.
- The range of pay for cryptographers is $67,000–$450,000.
There is also valuable data showing how you can expect to see your salary increase over time:
|Average salary||<1 year||1–4 years||5–9 years||10–19 years||20+ years|
Want to aim for the best-paid jobs? Here are a few examples of what the top companies are paying cryptographers, supplied by SimplyHired:
- Trova – Remote Cryptographer Engineer ($89,000–$120,000)
- Protocol Lab – Software Engineer, Cryptography & Systems ($86,000–$110,000)
- PenFed Credit Union – Applied Cryptography Engineer ($89,000–$130,000)
- Booz Allen Hamilton – Cybersecurity Systems Engineer ($94,000–$130,000)