This blog is part of a series to help organizations of any size optimize their security. Our experts provide insights and recommendations based on common security use cases, customer questions, and security software developer needs.
If you’re a technical professional thinking about a career in cybersecurity, this article is for you. Many technical skills are highly transferable to fighting cybercrime and this is an industry in which people who enjoy continuing to evolve and learn can thrive.
A good reason to consider a cybersecurity role is that the cybersecurity industry continues to offer massive opportunities. In the United States alone, Statista reports over 750,000 cybersecurity job openings and according to CompTIA, there are approximately 68 workers for every 100 open roles.
While large, global technology companies have recently conducted layoffs affecting many types of technical roles, the cybersecurity industry remains strong in part because cyber professionals require more specialized training than other roles. Another reason this industry is strong is because companies are prioritizing the safety of their data and infrastructure as they learn and understand the ramifications of a breach or attack on profits and revenue.
What do you need to become a cybersecurity professional?
Some cybersecurity roles ask for a degree in computer science, information technology, systems engineering, cybersecurity, or a similar field. In addition to or instead of a degree, many positions require specific certifications or years of experience with hands-on knowledge about firewalls, cloud security, endpoint security, and incident detection and response.
Check out the blog in this series about upskilling, which includes a list of skills that cybersecurity professionals should nurture and provides education resources for some of the most in-demand certifications.
What are some of the most in-demand cybersecurity roles?
The following are some of the types of roles available. Some of the roles below have overlapping responsibilities in their general descriptions, but organizations tailor and customize positions for their specific needs.
For those in the U.S., Cyber Seek maintains a heat map of total cybersecurity job openings and data about openings specific to some of the most sought-after certifications.
- Security architects design and maintain an organization’s security architecture. Other tasks they perform include evaluating systems for vulnerabilities by performing penetration tests, risk assessments, and ethical hacks. They also evaluate routers, firewalls, and other systems for efficacy. Security architects help their organization adhere to security standards relevant to their organization’s industry such as those from NIST, ISO 27001, GDPR, and HIPPA.
- Cybersecurity engineers identify threats and vulnerabilities in their technology ecosystem and develop and implement solutions to defend their organization against malware, ransomware, hacking, insider threats, and other types of cyber attacks. They help protect digital assets and maintain data integrity.
- Cybersecurity analysts protect networks, hardware, and software from cybercrime activity by understanding an organization’s infrastructure in detail and monitoring it to evaluate threats. They analyze logs, events, network traffic, security incidents, and suspicious files and help with countermeasures and prevention of future intrusions.
- Security specialists can perform different types of tasks depending on an organization’s needs such as installing, administering, and troubleshooting networking and security systems. They may also monitor software analytics, perform audits, and maintain security policies. Types of specialists include network security, application security, cloud security, threat intelligence, incident response, identity and access management, security operations center (SOC), compliance and risk management, physical security, and forensics.
- Cybersecurity managers monitor the operations and information flows throughout an organization’s infrastructure and often supervise other professionals, analyze security risks, and make cybersecurity recommendations and policies for their organization. They are responsible for cyber strategy and planning, budgeting and resource management, team management, risk management, incident response management, compliance, security awareness and training, third-party management, security reporting and communications, governance, and continuous improvement of cybersecurity processes.
- Penetration and vulnerability testers (also known as ethical hackers) perform simulated cyber attacks on systems and networks to identify and mitigate vulnerabilities and weaknesses. They proactively discover security weaknesses by simulating real-world scenarios and attempting to exploit vulnerabilities and gain unauthorized access or control of systems. If successful, testers identify the root cause of security gaps and recommend steps for remediation.
- IT auditors ensure that an organization’s systems and infrastructure run smoothly and efficiently and meet all requirements to comply with security protocols. They may also be tasked with optimizing processes and IT ecosystems through continuous evaluations and testing. They provide independent assurance that an organization’s infrastructure is functioning as intended and that data is protected.
- Network engineers design, build, implement, configure, and maintain network hardware and software to ensure security and integrity. They also monitor network performance and troubleshoot network issues. Network engineers implement and configure routers, switches, firewalls, load balancers, wireless access points, virtual private networks (VPNs), and intrusion detection and prevention systems (IDS/IPS).
Are there cybersecurity roles for professionals without a coding background?
Yes! Roles to get started in cybersecurity or create niche expertise include help desk technician, customer or product support analyst, knowledge manager, database manager, program manager, writer, legal advisor, communications manager, marketer, cyber instructor, and many more. Many of these roles can be pathways to more technical cybersecurity jobs if desired.
Learn more about security for your unique environment
If you’re not sure about your security posture or the level of vulnerability in your organization’s IT environment, a security assessment can help you develop a clear view of your current state and the possible remediations. You can also rehearse real-time scenarios and threat-hunting through our Cyber Defense Simulation service. Visit the Professional Services for Security resources section for overviews of the different types of assessments available, and contact us at [email protected] to learn more.
For more support, read the other blogs in this series which include tips for building up cybersecurity skills, a review of the cybersecurity mesh architecture framework, and practical ways to secure APIs.