People talk about the cyber security job market, as if it is a monolith, but there are a variety of roles within cyber skills, which depends not only on your skill level and experience, but what you like to do.
In fact, Cybercrime Magazine produced a list of 50 cyberspace job titles, while CyberSN, a recruitment organization, came up with its own list of 45 cyber security job categories.
Similarly, OnGig.com, a company that helps firms write their job advertisements, analyzed 150 cyber security job titles and came up with their top 30 list. This article is based on research I did with Springboard, one of the first cyber security bootcamps with a job guarantee and a 1: guarantee.
In particular, CyberSeek.org, a joint industry initiative that looks at the cyber security job market, not only provides an interactive list of various positions within cyberspace, but provides you with a career path that shows you How to get promoted.
The complex part is that these titles and roles are generally not standardized, as well as they constantly change as the industry develops itself. The National Institute for Science and Technology, in the National Inservative for Cyber Insurance Education Workforce Framework, tries to standardize positions using the assumptions:
Action (the action that a person performs)
Knowledge (concepts have to be known to the person)
Skill (ability to work)
Organizations can use these concepts to create the roles and teams they use to perform the tasks they need.
According to the 2020 SOC Skills Survey from Cyberbit, the human resources department cannot understand the cyber-sector job market or how people in that sector are hired.
We have some differences here. The role of cyber security is differentiated by the level of experience required, but also whether you are red-team (offensive) or blue-team (defensive). Offensive roles (such as penetration testers) will generally require more experience as you build your understanding of defensive practice.
So what are some of the most common cyber security roles, and how are they different from each other?
Some more entry-level positions, typically requiring a COMPTIA Security + like certification, include:
Cyber Security Analyst: The Cyber Security Analyst company is responsible for protecting both the network and the data. In addition to managing all ongoing security measures, the analyst is also responsible for responding to security breaches and protecting the company’s hardware such as employee computers.
Security Engineer: Security engineers are tasked with planning and implementing the company’s information security strategy and maintaining all security solutions. They may also be responsible for documenting the security posture of their company and any issues or measures taken under their supervision. Security engineers are more defensive than their analyst peers.
Security Consultant: The Security Consultant is responsible for evaluating the security posture of a company on a contract basis, while also acting as a consultant for other IT employees. The advisors aim for threat management, and they will often plan, test, and manage early iterations of the company’s security protocols. Consultants are outside an organization, while cyber security analysts will be internal.
More mid-level roles and more aggressive roles, usually requiring certification such as certified ethical hacker, include
Advanced Threat Analyzer: Advanced Threat Analyzer will monitor computer networks with the goal of preventing unauthorized access to files and systems. They also provide reports to senior leadership incorporating the company’s technical defense capabilities.
Information Security Assurance: The information security evaluator reviews and makes recommendations about the company’s security posture. They do this by interviewing IT staff, reviewing network security, and testing for vulnerabilities. The evaluator also reviews the company’s security policies and procedures.
Penetration Tester: The penetration tester is hired to legally hack the company’s computer network. Examiners can also use social engineering tactics and try to gain information by verbally pretending to trust someone. If weaknesses are found, the penetration tester will make recommendations to enhance security.
For high-level positions, typically Certified Information Systems Security Professional (CISSP) and a minimum of five years of experience such as a certificate are required, including:
Information Security Analyst: The information security analyst is responsible for protecting the company’s network and maintaining all security against an attack. Analysts can also implement the company’s disaster recovery plan in the event of a network outage. Incidentally, according to OnGig, this is the most commonly requested cybersecurity statement by employers.
Information Security Manager: Information Security M