Exploring Cyber Security Career Paths

Aug 20, 2024

Review flashcards

Cyber Security Career Paths

Introduction to Cyber Security

  • Cyber security is trending due to increasing cyber attacks.
  • Diverse fields within cyber security require different skill sets and knowledge.
  • Important to focus on job responsibilities rather than job titles.

Cyber Security Niches or Paths

  • As curated by Henry John, there are 11 main domains in cyber security.

1. Physical Security

  • Involves securing IoT devices (e.g., smart appliances, industrial equipment).
  • Roles include IoT security specialists, focusing on protecting physical assets.
  • Specialization can lead to embedded software security or industrial control systems (ICS) security.

2. Security Architecture/Engineering

  • Involves designing secure environments using various technologies.
  • Sub-domains include:
    • Cloud Security: Protecting data stored off-premise (AWS, Azure, Google).
    • Networking: Essential for understanding how the internet works; Cisco is a major player.
    • Cryptography: Focuses on securing data through encryption and understanding vulnerabilities.

3. Data Protection and Forensics

  • Data Protection: Focus on data loss prevention and ensuring secure data handling.
  • Forensics: Involves recovering data and investigating breaches.

4. Virtualization and Containerization

  • Technologies like Kubernetes and Docker enable resource allocation and security.
  • Important for creating isolated testing environments.

5. Access Control and Identity Management

  • Managing access to resources using tools like MFA and single sign-on.
  • Important for securing networks and protecting sensitive information.

6. Security Tools Specialization

  • Requires knowledge of various security tools (e.g., EDR, SIEM, WAF).
  • Tools require specialized engineers to maintain and secure them.

7. Teaching and Career Development

  • Involves educating others about cyber security principles and best practices.
  • Opportunities in universities, boot camps, and corporate training programs.

8. Frameworks and Governance

  • Creating and updating security frameworks (e.g., NIST, ISO).
  • Governance involves ensuring compliance with regulations and standards.

9. Enterprise Risk Management

  • Understanding business needs to protect assets cost-effectively.
  • Involves planning for audits and compliance with security requirements.

10. Application Security

  • Heavily coding-oriented path focusing on securing software development processes.
  • Requires understanding of software security life cycles and vulnerability management.

11. Threat Intelligence and User Education

  • Researching emerging threats and vulnerabilities.
  • Training employees on security awareness and best practices.

12. Risk Assessment and Security Operations

  • Red Teaming: Ethical hacking to find vulnerabilities.
  • Blue Teaming: Defensive roles focused on incident response and security operations.
  • Purple Teaming: Collaboration between red and blue teams to enhance security posture.

Getting Started in Cyber Security

  • Foundation knowledge in computers, networking, and operating systems is essential.
  • Learning paths can vary:
    • Self-study through platforms like TryHackMe or Hack The Box.
    • Formal education via college or boot camps.
    • Certifications tailored to specific paths.

Certification Roadmap

  • Certifications are the quickest route to securing a cyber security role.
  • Future content will cover specific certifications for each cyber path.

Conclusion

  • Cyber security offers a wide range of career paths and opportunities.
  • Specialization can lead to fulfilling and well-paying jobs in this dynamic field.