Getting started with cyber-security, it is a usual thing to have a potential role you desire to fill. It could be in corporate or as a contractor. Truth be told, there is an unlimited amount of roles to seek out and fill in the cyber-security space.
However, as a beginner, seeking out a role many times helps streamline learning objectives as you seek to learn the technologies that are specific to those roles.
But also, finding out what role could also be a hard challenge so here are fifteen (15) roles that you should consider looking into in 2023 even as a beginner
Cloud Security Specialist
A cloud security specialist focuses on protecting data on a cloud server. It's a technical role but is multi-dimensional as it allows entry, mid and experienced-level entries within it.
You may have to learn about specific technologies depending on where you choose to work but overall your major tasks include analyzing threats and implementing protective measures over a cloud server.Cryptography Engineer
No, this isn't about cryptocurrencies. Cryptography is all about securing data by encrypting (or decrypting) data assets. As C.E. you're going to be creating algorithms and codes to the effect of protecting data. This is a highly technical role.
Computer Forensics Analyst
Have you seen those Hollywood movies where the CIA has one "guy" who they reach out to when they need to access a piece of computer hardware or software whenever there's an ongoing investigation? Well, that's you in this case.
Forensics is typically in law enforcement and while there are many specializations within the Computer Forensics department, you can find yourself working with the best intelligence agencies across the globe as a CFA.
Malware Analyst
A malware analyst is a technical role that involves you looking into the latest cyber threats in the form of viruses, worms, trojans etc. to come up with mechanisms to defend against them. Certainly, strong background knowledge in programming and software development is important. Also operating systems and how they work. A degree isn't necessary for this role which is why many people who transition into cyber tilt towards it.
Application Security Engineer
This is a technical role and is also role-specific i.e. you're required to have in-depth knowledge about a specific application or package of applications. Roles like Amazon AWS Engineer and Mircosoft Azure Engineer are examples of these roles as they are responsible for the development, implementation and maintenance of these application packages.
System Security Administrator
As an SSA, you have an administrative role to manage the functionalities of the system security within an organization. It is not a complete technical role, but it is important to know about systems, networks and the security protocols involved with them.
Penetration Tester
Pen-tester aka Ethical hackers is the supposed fanboys and girls of the cyber-security fandom. Whenever anyone thinks of cyber-security they think about ethical hackers naturally and by default, you already know this is a technical role.
Operating system knowledgeIT Auditor
I know you're tempted to imagine a lot of paperwork and you aren't wrong you see. Auditing does mean documenting, and you'll be documenting findings from the analysis, assessments and reports specific to organizations with the overall aim of making recommendations and creating guidance policies that suit the security objectives of the organization. Certifications such as CIA (Certified Internal Auditor) can help you get started.
Incident Manager
The name of this role is its giveaway. You're responsible for managing any incidents related to a cyber attack. Think of it as a firefighter for cyber attacks, as you'll be helping an organization recover its losses in the event of a security breach in its cyber department.
SOC Analyst
A Security Operation Center (SOC) Analyst is a specialized role that focuses on high-level security threats. A SOC Analyst monitors cyber threats and operations and is responsible for creating the mechanisms to prevent the occurrence of such attacks. This is a highly sensitive role and typically requires a degree with some licensing.
Information Security Specialist
An ISS role makes it to the list of non-technical roles within cyber security. Your responsibility revolves around maintaining the best policy practices within an organization and you'll work with multiple departments. So be ready to know just a bit about everything.
Chief Information Security Engineer (CISO)
Of course, you saw Chief, so you know this is a senior role within the cyber-security space. As CISO, you'll typically be heading a team whose role is to develop and implement security measures to protect an organization. A strong depth of technical knowledge is important for this role as well as some administrative knowledge to efficiently thrive in this role.
Database Administrator
Almost similar to a cloud security engineer, a database admin manages and monitors databases. But their responsibilities vary slightly (also depending on the organization and job description).
It's possible to transition from a D.A into a Cloud Security Specialist as these two as fairly synonymous.
Cybersecurity Consultant
"Want to make bucks! Be a consultant!" - Well, I made that up really.
As a cybersecurity consultant, you're responsible for identifying and evaluating risks, while implementing solutions to address any threats you encounter. This role would require you to be versatile, i.e. knowing a bit of everything from networking to application security, to sys admin and being a proficient auditor.Perhaps that's why it pays that well.
IT Security Officer
An IT Security Officer is typically a team member in the CISO department. Your task is to oversee the security of information within the organization, properly analyzing its risks to ensure while ensuring the implemented solutions comply with accepted regulations within the industry.
Conclusion
Certainly, you'd have noticed that many roles in cyber-security are interwoven with many roles sharing similar characteristics. This is natural and while you'll be required to specialize in specifics depending on the roles you go for, its important to understand clearly the fundamentals.
With a good understanding of the fundamentals such as networking, operating systems, auditing and reporting, some programming knowledge and security mechanisms and how they come together - you can pivot yourself into any direction you choose as many times as you want.
Just learn the fundamentals!