Getty Images/iStockphoto
The need for cybersecurity professionals has never been greater. Given the ever-expanding roles of technology, data and AI in the enterprise, the need to protect, detect and remediate against cyber attacks is of existential importance across every sector.
At the same time, organizations of all kinds are grappling with the much-discussed cybersecurity talent shortage. A wide variety of opportunities abound, and the field needs a diverse array of talents and skills.
As an aspiring or current practitioner weighing possible career options, consider the following eight cybersecurity roles.
Seniority: Entry-level to midlevel
The security administrator is an operational role overseeing an organization’s security on a day-to-day basis and troubleshooting and triaging problems as they arise. Typical tasks might include the following:
Seniority: Entry-level to senior-level
The security operations center (SOC) analyst role involves uncovering potential cyber attacks by monitoring for unusual digital activity. SOC analysts use traditional log monitoring, as well as more advanced AI-based tools, that alert to suspicious behavior.
Many cybersecurity professionals’ first jobs are in the SOC, and an entry-level analyst could go on to hold any number of positions in the field.
While junior SOC analysts’ responsibilities are operational in nature — reviewing and processing alerts from security tools to weed out false alarms and escalate potential red flags — senior SOC analysts shoulder more advanced responsibilities. These might include the following:
Regardless of seniority, a SOC analyst needs an eye for detail, the ability to troubleshoot and an interest in threat research.
Seniority: Entry-level to senior-level
As the term suggests, digital or computer forensics involves retroactively investigating confirmed security incidents, such as data breaches. Digital forensic engineers — also known by titles such as cyber forensic investigators and computer forensic analysts — seek to uncover and understand the scope of attacks, who perpetrated them and how.
A digital forensic engineer’s responsibilities may include the following:
To be successful in this role, a digital forensic engineer must have the following:
While many digital forensic engineer, analyst and investigator roles require significant experience, related entry-level positions do exist. In some cases, for example, junior technicians may need only a bachelor’s degree and relevant technical skills to get started in digital forensics.
Seniority: Entry-level to senior-level
The IT auditing role involves evaluating an organization’s security practices and technological infrastructure to assess the following:
After assessing an organization’s risk profile, an IT auditor makes formal recommendations for improvement to key stakeholders. Other key responsibilities of an IT auditor include developing, implementing and updating the audit framework.
IT auditors need strong interpersonal skills and the ability to build relationships across their organizations; the ability to interpret and implement security frameworks; and an interest in meeting regulatory requirements effectively and efficiently.
Seniority: Midlevel to senior-level
The application security engineering role focuses on protecting an organization’s applications from attackers throughout the software development lifecycle and the application lifecycle. Appsec engineers may work in standalone teams or as integrated members of DevSecOps teams.
An appsec engineering position typically involves the following:
Today’s appsec engineers may also oversee API security and recommend best security practices for third-party application use.
Seniority: Midlevel to senior-level
Network security engineers aim to minimize network security vulnerabilities without sacrificing uptime. They need technical skills, the ability to troubleshoot problems as they arise and extensive knowledge of common and emerging cyber threats.
A network security engineer’s responsibilities typically include the following:
Today’s network security engineers may manage infrastructure in traditional on-premises, cloud or hybrid environments.
Seniority: Midlevel to senior-level
Also known as ethical hackers, pen testers work to proactively uncover enterprises’ security vulnerabilities by modeling attacker behavior. Pen testers try to breach networks and systems by exploiting known and unknown technical vulnerabilities and by engaging in social engineering. Their goal is to uncover security weaknesses before malicious hackers do.
Necessary skills include the following:
Pen testers may work for dedicated in-house teams or for third-party firms that serve multiple organizations.
Seniority: Senior-level
The security architect role overlooks the entire security posture of an organization. It includes the following responsibilities:
For security architects who are managers — leading teams of security engineers — people and communication skills are also important.
Part of: Getting started in cybersecurity
Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door.
Cybersecurity is an exciting and increasingly important field with a wealth of career opportunities. Explore eight cybersecurity roles and the skills, talent and experience required.
Resumes help candidates leave an impression on potential employers. But did you know one resume often isn’t enough? Learn this and other tips for creating a cybersecurity resume.
It’s difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry.
Cisco Viptela SD-WAN integration with Cisco+ Secure Connect brings cloud-based security to remote workers and easier …
Extreme Networks extends its SD-WAN network fabric to the edge to unify wired, wireless and WAN networking for simpler network …
Hybrid access as a service from a startup helped a global company secure optimized connectivity over home broadband connections. …
Technology products remain a mixed inflationary bag as server prices increase, storage costs decline and equipment delivery lead …
In its pursuit of big tech companies, the FTC theorizes their dominance is based on acquisition of nascent companies — a theory …
Two upcoming Supreme Court cases could significantly change how Section 230, which protects social media platforms from liability…
Internet Explorer mode lets users view legacy IE websites not supported by other browsers, which can increase productivity and …
Implementing MDM in BYOD environments isn’t easy. IT should communicate with end users to set expectations about what personal …
Dell joined Microsoft in cutting 5% of its workforce due to slowing PC sales. The company said the action will better position it…
Workloads with rigid latency, bandwidth, availability or integration requirements tend to perform better — and cost less — if …
Utilities and manufacturers are examples of industries using distributed cloud computing in private facilities to collect and …
If your cloud-based workloads and applications need to move back on premises, you’ll need a plan. Start your reverse migration …
Only days away from the eyes of the comms world turning to Barcelona, comms tech firms team with leading Spanish operator to demo…
UK’s leading telco switches on dedicated internet of things frameworks for businesses across the UK, allowing them to keep smart …
People are interested in STEM careers but many feel underqualified, while some don’t even know what counts as a STEM job, IBM …
All Rights Reserved, Copyright 2000 – 2023, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information
Leave a Reply