Cyber security is one of the fastest developing industries in the world. The number of cyber-attacks rises year on year and cyber criminals are not only becoming more audacious with their attacks but are becoming more organised as well. Their main target is the business sector, creating a huge demand from companies for individuals who can defend their networks and critical data from the onslaught of cyber-attacks.
As a result, both the number and the type of roles available in cyber security have grown extensively. They are some of the most varied and rewarding jobs in the world that will offer a career like no other. However, the digital skills gap has meant that the cyber security industry is struggling to recruit the number of professionals it needs, meaning that the roles available are often overlooked by graduates. Below I’ve listed what I think are some of the roles that might capture the imagination.
One of the most glamorised jobs of the cyber security industry, a penetration tester legitimately tries to hack into networks and operating systems to identify vulnerabilities and report them back to the client. Often referred to as an ‘ethical hacker’, they are hired by companies that want areas of their IT infrastructure tested in a controlled environment.
Penetration testers, or pen-testers for short, will have an extensive knowledge of the ever-evolving cyber security threat landscape and will keep up to date on the latest tools used by cyber criminals. The best pen-testers will be aware of these threats, how they work and the kind of damage they can do, so that they can carry out a fully comprehensive test on an organisation’s systems. This is an exciting role requiring creativity and guile to try and beat the system’s defences. More complex is so-called “red teaming” which includes trying to access and discover vulnerabilities in the physical networks through social engineering a way into the client’s premises too and getting hands-on. Skills required for this aspect are not necessarily technical – psychology, behavioural science, good communications are all key components of a red-team.
Information Security Crime Investigator/Forensics Expert
An information security crime investigator examines and explores traces which are left by criminal or other threat-actor activity on operating systems and networks. The role combines the analytical skills and attention to detail of a forensics expert with the technical acumen of a cyber security professional.
As with a physical crime, a cybercrime will leave behind clues which the information security investigator will have to identify and build a report from to explain exactly where and how the crime took place. Like the penetration tester, the information security crime investigator will be knowledgeable regarding the latest methodologies employed to exploit systems. Apart from a crime scene investigator working on a physical crime, this is a job like no other and will appeal to those who have a natural talent for investigating and seeing what other might have missed.
A security architect is the individual who is responsible for maintaining the security of a company’s computer system. They will need to think like a hacker, anticipating the tactics that a hacker would employ and build the necessary defences to negate them. Ideally security should be built into an overall IT architecture up-front leading to a secure design, based on the security architect’s recommendations, security policies and security standards.
A security architect’s work revolves around designing solutions for an organisation’s security needs. They are responsible for analysing security threats and recommending solutions to protect information and data. The security architect will be responsible for identifying which software is needed and for implementing it across an organisation. They must stay up to date on the latest developments in both security solutions and cyber threats. The first any security architect must do when beginning a new job is to understand every part of a company’s IT infrastructure. They can then add to the system’s security with both software and hardware upgrades, building countermeasures against internal and external threats.
The majority of cyber criminals will use the tools developed by others to carry out their crimes. Only a select group of cyber criminals have the skills to actually design and develop the digital weaponry known as malware. These developers are called malware authors and they are constantly updating and creating new forms of this malicious software to infect and disrupt systems.
On the defending side are the malware analysts. They take the malware captured from cyber criminals, analyse it and reverse engineer it to understand exactly how it works, the damage it can do to computer networks and how it can be defended against. The malware analyst will also attempt to adapt the software so it can be used to build programmes designed specifically to defend against similar types of malware.
A Malware Analyst is skilled in multiple areas including reverse-engineering, programming and detective work. To finally crack the right code, find the key function or piece of data you were looking for makes this one of the most rewarding jobs in cyber-security.
Chief Information Security Officer
A Chief Information Security of Officer (CISO) is a senior level role within any organisation that requires a unique blend of cyber security technical skills and business acumen. One of the most demanding jobs in cyber security, CISO’s will balance legal, regulatory, technical and internal business requirements on a daily basis whilst also considering financial constraints, risks and technological adoption.
The CISO is ultimately responsible for reducing an organisation’s operational risks by implementing the necessary security processes. Their duties range from creating security policies to conducting digital forensic investigations.
Despite being a high pressure position, it is also one of the most exciting jobs in cyber security as the CISO will have the opportunity to work across multiple areas of the business. They will make decisions on implementing the organisation’s cyber security and work with both the IT department and external law enforcement agencies.