There are numerous subspecialties within the booming cybersecurity field[i]. Here are some of the most in-demand professions:
Cybersecurity Engineer: This is the all-around, jack-of-all-trades, go-to guy or gal of cybersecurity. For all intents and purposes, a cybersecurity engineer is a hacker – but a good one. Using their advanced knowledge of malware, viruses, theft, DDoS attacks and other digital threats, cybersecurity engineers defend organizations against crime online. Personality traits required for this role include being flexible, nimble and a do-it-yourselfer. Candidates also must have:
- A good background in penetration testing.
- Experience with additional online security measures.
- On-the-job experience, which is an absolute must for this position.
Malware Analyst: If you choose to specialize, working as a malware analyst is like being an oncologist fighting cancer. There’s research, removal or treatment, and it’s up to you to decide how to apply your training.
With millions of types of malware on PCs, Macs and even mobile devices there’s a significant shortage of experts in this highly in-demand field. Responsibilities include:
- Identifying and fighting viruses, worms and Trojan attacks.
- Educating companies about malicious software.
- Analyzing malware inside and out.
- Developing tactics to help prevent future attacks.
Application Security Administrator: Back in the days of desktop computing, the only means of compromising data were to insert a contaminated floppy disk into a PC or open an infected email attachment. We’ll call this the “anti-virus era.”
Next came the “network security era.” The need for cybersecurity evolved with the Internet as more companies developed internal and external networks.
Information security has evolved yet again. Today, we live in the “application security era.” The demand for application security administrators is nearly limitless. The job includes:
- Performing application security reviews, looking for potential weaknesses.
- Writing testing code for applications.
- Ensuring a company’s applications comply with the minimum standards for security.
- Ensuring that any applications that the company uses conform to the minimum standards for privacy.
Chief Information Security Officer (CISO): CISO is the top position managers in the field of cybersecurity work toward achieving. Prospective candidates should take a multifaceted approach to cyber education with courses in business fundamentals. Responsibilities might include:
- Monitoring the efficacy of security operations.
- Preparing a company to fight cyber attacks.
- Designing strategies to oppose imminent threats as well as threats in their early stages.
- Looking for cyber intrusions.
- Analyzing the company for possible holes in its network.
- Managing other security personnel.
Security Consultant: It’s tough to land a 9-5 job as a security consultant, but this is one of the most gratifying positions one can pursue when engaged in the diverse and rapidly changing world of cybersecurity.
Consultants come in two flavors: they have a knack for solving problems in a particular niche, or they have accumulated knowledge of multiple systems over the course of their career. Security consultants are expected to:
- Work with companies to come up with security tactics that align with the company’s particular needs.
- Possess knowledge about security standards, systems, etc.
- Have superb communication and management skills, as the security consultant will need to interface with management and know the company’s corporate policies.
- Test security measures that they’ve recommended.
When choosing a specialty keep a few things in mind. Try to choose one that can compliment another in the event you decide to make a change. Research how much training and education in time and money might be needed. Are there certifications that need to be re-qualified for and how often? Consider the dynamics of the specialty such as will you be working with individuals, teams, or by yourself. Will there be travel involved? Does it require overtime or is it a straight 40 hour a week job?
No matter what you choose, follow your heart.
I’m compensated by University of Phoenix for this blog. As always, all thoughts and opinions are my own.