Career options in Cybersecurity
Cybersecurity product development
- Involved in developing cybersecurity tools/software, tools could be appliance based or software based
- Works generally with product companies and within product engineering team?
- Requires skills like Software development background, design thinking, product engineering, application/solution architecture, etc. If the tools are appliance based, skills like designing, hardware interfaces, computer engineering, electronics, etc. could be very useful.
- Holds titles like software developer/programmer/software engineer, solution architect, software architect, product lead, product manager, project manager, etc.
- E.g. of cybersecurity Product companies: Arcsight, Qradar, Securonix, Sailpoint, ForcePoint, FireEye, Cicso, RSA, Symantec, Imperva, Anomali, Attiva, etc.
- Involved in operations of Cybersecurity within the organization
- Works within the Cybersecurity Operations Center (SOC/GSOC/Cyber Defense Center/…), Incident management and response team, Detection, Analysis of threats/events, conducting technical risk assessment (Vulnerability assessment, penetration testing, source code testing, Baseline security checks, hardening, etc.), patching, configuring and onboarding devices to security tools (like SIEM, DLP, etc.)
- Requires skills and knowledge of product/tools/technology and their configuration, network security, application security, threat analysis, trend/behavior analysis, etc.
- Hold titles like Security Analyst, Pen tester, Security Lead, Network Security Engineer, SOC Manager, Security Operations Manager, etc.
Cybersecurity Governance, Risk and Compliance (GRC)
- Involved in setting policies, standards, procedures, processes for cybersecurity and related domains within the organization.
- Works within the Information Security, Cybersecurity department of the organization or within any consulting organizations.?
- Requires knowledge of defining and implementing policies, processes, standards, several industry best practices, standards and framework like ISOs, COBIT, etc., regulatory requirements, skills in risk assessment and analysis, compliance monitoring, etc.
- Holds titles like Consultant/Sr. Consultant, Information Security Manager, GRC Manager, IT Risk Analyst, IT Risk Manager, IT Compliance Analyst, IT Compliance manager, etc.
Cybersecurity Technologists (Product specialists / SME)
- Generally works within the consulting , System Integrator or product organization. Can work in Cybersecurity Governance or Operations department of organizations as well.
- Works as Subject Matter Expert on cybersecurity technology/product. With consulting/SI or Product organization, works as domain expert and works closely with the delivery team and/or presales team. With end user organization, works to map the user requirements to the product/tools, acts as bridge between business and technical team to translate the requirements.
- Requires indepth knowledge of the technology/tool/product, market trends, product evaluation, etc.
- Holds titles like Domain Architect, Consultant/Sr. Consultant, Subject Matter Expert, Security Engineer, etc.
- Works within the consulting organization, System Integrator or product companies.?
- Works very closely with Sales and Product specialists/ SMEs.
- Requires indepth knowledge of the cybersecurity product/tool, mapping of business requirements, proposal making and responding to RFPs (Request For Proposal), conducting demonstration/presentations, documentation, market trends, etc.
- Holds titles like Consultant/Sr. Consultant, Presales Engineer, SME, etc.
- Works within the consulting organization, System Integrator or product companies.?
- Works closely with presales and delivery teams
- Requires knowhow of the product/services, sector/vertical/industry knowledge, sales skills, negotiations, presentation, documentation skills
- Holds titles like Sales engineer, Sales Executive, Sales Manager, Account Executive, Account Manager, etc.