Cybersecurity is a sector that’s currently recruiting massively!
The cybersecurity budget of businesses worldwide is predicted to exceed 150 billion dollars in 2021—and it’s growing fast due to the upsurge in the number of cyberattacks.
But what are these jobs?
What do cybersecurity experts do? Are there different specializations?
There are indeed many different jobs in the cybersecurity sector. It’s a vast sector, and it would be difficult to be an expert in everything. If you want to take this career path, you’ll have some choices to make.
Overview
It’s hard to develop a diagram that represents how all companies work, as each one is organized differently according to its size, sector, culture, etc. Cybersecurity is still a new field, and there is no standardized organizational chart. Typically, the available jobs are based on your specific area of expertise within the cybersecurity field and experience. This is what you might find in a typical organization:
Job Roles
Let’s take a quick look at a few of the more popular jobs so you can see who does what. We’ll look at the roles of Chief Information Security Officer (CISO), information security managers, information security architects, information security engineers, IT security analysts, IT security auditors, risk management specialists, and penetration (pen) testers.
Chief Information Security Officer
This is typically an executive or senior-level position. A CISO is the person in charge of IT system security who manages the whole security department. It’s therefore an important role, as the CISO reports directly to the Chief Information Officer or even the Chief Executive of the company in some cases. They’re also often the first person to be fired in the case of a major security incident! 🙃
Information Security Management
This is a mid-level position that includes roles such as director, project manager, manager, and lead. This person develops or supervises one particular aspect of IT security within a company. It’s the most varied role, like most project manager roles. It may involve placing orders with IT services companies.
Information Security Architect
This role involves mapping the company’s security and designing technical security options.
Information Security Engineer
This is probably the most hands-on role. It involves implementing and encrypting application and network settings, among other tasks. It generally requires a vocational training diploma or a master’s degree or certificate.
Information Security Analyst
This role generally involves anticipating threats by monitoring technological developments. When an incident occurs, this is the person who analyzes the extent of the damage and looks for a way to fix the vulnerability.
Information Security Auditor
This role involves testing the company’s Information security system. Security auditors can work internally within a company or as an external provider. They carry out pen testing, which means simulating cyberattacks to check if the company is properly protected.
Risk Management Specialist
Finally, a risk management specialist is the link between the security and legal aspects. This is a new type of cross-sector job created due to the importance of policy and governance with respect to digital data.
Penetration Tester
Like the IS auditor, this role can be filled by someone internal to the company or by a third party. This person tests the vulnerability of the company’s digital data to ensure information security compliance.
