This year, there will be an estimated 3.5 million unfilled cybersecurity positions. Meanwhile, less than 25 percent of applicants are qualified for these roles. In other words, there’s a strong demand for qualified, experienced cyber security professionals, so individuals with the right background and experience should consider making a move into this exciting industry. Here are a few niches to consider.
What do you do?
This entry level role is a great way to get started in the cybersecurity world. Incident response specialists spend their day monitoring the company’s network, logging any potential breaches, and addressing or escalating them. Incident response analysts also work on searching for vulnerabilities in the enterprise system, running tests, and developing response strategies.
Why is this role important?
Cyber criminals are crafty and dynamic. Every time companies patch up a vulnerability or develop a protection strategy, hackers find a new way in. They can also attack from anywhere in the world and at any time. As a result, incident response specialists play an important role in keeping the enterprise secure.
Which skills do you need?
Incident response analysts need a professional background or training in IT or networking. They’ll also need to know how to work their way around tools of the trade such as system monitoring tools and backup tools. They’ll also need to have an understanding of how to work with different environments (e.g. on-premises, cloud) and different operating systems (e.g. Windows, Linux).
Penetration testers “ethically hack” their company’s network. They spend their day thinking like a cyber criminal, so they can spot vulnerabilities in their system before cyber criminals exploit them.
As IT environments become more complex, and companies move towards distributed workforce environments, penetration testers play an important role in taking an eagle eye view of the company and spotting any issues.
You need a background in computer networks to become a penetration tester. Employers also expect you to have extensive knowledge of vulnerabilities so that you don’t rely too heavily on automated tools. Penetration testers also need a thorough understanding of different operating systems and networking protocols and experience with testing suites like Nessus, Metasploit, and Burp Suite.
DevSecOps combines three disciplines – software development, information security, and IT operations – into one discipline so that products are securely developed and quickly deployed. DevSecOps Engineers ensure that the latest best practices in security are applied as early as possible in the product development stage.
DevSecOps Engineers are important, because software development is costly and cyber breaches are even more costly. To reduce expenses from the former, companies need developers who understand how to work with the operations team to get products rolling so they start generating revenue faster. To reduce cost from the latter, they need developers who can practice secure coding, risk management, and vulnerability assessments.
DevSecOps Engineers have an extensive set of skills and knowledge. They usually have a degree in Computer Science or a related field, and they have experience working on-premises, in the cloud, and in hybrid environments. They understand the DevSecOps methodology, security controls, and frameworks and they’re excellent communicators who can work with other teams. Candidates have experience with deployment automation tools such as Ansible and Helm and monitoring tools such as Elastic Stack and Prometheus.
Information security analysts execute on a company’s security strategy. They work with other members of the cyber team, such as penetration testers, to identify vulnerabilities and protect them. They also develop best practices and recommendations for the company’s IT infrastructure. If there is a security breach, security analysts are the go to team member for identifying the breach, gauging the “blast radius”, and taking steps to kick out the attackers and mitigate the damage.
The role of security analysts is important in today’s distributed IT environments. The rapid shift to remote working means that there are more opportunities for employees to take shortcuts, leaving the company vulnerable to potential cyberthreats.
You’ll need a background in IT and networking as well as familiarity with popular public clouds like AWS, Azure, and Google Cloud. Potential security analysts are also familiar with security standards and frameworks such as NIST, ISO 27001, and COBIT. If you’re lacking in experience, you may want to consider earning a cybersecurity certificate. You’ll also need non-cybersecurity related hard skills like report writing as well as soft skills like collaboration and problem solving.
Digital forensics specialists investigate the aftermath of a cyber attack. Digital forensics specialists spend time meticulously identifying and recording digital evidence and preparing reports for the company.
While most companies would prefer to prevent cyber attacks, understanding the cause and reasons for a cyber attack after the fact helps companies gauge the damage, understand what went wrong, and put steps in place to prevent future attacks.
Digital forensics specialists usually have a background in information technology or computer science, familiarity with scripting and programming languages, and an ability to clearly communicate findings to a non-technical audience. They’re also well versed in digital forensics methodologies and understand how to use popular digital forensics tools such as Cellebrite and Encase.