Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
career:start [2021/06/03 04:22] sebcareer:start [2021/11/19 06:14] (current) seb
Line 1: Line 1:
 +~~Title: Cybersecurity Career ~~
 ====== Career Corner ====== ====== Career Corner ======
 There are thousands of different career paths in Cybersecurity but there are a finite number of roles in the cybersecurity industry. There are thousands of different career paths in Cybersecurity but there are a finite number of roles in the cybersecurity industry.
  
-===== Cybersecurity Roles ===== +-> [[career/roles|Cybersecurity Roles]]
-Roles can be categorized by disciplines and can vary in the degree of specialization. Depending on the size of a Cybersecurity Program and the maturity of its operation there are more a less of the teams below. In some cases there might even be wildly specialized teams that we don't even have on the below list yet. In other cases there might only be one Cybersecurity role in the whole organization.+
  
-==== Cybersecurity Operations ==== 
  
-=== Digital Forensics & Incident Response (DFIR) === 
-This team is also known as **Computer Systems Incident Response Team (CSIRT)**. It's team members strive to fully contain any size of cybersecurity incident and eradicate any threat from your systems and networks. It also provides forensics for any kind of cybersecurity incident, which includes incidents with external and internal threats. Here are some roles that you would find in such a team: 
-  * Forensics Analyst/Specialist 
-  * Reverse Engineer 
-  * Incident Responder 
-  * Incident Commander/Manager 
  
-=== Security Operations Center (SOC) === +And while all the various roles will require different skills, there are some skills that apply well across all cybersecurity roles.
-The SOC is the team that watches alerts, investigates them, and responds to them by either escalating to DFIR/CSIRT or by issuing pre-defined/authorized Response Actions. This team usually works 24x7 and therefor has night shifts and often requires work on weekends. It is great as an Entry-Level (SOC Analyst L1) because it exposes you to all kinds of cybersecurity incidents and teaches you things like the cybersecurity kill-chain and the beginning of the IR workflow/processHere are some roles within this team: +
-  * SOC Analyst (L1/L2/L3) +
-  * SOC Lead +
-  * SOC Manager/Director +
-  * SOAR Engineer/Architect +
-  * Threat Intelligence Analyst (Threat Intelligence often ends up being its own team)+
  
-=== Security Engineering === +-> [[career/skills|Cybersecurity Skills]]
-The Security Engineering Team is usually closest to the IT Infrastructure team. Often the team members have worked in IT Infrastructure at some point during their career. This team usually maintains the security tool set. This team also performs security architecture reviews (aka Threat Modelling) for other IT teams. This team is often the starting point for a Cybersecurity program. Here are some roles within this team: +
-  * Security Engineer +
-  * Security Architect +
-  * Security Manager +
-  * Security Director+
  
-==== Governance, Risk, Compliance (GRC) ==== 
-In this space you find the paper generating strategists of the cybersecurity profession. Here are some roles you typically find in GRC type teams: 
-  * Fraud Analyst 
-  * Auditor 
-  * Audit/Compliance Manager 
-  * (Enterprise) Risk Manager 
-  * (Compliance/Risk) Director 
-  * Privacy Manager/Director 
-  * Chief Privacy Officer (CPO) - This person does not always report to the CISO (It might belong to the Legal team instead.) 
  
-==== Product Security ==== 
-In an organization that produces digital services and goods, there is usually a team responsible for the security of its products. Depending on the product you would need some of the roles from this list: 
-  * Software Security Engineer/Architect 
-  * Hardware Security Engineer/Architect 
-  * Cryptographer 
-  * Code Auditor 
  
-==== Penetration Testing / Red Team ==== +Now, let’s talk about how you get your first cybersecurity job.
-This team specializes in testing the security posture of the org with the goal to provide valuable insight into present vulnerabilities and weak configurationsHere are some roles within such a team: +
-  * Penetration Tester +
-  * Penetration Testing Lead +
-  * Exploit Coder (writes exploit code for a given vulnerability) +
-  * Code Tester/Analyst (performs dynamic and static code analysis to find vulnerabilities)+
  
-==== Chief Information Security Officer (CISO) ==== +-[[career/firstjob|Getting your first Cybersecurity Job]]
-The BOSS of it all. This person gets to translate the complicated matters of cybersecurity to the C-Level and the Board of Directors. This person also acquires and manages budget and headcount. Defines overall Cybersecurity Program and comes up with Vision, Roadmaps and other strategic things. Needs Monk-like ZEN abilities. +
- +
-===== Online Resources ===== +
-  * [[https://www.cybersecurityeducation.org/careers/|Cyber Security Careers (cybersecurityeducation.org)]] +
-  * [[https://www.coursera.org/courses?query=cybersecurity|Coursera Cybersecurity]] +
-  * [[https://www.udemy.com/courses/search/?q=cybersecurity&src=sac&kw=cyber|Udemy Cybersecurity]] +
-  * [[https://isaac.as/the-13-most-important-skills-to-have-as-a-cyber-defender/|The 13 most important Skills to have as a Cyber Defender (isaac.as)]]+