Cyber Career Paths
Blue Team Jobs
Cyber Security Specialist
A Security Specialist is an Entry Level Role within the Cyber Security Industry. The role may also be called Network Security Engineer. The responsibilities of this role holder is to ensure the networks security systems are working, configured correctly and recieving the latest patches and updates. This role will lead to opportunities within other areas of Cyber such as Incident Responder and Threat Analyst.
A Security Operations Centre Analyst's role is primarily concerned with Defending Networks. Often working in shifts over a 24/7 Schedule, the Analyst responds to alerts within the Intrusion Detection and Protection Systems (SIEM), determining if further response is required from Senior Analysts or indeed the Incident Response Team.
Incident Response Analysts are called into action when a threat has been detected within a network or system. Their role is to find the threat, track it and shut it down as quickly as possible. Often this role requires the responder to have detailed understanding of malware such as Ransomware and the actions to take if this is dicovered within company systems.
We are at war! Every day our information systems are attacked. It is the responsibility of threat intelligence analysts to keep up to date with the latest information on the attack methods used, new vulnerabilities being exploited and indicators of compromise. Once the intelligence has been gathered, they must communicate the information to the blue teams.
Red Team Jobs
These are the people who work internally within the organisation to find the gaps within the Security of the ISMS and find ways to close the vulnerable areas. They need to work fast and figure out the most efficient and secure way to stop Threat Actors taking advantage of the vulnerabilites. Working with system scanning software such as Nessus and OpenVAS to find the vulnerabilites.
This job is often the most sought after job by Entry Level candidates. It is however not an entry level role and can take years to attain the knowledge and skills required to perform this job successfully. Yes, you would be a 'Hacker' but you would also be a Systems Administrator, Technical Report writer and Presenter. You will need the soft skills to be able to effectively get over the details of your testing and recommendations on how to secure the vulnerable findings. The job may require you to fix the problems.
White Team Jobs
Policy & Procedure Writer
This role is not entry-level as it has a great deal of responsibility, however, there are opportunities for experienced professionals transitioning into Cyber/InfoSec from other career paths. You'll collaborate with executives and managers to effect positive change within the organisation. Updating policy to satisfy the requirements of security frameworks including NIST CSF, ISO 27001 and privacy legislation such as GDPR. Changes you make to policy can have a dramatic effect on the security posture of the org.
Information Security Analyst
While having a similar title, this role is very different to Security Analyst. It falls within the GRC or Governance, Risk and Compliance field of Cyber Security and mainly entails a Systems Management type of responsibility. They will write Policies and Procedures, carry out Risk Assessments, monitor risk levels, manage internal audits, document training requirements and carry out Security Awareness Training.
This role is entirely dedicated to the assessment, treatment and documentation of the organisation's Risk Management programme. Working with International Standards such as ISO 27005 to ensure best practice, and improve the security posture, with the goal to reduce the risk exposure of the organisation. These are the people who put together the information the Chief Information Security Officer (CISO) uses to negotiate the annual budget for the Security Team.
This role has the responsibility of checking the compliance of the organisation with international standards, laws and company policies and procedures. They will check each department's security procedures and highlight areas where the policies and procedures fall short of complying with requirements. This enables companies to attain certifications, giving suppliers, clients and employees the confidence things are being done correctly.
While this list does not give details of all possible roles within the Cyber Security industry, it does give a good breakdown of the main roles. With Information Security taking off as it has done recently, the world is full of opportunites for those willing to put in the effort to learn, boost their profile and stand out from the crowd. Every company on the planet is now a Cyber Security company, from Pizza Delivery to Joiners. If they have a computer, they need to be thinking about security. Their customers' data has value and criminals will look to exploit that if given the chance.