The number of cybersecurity-related certifications and accreditations are almost infinite, providing much discussion and debate within the cybersecurity community. There's a need for clarity on options for career pathways for those wanting to enter the cybersecurity industry.
Of course, each role will require a particular skill set and level of experience. But, quite often, the bulk of that experience comes from learning and developing skills on the job and practicing the craft.
Roles and Requirements
Understanding what positions are available within cybersecurity can be difficult. To help, below is a list of common job roles within cyber, each requiring a different set of skills, combined with guidance for these disciplines.
Security Operations Center Analyst
The SOC Analyst position has evolved over the years, and some may view the role differently than others. Some see it as the same as a Threat Analyst, while others view it as a position that oversees security elements, including firewalls and Intrusion Detection/Prevention Services (IDPS).
For those interested in becoming a threat analyst, having an observant and logical eye for data analysis is vital, especially determining the actions that lead to an observable outcome. To succeed in this role, one needs initially to be familiar with networking and system administration tasks. Once employed as a threat analyst, all tools, tactics, and procedures (TTP) used by attackers will be explained and taught. This experience will be developed on an organization's common threat analysis tools; this will present certifications and accreditations that threat analysts may want to pursue to illustrate their knowledge and expertise. Each organization may have its own preferences for these accreditations.
Network Security Engineer
As a network security engineer, everyday responsibilities include system setup, monitoring and maintenance of all network-based security technologies, including firewalls, proxy servers, network intrusion detection and prevention devices, and Network Access Controls (NAC). Because a network manager has various security solutions at their control, it will be valuable for those wishing to apply for this position to obtain vendor certifications for the security tools they will likely have to command.
Cloud Security Engineer
Similarly, a network security engineer looks after the network, the cloud security engineer is responsible for all cloud environments. This involves implementation, configuration, monitoring and, most importantly, security. Cloud is its own pillar and requires a good understanding of how these environments operate and the common security threats that plague these environments. Many cloud providers offer cloud security engineers training and certifications, with cloud technologies and environments being heavily adopted technologies. Furthermore, the Cloud Security Alliance (CSA), and the International Information Systems Security Certification Consortium (ISC)² offer vendor-neutral cloud security certifications.
Penetration Tester/Ethical Hacker
For those interested in becoming an ethical hacker, you'll have an interest in breaking into and investigating network and system weaknesses, which will be highlighted to the broader security team. In doing so, you will be giving organizations the upper hand by identifying potential threats before cybercriminals do. A vital skill required is the ability to write compelling reports highlighting inherent system weaknesses and providing remediation recommendations. Many penetration tester/ethical hacker certifications, including CREST, are available to help assist with further learning; however, none are required for this role.
Digital Forensics and Incident Response Analyst
During a cyber-attack, it is common practice to have digital forensics and incident response (DFIR) analysts to examine the "crime scene." They are then tasked with locating and containing the threat while doing their utmost to recover and protect the organization's critical assets. In addition, forensics reports will need to be compiled and the findings prepared for legal proceedings.
A DFIR analyst requires a unique skill set that includes reverse engineering, deductive reasoning, network and systems expertise, and the ability to solve puzzles. They will be exposed to many tools and solutions when in the role. There are numerous certification programs to help improve computer investigation methodology, including Encase EnCE, SANS GCFE, and GCFA.
Governance, Risk and Compliance Analyst
A governance, risk, and compliance analyst will focus more on the industry's operational management, legality and regulatory aspects. They help maintain compliance with the many legal and regulatory frameworks as well as perform internal audits of processes and procedures.
To succeed, having a good understanding of all rules and regulations, both nationally and internationally, can help boost career opportunities. There are certifications that cover auditing and risk management, but the most renowned is the Information Security and Control Association (ISACA), the Certified Governance of Enterprise IT (CGEIT).
In summary, the cybersecurity industry is continuously expanding and adapting as the world becomes more digital. There is an abundance of opportunities, with many paths to follow and technologies to master. It is also important to realise that the certifications or the type of education you choose will not necessarily pre-determine your role in this industry. All you need is determination, drive and passion to continuously learn and the right mindset to achieve great things.