If you’re considering cybersecurity career paths, one of the top questions you have is likely to do with the kind of jobs and responsibilities you’ll have.
Now, there are lots of different kinds of positions that fall underneath the “cybersecurity” umbrella, with more being added each year as the field rapidly evolves. But, an easy way to simplify the industry for our purposes is to divide it into the three primary job functions a cyber position is likely to fulfill: engineering, testing, and responding.
Cybersecurity Engineers
If you think of cybersecurity as building a physical house, then cybersecurity engineers are the construction team.
Sometimes called Security Operations or IT Security, these roles design, implement, operate, and maintain security systems. They build the infrastructure, optimize it to fit within and work for a particular organization, and keep it up to date.
Cybersecurity Engineers are the first line of defense against cyber attacks (an ounce of prevention is worth a pound of cure, as the saying goes). Their jobs are to predict where attacks will come from and design security systems that can block them or – should those fail – detect them before they can do any damage.
Entry Level
Many Cybersecurity Engineers transition into the field from traditional IT jobs, such as network engineers or system administrators.
Job titles for entry level:
Security Architect
Security Technician
Network Security Engineer
Mid-Level
Mid-level cybersecurity engineers often choose to specialize in a specific type of security control, such as workstation endpoint solutions or software security. But alternatively, they may also choose to stay general, in which case their duties often include performing analyses and designing on a macro scale.
Job titles for mid-level:
Security Systems Administrator
Security Software Developer
Senior Level
To reach a senior level, cybersecurity engineers must have a thorough understanding of current and developing cybersecurity methodologies. These professionals can evaluate security on both the macro and micro detail levels to understand their organizations’ security abilities, limitations, and areas for improvement.
Job titles for senior level:
Technical director
Security analyst
Director of security
Cybersecurity Testers
Cybersecurity testers have the more glamorous jobs in the field, and have been adapted into various Hollywood movies (think of the scrappy underdog in a gray sweatshirt taking down a corrupt organization’s security system with a few taps of his laptop keyboard and frequently exclaiming “I’m in!”).
These are professionals that test for vulnerabilities in security systems. They use knowledge of coding and security to hack into systems, looking for gaps in protection and mistakes that leave the digital door wide open. Their purpose is not to take advantage, but to reveal weaknesses that should be fixed before a malicious actor finds them.
More than any other career path, the “tester” role is most likely to be outsourced. Cybersecurity testers often work at a firm that specializes in penetration testing or may work independently in a freelance capacity.
Entry Level
Professionals in this field often pivot from the “building” side of the field, pulling on accumulated system knowledge to find gaps in others’ security.
Job titles for entry level:
Penetration tester
Ethical hacker (sometimes known as “white hat” hacker)
Mid-Level
When they are outsourced, cybersecurity testers are often part of the consulting services team and perform periodic audits of their customer’s firewall systems.
Job titles for mid-level:
Security research engineer
Internal, third-party, or external auditor
Senior Level
Senior-level testers often think bigger than simply breaking down a firewall or finding a vulnerability. They dig deep and design malicious software using advanced AI and modern technologies. The more advanced tools they develop, the more ready organizations will be when bad actors develop them as well.
Job titles for senior level:
Vulnerability researcher
Exploit developer
Cybersecurity Responders
Last but certainly not least are those that pick up the pieces when all the pre-planning fails to stop bad actors.
Cybersecurity responders plan for eventual security incidents and attempt to minimize damages or data loss, and get systems back up and running quickly. They may also analyze the incident after it happens to determine the facts of the situation: what the attackers did while they had access, who they were, and how they got in.
These roles may be either internal or external, as part of a security consulting firm that assists in an on-call manner.
Some of the job titles that fall under this function include:
Entry Level
IT/Digital Forensics Technician
Information Security Crime Investigator
Mid-Level
Security Operations Center Analyst
Forensic, Intrusion, or Malware Analyst
Incident Responder
Senior Level
Disaster recovery Manager
Business Continuity Manager
Start Your Journey Into Cybersecurity
Regardless of which of the three cybersecurity pillars you see yourself in, you’ll need a solid foundational knowledge to break into the field and start down and of these cybersecurity career paths.
No matter where you are in your career, our Cybersecurity Engineering Course will take you from foundational skills to practical, industry-ready knowledge in as little as 15 weeks.
Apply Today to get started on your next career, or try out our Cybersecurity Prep Work to see how you like the materials first (no strings attached).