As the need for cybersecurity grows, so does the need for cyber professionals. Here are five jobs to consider in the field.

It is a common misconception that to work in cybersecurity, you need to have an IT background. However, while this can be beneficial, it’s not necessarily true. Whether you studied the Arts or Sciences, whether you like to work solo or in a group, there are plenty of cybersecurity career paths to choose from.

The current cybersecurity skills shortage is a well-discussed topic, as is the current under-representation of females. However, many organization’s are working to rectify this.

Our own organization of 1,700 ,F-Secure ‘Fellows’ come from many different countries and backgrounds, with diverse educational backgrounds, skills and experiences. Yet all are happily ensconced within the cybersecurity industry, reinforcing the notion that you don’t need to be a nerd to succeed.

Cybesecurity professionals have never been more important than they are now and with cybercrime damages predicted to cost more than $6 trillion by 2021, and a worldwide shortage of workers anticipated to hit 1.8 million by 2021, companies are offering great salaries to entice the best employees.

There is no one linear path to a career in this field, but for the purpose of this piece, we’ll look at a few of the most popular jobs in cybersecurity:

Security consultant

A security consultant is the IT equivalent of Obi-Wan Kenobi — an advisor, guide and all-round security guru. In a consultant role, you could expect to regularly design and implement the best security solutions for an organization’s needs. For example, you may be performing vulnerability testing, analyzing risk and responding to security issues on a daily basis.

READ  Maurice Hill, Man Who Allegedly Shot 6 Philadelphia Police Officers, Was Federal Informant

Penetration tester/ethical hacker

Ethical hackers inhabit one of the more ‘glamorous’ jobs in cybersecurity and are routinely called upon to test the efficacy of an organization’s cybersecurity by attempting to hack into the network. In doing so, these pen-testers help identify vulnerabilities whilst also having an extensive knowledge of evolving cyber threats and the latest tools cyber criminals are using. A further development in the career of a pen-tester is ‘red teaming’, which includes trying to access and discover vulnerabilities in a company’s physical network using tools such as social engineering. Red teaming skills are not necessarily technical — these often include behavioral sciences and good communication skills.

Security architect

A security architect is responsible for maintaining the security of a company’s IT system. They need to think like a hacker, anticipate hacker tactics and deploy the defenses that will best protect the organization. Their role involves understanding every component in their IT infrastructure and adding to the system’s security by implementing both hardware and software upgrades.

Infosecurity crime investigator/forensics expert

As with physical crime, a cyber crime will also leave behind clues for an infosecurity investigator to identify. In this role, you would be expected to examine and explore traces of cyber attackers within operating systems and networks, combining the analytical skills and attention to detail of a forensic expert with the technical acumen of a security professional.

CISO

A Chief Information Security Officer (CISO) is a senior level role within any organization that requires a combination of security expertise and business knowledge. As one of the most demanding jobs in cybersecurity, CISOs often balance legal, regulatory, technical and internal business objectives and requirements on a daily basis. Despite being a high-pressure role, it can also be one of the most exciting within cybersecurity as you get to work across multiple areas of the business.

READ  Five Eyes nations demand access to encrypted messaging – Naked Security

Cybersecurity is one of the fastest growing markets in the world and as cyber criminals become more audacious with their attacks, the industry is in need of experienced personnel. As a result, the number and variety of roles available offer a career like no other. We just need to get the word out there.


Tom Gaffney is a security consultant at F-Secure, a leading global cybersecurity and privacy company that specializes in threat detection and response, as well as antivirus, password management, and endpoint security. With more than 20 years of experience in cybersecurity, Tom manages the professional service teams involved in serving cyber security to F-Secure’s operator partners, and an expert in issues relating to user security and privacy, as well as advising NGOs and privacy groups on Infosec.





READ SOURCE