Actionable Purple Teaming Why and How You Can (and Should)...
While the average person may think of the entire cybersecurity industry as stereotypical hoodie-wearing, soda-sipping movie hackers, there’s more than meets the eye when it comes to career paths in this booming industry. Many of the “leet” hackers around begin doing so out of curiosity rather than a stable income… But regardless of your way in, security pays and has several paths to success based on your background and experience.
Additionally, security pros of any seniority level will become more efficient and effective in their workflows if their security team is using PlexTrac for data aggregation, collaboration, and reporting.
There’s undoubtedly no shortage of cybersecurity jobs and career paths in the industry. But the question remains: Is the industry right for you?
Before we talk about the types of cybersecurity jobs that exist in the wild, it’s important to ensure this career path is right for you. Let’s start with a quick questionnaire:
Do you enjoy figuring out how things work, dissecting said things, and looking for weak spots? Creativity and curiosity are must-haves in an industry where tactics, techniques, and procedures are changing and evolving so rapidly.
While not an absolute requirement to enter the cybersecurity industry, it’s more than likely that you’ll either be a part of a team, leading a team, or working with an external third-party at some point in your cyber journey. Delegating tasks to others on your team, trusting in your teammates’ abilities, and developing adequate communication skills are all important soft skills helpful for security pros.
Much like the path to a cybersecurity job, the work you do day-to-day is not easy and hardly ever has a straightforward answer. To be successful (and happy) in security, you need to be flexible both in the time you work on different projects and the methods you deploy to get the job done.
If these three questions have you terrified, the cybersecurity industry may not be the best fit for you. However, if we just described your dream job, we may have just found your calling. Here are 12 types of cybersecurity jobs in the industry, generally ranked from entry to executive level:
These positions are a great place to get started when transitioning into the cybersecurity industry. But keep in mind that while these are often considered entry-level, some of these jobs will require a baseline of IT experience or some sort of formal education, whether cybersecurity certifications or a degree in a related field from a university.
One of the more common entry positions or ways into security is by working a help desk. These employees largely handle support requests and technical questions from end users. This role will help you develop skills in prioritization and troubleshooting, as well as expanding and enhancing your general information technology (IT) skills.
Broadly speaking, cybersecurity specialists, also known as security operations center (SOC) analysts, are entry-level security pros tasked with implementing security audits across both hardware and software computing systems. Think of these employees as watchful eyes over your data, systems, and networks. Basically, the role of a cybersecurity specialist is to monitor the company’s security architecture for irregularities and to maintain proper security hygiene for the company.
Once you’ve got your foot in the door, most people tend toward roles in either offensive or defensive security. The following blue teamer roles represent good next steps for those interested in protecting the realm.
Moving up to the mid-level of cybersecurity jobs is often when you run into incident responders. Located on the defensive side of security, incident responders exist to contain, eradicate, and recover breaches made to the organization. These are the security employees consistently under the gun with constant threats, breaches, and vulnerabilities threatening a company’s crown jewels. These employees are responsible for responding to these threats in order to prevent (or at least mitigate) damage done to the organization.
The role of a cybersecurity analyst must be filled by a trained cybersecurity professional who specializes in network and IT infrastructure security. These employees, largely located on the defensive side of the house, also aim to defend and protect confidential company data. On top of many similar responsibilities to an incident responder, analysts must also configure tools (ex: vulnerability scanners), write and deliver security reports, and evaluate weaknesses of the company’s posture in order to prioritize remediation and mitigate risk.
Threat hunters work from a defensive point of view to identify advanced threats to the security of an organization that more automated and technology-driven practices may miss. This role is an extension of a cybersecurity analyst but focuses less on remediating known vulnerabilities than analyzing the environment and systems to identify, predict, and prevent highly advanced attack strategies.
Offensive practitioners or red teamers consider security of an environment from the outside — the perspective of an attacker. These jobs can range from mid-level to elite independent contracting roles.
Penetration testers or ethical hackers are the individuals in security that most closely resemble those pesky hacker movie stereotypes. These employees sit squarely on the offensive side of security. Pentesters also come in all shapes and sizes, from junior penetration testers just beginning their careers all the way to the principal level. Penetration testers are responsible for assessing and testing security systems within an organization. Pentesters conduct tests and purposely attempt to break their organization’s defenses in order to highlight vulnerabilities and exploits that exist as an entry point for bad actors.
Cybersecurity consultants serve a wide variety of roles for their clients, ranking from vulnerability management to governance, risk, and compliance (GRC), and penetration testing. Each consultancy has a different range of services and specialties, but the ultimate goal of someone serving as a cybersecurity consultant is simple. These individuals must assess an organization’s security posture based on their specialties, determine strengths, weaknesses, opportunities, and threats for this organization, and offer recommendations or services to help fix the negatives and expand the positives.
When you are ready to move up, one of these roles that focus on systems, processes, and human management may be the next logical step to put your experience to use.
An IT auditor’s role is to analyze and assess a company’s technological infrastructure to ensure processes are running smoothly. This is done by assessing both the security processes in place and systems being used, while also ensuring compliance with any regulations enforceable to the company. By and large, these IT auditors will be conducting risk assessments for a company and auditing processes to improve their efficiency and effectiveness.
In moving from middle to upper management we arrive at the cybersecurity manager role. These individuals exist to manage their organization’s cybersecurity processes (I know, shocking). This includes monitoring channels that information flows in and out of, observing and assessing the effectiveness of different security teams (ex: red and blue teams), and generally providing guidance to help the team achieve their goals as a whole. These individuals likely have a variety of experiences and have likely worked in numerous roles or on a variety of teams, providing them with deep knowledge on multiple verticals.
Cybersecurity architects are high-level security builders. They are largely responsible for building the processes, procedures, teams, and more that end up determining the strength of the company’s security measures. This involves designing, creating, and maintaining the systems that make the entire cybersecurity department work. All-in-all, cybersecurity architects are the ones in charge of many of the cybersecurity department’s day-to-day activities and are often the highest ranking security professional in the organization outside of a security director or CISO.
The top dogs in the cybersecurity industry are highly experienced individuals with a breadth and depth of knowledge to help them guide the full security function of an organization.
While the roles and responsibilities for security directors and CISOs largely overlap, the difference between the two is largely based on the size and maturity of the security team at the company. Generally speaking, security directors are the top dog at many small and medium sized businesses (SMBs). These directors are responsible for maintaining overall security for the organization and its assets, as well as the general security (whether physical or cyber) of all employees that work for the company. Additionally, security directors manage the managers of each security team and pass strategy and guidance on to upper, middle, and lower levels of the cybersecurity department for these SMBs.
Much like security directors for SMBs, chief information security officers or CISOs serve as the leader of the cybersecurity function for the largest and most mature organizations and are responsible for the overall effectiveness of the team as a whole. This includes a vast range of duties not limited to conducting security awareness and training, developing business and communication practices, identifying and obtaining goals and milestones for the security department, buying and deploying security platforms and tools (like PlexTrac) from vendors, and much, much more. This is the pinnacle of the security industry, and a big milestone to reach this level of reputation, expertise, and success.
This list is certainly not definitive, and paths to the top roles in the industry are often meandering. However, for those looking to get started or take the next steps in their career, we hope this blog sets the stage and details a number of viable career paths in cybersecurity you can pursue.
Actionable Purple Teaming Why and How You Can (and Should)...
Discovery and Enumeration Penetration Test Phases: A Foundation for Success...
April 2022 Feature Release: Maximizing Reusable Content Transform Your Penetration...
Introducing ALL the Phases of Penetration Testing Hack Your Pentesting...