With most businesses increasingly aware of the risk of cyber security incidents, it is little surprise that it is becoming commonplace for them to either hire dedicated cyber security staff, or work with agencies that provide these services. However, many people are still unaware of what these jobs actually entail. In this article, we’re going to look at some of the most popular jobs in this sector, what they involve, and the skills and experience you might need to get one.
All jobs in cyber security will relate in some way to preventing the following things from happening to a business or organisation, whether internally or externally, and whether directly or indirectly:
The above are defined by the UK’s National Cyber Security Centre, and you can read more about what cyber security incidents are and what they may mean for a business in our article on the subject here.
Below are some of the most typical types of jobs in cyber security. Note that there is frequently crossover in what these roles entail, and specific roles will vary from business to business.
Those involved in analysing and managing risk will be responsible for assessing different cyber security risks for a business. This will mean looking at what could potentially happen, how it might happen, and what this could mean. This information can then be used to prioritise how to deal with risks, and ultimately mitigate them.
When incidents do occur, it is the job of threat managers to deal with the incident on the front line. It is also their job to make sure that cyber security incidents don’t happen in the first place, by staying one step ahead of potentially malicious actors, and identifying weaknesses in the system. For this reason, threat management is one of the most demanding and exciting roles within cyber security.
Many organisations will have huge quantities of hardware that needs to be protected, such as desktops, laptops, phones and more. Security managers, often working with other IT support staff, will help to ensure these are all suitably protected by making sure networks are properly encrypted, software is up-to-date, and firewalls are setup correctly. Visit our Data Protection at Work course page to find out more about everyday cyber security considerations.
Software is essential to cyber security, which is why there is a huge industry surrounding the development of it. Think of everything from your own desktop antivirus software, to permissions management applications. One of the most popular routes people will take into the world of cyber security is through this, as the initially required skills are primarily in coding and software engineering. This allows people to cross over and broaden their skills.
Senior members of an organisation’s cyber security team will be responsible for setting out the strategies and policies that govern cyber security. They will decide what needs to be done and when, and who should be involved. This is a demanding role that generally comes with years of experience in managing threats, and is often just below, or incorporates the role of, the Chief Technical Officer.
The final role you might encounter is that of researchers. They won’t often work within a normal business, but rather they will be employed by cyber security firms to keep on top of the latest developments in the cyber world, whether these mean new ways to combat crime, or identifying potential weaknesses.
Cyber security job requirements can vary hugely, which means that those interested in this as a change of career can usually find a development route that shares commonalities with the skills they already have. Risk managers for instance don’t always need to be technically knowledgeable - they can come from a background in financial risk management. Elements of cyber security software can be developed by many people with non-specific coding skills. And security managers are often recruited as general IT professionals.
If cyber security is something you’d like to pursue straight out of school, then you should consider getting into the IT sector as soon as possible for the quickest route. This might mean some form of apprenticeship, or a degree in the subject.
In order to have the best chance of acquiring the job you really want, it is important to have sound cyber security knowledge, and the best way to learn and demonstrate this is to undertake an accredited course relevant to the aspect of cyber security that you are interested in. If you’re just starting out in the world of work, then this might compliment an IT degree, or if you’re changing career, it might showcase additional knowledge of the sector you’re about to work in. There are many available, and there are few set paths, so research is vital.