Job Roles in Cybersecurity

Different types of cyberattacks and data breaches are brought on by the expanding online infrastructure and data flows. Cybersecurity helps us secure our valuable data. As a result, there will be an increased need of cybersecurity professionals. For instance, according to this data by Cybersecurity Ventures, the number of cybersecurity vacancies between 2013 and 2021 grew by 350 percent.

So, the question is: What potential career paths are available in cybersecurity?

If you are thinking about working in cybersecurity but are unsure of all the possibilities, here’s some guidance. In a previous post I introduced the job profile Ethical Hacker. Within this blog post I introduce other possible roles.

The European Union’s Agency for Cybersecurity has recently released a document called European Cybersecurity Skills Framework (ECSF). It is the first of its sort and aims to create a common understanding of the relevant roles, competencies, skills and knowledge in cybersecurity. It summarizes all cybersecurity-related roles into 12 job profiles.

To make it easier for you to navigate these job profiles, I break them into three categories: organizational, technological and mixed roles. This should make it clearer to you what kinds of skills are a prerequisite for the position as well as the kinds of responsibilities it entails. Depending on your background and interests, you should thus be better equipped to choose your career path and additional investments (such as training and continuing education).

Organizational RolesTech RolesMixed Roles
(Chief) Information Security OfficerCybersecurity ArchitectCyber Incident Responder
Cyber Legal, Policy and Compliance OfficerCybersecurity ImplementerCyber Threat Intelligence Specialist
Cybersecurity AuditorDigital Forensics InvestigatorCybersecurity Researcher
Cybersecurity Educator (Awareness Specialist)Penetration Tester (Ethical Hacker)
Cybersecurity Risk-Manager
Job Roles in Cybersecurity according to the ECSF (my categorization)

Organizational Roles include strategic planning, documentation and policy implementation. They uphold regulatory requirements and are focused on the organization and the human factor.

Tech Roles are concerned with the technological aspects of cybersecurity threats and attacks, their defense and mitigation. They have a detailed knowledge of the systems, networks, software and relevant tools.

Mixed Roles require an understanding of cybersecurity-relevant techniques as well as their organizational implications.

Here you can find the 26-page long document and read the detailed description of the 12 roles. As these job roles are not standardized, the document provides also alternative terms that are being used by recruiters and organizations. For instance, tech roles often contain the term “analyst” in job announcements. Feel free to check them out.

Photo: MS.

Leave a Reply

Your email address will not be published. Required fields are marked *