CAREER PATHS IN CYBERSECURITY (1)
Pursuing a career in cybersecurity is a little more complicated to pursue than other, more conventional careers. Most people find the amount of information available on picking a career path to be burdensome, confusing, and inconsistent due to the dynamic nature of the cybersecurity profession and the always-shifting landscape. Obtaining a technical foundation, an IT-related education, an industry credential, and/or relevant work experience, on the other hand, can be a good place to start, not leaving the foundation-based courses such as networking and system fundamentals, operating system, and security fundamentals behind.
The specific job responsibilities for any given cyber security role can also depend on the size and resources of the employer as well as be dependent on the fact that organizations also have different needs and priorities. “ At a smaller or mid-size firm, you might end up being “the full cyber security team,” i.e., “one man battalion,” yet at a larger company, specialists and their various tasks are more likely to exist. The majority of entry-level positions are generic and involve fundamental information security for an organization. So it is advisable to begin as a generalist before specializing in a subject that interests you or plays to your strengths.
Employers may have specifications for a candidate that they believe will be sufficient to demonstrate the required credentials. However, one’s aptitude for problem-solving, technical prowess, and capacity for comprehending the interdependencies of people, systems, and applications are frequently what identify one’s proficiency and expertise in cybersecurity. While there are a variety of applicable undergraduate programs, numerous industry certifications, and emerging master’s level degrees, there is truly no “best way” for entering the cyber field because many experts have different stories about how they started their journey.
Here are the Career paths in cyber security which may interest you :
- Penetration testing/ethical hacking
- Malware reserve engineering
- Application security
- Network security
- Digital forensic
- SOC/Incidence response
- Cyber Threat Intelligence
- Risk analyst
- Cyber Security Project management
- Cloud Security
- GRC Governance, Risk, and Compliance
- IT Audit
Penetration testing:
This is a part of ethical hacking just like cybersecurity is a part of information security. It is a cybersecurity technique organizations use to identify, test, and highlight vulnerabilities in their security posture. often carried out by ethical hackers. These in-house employees or third parties mimic the strategies and actions of an attacker in order to evaluate the hackability of an organization’s computer systems, network, or web application.
Skills:
- Programming languages, especially for scripting.
- Threat modeling
- Operating systems
- Security assessment tools
- Pentest management platforms
- Technical writing and documentation
- Cryptography
- Cloud architecture
- Remote access technologies
- Network and application security
Malware reverse engineering
It covers a broad range of areas, including decompiling and disassembling executable files and libraries, and analysis of system data. It is used to study malware activity and create tools to neutralize it.
Skills:
- Networking
- Digital forensic
- Malware analysis
- Encryption techniques
- Operating system internals
- Programming knowledge
Application security
Application security is to protect your business applications from security attacks by developing, inserting, and testing security components that make your application more secure. They work with developers to set up security control measures during every stage of software development. They also use tools and techniques to protect applications that have been deployed. the new trending DevSecOp is a part of Application Security.
Skills:
- Malware Analysis
- Collaboration with software development teams and knowledge of SDLC (software development lifecycle)
- Communication and documentation skills
- Security libraries and tools (e.g. static analysis tools, proxying / penetration testing tools).
- OWASP Top 10,Gitlab,GitHub
- Basic development or scripting/Coding
- Network and web-related protocols
- Risk assessment and threat modeling techniques
Network security
Network security engineers take care of every aspect of a network’s security. They identify and address the security gaps in a network. They also create policies to defend network infrastructure in case of a cyberattack and are responsible for quick disaster recovery.
Skills:
- Vulnerability assessments
- Programming languages such as Java, C++, and Javascript.
- Penetration testing, networking, system administration, and operating systems
- Risk and disaster recovery
Digital forensic
Digital Forensics is a branch of forensic science that includes the identification, collection, analysis, and reporting of any valuable digital information in the digital devices related to cyber crimes, as a part of the investigation.
Skills:
- Manage Digital Forensics Laboratory Environments
- Analyze Network-Based Data Acquisitions
- Acquisition of Data from Storage Media.
- Digital Storage Devices.
- Computer Operating Systems.
- Computer Programming.
- Malware Types.
- Ethical Issues regarding Data.
- Legal Issues regarding Data.
SOC/incidence response
Security Operations and Incident Management involves identifying, recording, analyzing, and managing security threats, risks, and incidents in real-time. A security operations center contains a team of security professionals who use a network of sensors, security tools, and monitoring equipment to proactively identify, evaluate and remediate potential cybersecurity threats. Based on understanding “normal” network activity, SOC analysts use their tools and processes to detect anomalous activity, providing 24/7/365 detection and response capabilities.
Skills:
- Network monitoring
- Vulnerability research and patching
- Threat detection
- Incident response
- Reporting
- Risk management
- Compliance
- communicating and documentation of incidents
- SIEM tools
N.B: The salary of every career path is an average per annum and it varies according to the geographical location.
Discussing All of the career pathways would make for a very lengthy read, thus “career paths in cybersecurity (2)” will cover the other 6 career paths.After that, a comprehensive breakdown of each career path follows.
thanks again for reading this far
Omolara Esther Hamzat (arami)
Cyber security analyst