what is a cyber security job everybody's talking about it cyber security cyber security cyber security cyber security and cyber attacks around the world it's the hot new trendy Tech thing is it still trending of course it is the Internet isn't going anywhere and the bad guys still want your money I just like a lot of you went to college for cyber security thinking I'm going to secure stuff but what stuff this stuff this too what about this there's so many different things that need securing you can't just learn how to secure it all we're all just trying to find a job that pays for our Hobbies we can't spend every waking moment of our life learning ain't nobody got time for this so if you want to save yourself from learning Purgatory then follow along you might just finally pick your cyber security Niche like right now today I'll provide the different cyber security paths or niches Down Below in the description so if you'd like to skip ahead to the something that you're more interested in feel free this is the beginning of the rest of your life so Choose Wisely uh let's get started so cyber security niches or paths can be broken down into these 11 domains conveniently created and curated by Henry John are you scared good you should be cyber security is scary and why these 11 well because it makes sense and as Henry himself states he only included the domains that were most prevalent and comprehensive for General cyber security practices so generally speaking these are the general paths that you can take into cyber security now it was going to cover job titles also known as job roles also known as those things that HR will randomly aim with no regard to the English language but nobody respects the English language not even native English speakers oh look a job for security engineer oh wait what's this tickets support phone calls hold up wait a minute don't get too stuck on job titles the titles are meaningless one company's security engineers and other companies help desk just focus on the type of work that you want to do and once you start applying for these jobs just pay attention to the actual job responsibilities in the job description now after we go over the cyber security paths I'll go over a certification roadmap to get you started on the right path of your choice with that being said let's dive into the first cyber security path physical security do you love the gym foreign that's nice I do too but that's not what this is this category covers all Internet of Things iot devices or what I like to call dumb devices your fridge your toaster your smart watch your car your Tesla might be listening to your conversations we are more dependent on iot devices than ever before and I don't think many people realize just how dependent we truly are street lights agriculture cities industrial plants warehouses all rely on iot devices what's an iot device well Loosely defined it's a physical device that is connected to the network and is capable of collecting sending and receiving data so who creates and secures these iot devices well an iot security specialist that could be you physical security also encompasses the always important and often overlooked need for safeguarding physical assets on a company premise now iot devices fits perfectly here because they can protect physical assets tools such as infrared alarms RFID badge readers and everything else can all help protect your stuff we need iot devices to protect our stuff we also need to make sure those iot devices don't open us up to some big gaping holes because all the fancy security tools in the world are no match for someone walking into your server room and plugging in a USB device into a server rack now this path can be branched off into one of two ways you can embrace all things coding and go into embedded software security or you can just know the gist of how to design and Implement security best practices to protect all the physical devices from intrusion and tampering and the second route is more designed than it is technical coding and even further into the weeds we have industrial Control Systems where you have to learn the in and outs of scada or whatever other system they use to Monitor and control and what are essentially many iot devices known as programmable logic controllers that are incredibly important and if hacked could cause catastrophic damage that could take out the entire grid and bring civilization down to a screaming home but we're just banking on all these iot devices being air gapped and not peaking too much interest on the Cyber black market so yeah you could become somewhat of an ICS security architect if you wanted to which brings us to security architecture also can be called security Engineers now this path is further broken down into many many many different Technologies just like you need many ingredients to create a delicious bowl of tonkatsu ramen cyber security needs many different tools combined to create a properly secured environment or if you like the traditional metaphor security is kind of like an onion they stink yes no oh they make you cry no layers you need many layers of defense and each of these many many different tools needs someone to specialize in them Cloud this is blowing up in our faces since having everything kept off-premise is bringing more risk to the company but man did they make it easier and substantially more affordable for businesses to ditch the old on-premise server setups oh [Music] Futures now old man storing critical data on servers you have no control over means that that place better have some good security Engineers configuring their servers and software to protect your data this can be you you can basically focus on any one of the big cloud Giants AWS Azure and of course Google and you'll be sure to find plenty of well-paying jobs networking this is an obvious path to take and it's not as hip and new as Cloud but without it we don't have the internet this space is largely dominated by Cisco but there are many up and coming new players in the fields making a solid name for themselves like Juniper fordnet and Palo Alto you need to know networking intimately [Music] and pretty much every cyberpath you're going to take this one just hyper focuses on the space and you become an expert in one or maybe more of the commonly found networking device Brands protocols and proprietary networking language you'll always have a job somewhere fixing closets like this oh my God I get it cryptography do you love math I don't I made the mistake of trying to minor in mathematics in my four-year degree but calc 4 knocked some sense into me but hey if you like staring at equations cryptography might be right up your alley as a cryptologist not only do you get to stare at equations all day but you get to try and break them cryptology is needed to keep data in motion and at rest secure think of the cyberpath as a cyber locksmith you know how to make the locks and you know how to break the locks what happens when someone is able to break the encrypted data and exfiltrate private trade secrets well you get our next cyber security path data protection this path is all about data loss prevention this is a step back from the full-fledged crypto analysis experts to the bigger picture of data security how does data come in and out of an environment and where could any possible data exfiltration occur forensics also known as data recovery the difference between data protection and data recovery being someone who knows how to keep data protected versus someone who knows how to dig up a lot of data in many different ways this could be in the form of osin social engineering and of course the always fun data recovery from broken hard drives phones computers you name it do you want to be the next cyber Sherlock Holmes both cyber forensics is for you another much needed Tech Tool that we use is virtualization which is often referred to as containerization think kubernetes Docker AWS and azure foreign degree had one class that was solely focused on virtualization and for good reason this Tech allows you to spin up a virtualized operating system that is fully enclosed and secured hopefully and these environments allow you to allocate however much resources you need to them as far as CPU and memory goes that you need so it's very scalable to have virtualization in place in your environment but this deck is complicated and securing it is even more complicated now despite encapsulation's unparalleled success in reducing sinusoidal depleneration through advanced Dingle arm technology it has failed to meet the unanticipated needs of the cyber security industry my senior Capstone project had me and a couple other guys develop and code a Honeypot that would get spun up via kubernetes from a student webpage that we also had to make that simulated traffic and pump that traffic into an elk stack that we also had to make so like any other good senior students we did nothing for the entire three quarters and grabbed a pre-made honey pot off of GitHub that looked impressive I still don't know how to use kubernetes it's hard and for that reason it's one of many virtualized platform forms that need Specialists Access Control this is the gatekeeper to access all the tools and all the things we have an identity access management team at my current job which consists of approving denying and setting up access to essentially anything on the network you want to log into your computer IAM you want to access that folder that security tool the break room IAM and this also branches off into MFA SSO multi-factor authentication single sign-ons Federated identity which is just accessing multiple sites with a single sign-on because people are lazy and can't remember more than one password what's my password if you like to Grant access or more satisfying deny it then study up on access management on both active directory on premise and of course active directory in the cloud because Cloud access management is the wave of the future maybe this means that IAM is morphing into Cloud security a couple special mentions in security architecture and engineering is secure system builds this can be Loosely defined as endpoint security you specialize in hardening endpoints but security tools like EDR which is endpoint detection and response and make sure that all the endpoints are designed with network segmentation in mind so in a way you influence how the topology map of a business or network is made and making sure that all these endpoints in the topology are deployed with solid secure by default configurations and baselines all of course while ensuring that updates are tested and applied to the endpoints without affecting day-to-day work you're the endpoint Shepard and all the endpoints are your sheet this further leads into the weeds of endpoint security you need to know operating systems like the back of your hand crowdstrike is an example of an endpoint security tool that requires security Architects to successfully deploy and maintain the people who make crowdstrike and all of its proprietary AI software are considered some type of security engineers in this mess of cyber security paths that we're in which also is a path that you could choose where there are security Architects that deploy tools there are security engineers and secure software Engineers that help make the tools now without getting too far into the weeds with all the different tools that exist edrs Sims firewalls IDs IPS wafs the list goes on and they all require security Engineers to help maintain and build them any one tool can potentially require someone whose sole purpose is knowing how to use the tool and implement it this could mean either working for a company that uses a tool or for the company that makes the tool your Tim the Cyber Tool Man Taylor Sorry I like analogies Career Development this is the path of the teacher and just like the saying goes it takes a special type of person to be a teacher they have to be certified mad I feel like the path of the teacher is pretty self-explanatory it's no different than any other spaces you just have to become knowledge and any one of the aforementioned niches and you can start teaching other people how you learned what you learned all these institutions that offer certifications offer some form of career development do you want to create a course that offers a sweet certificate at the end that hiring managers will drool over and hire someone instantly if they have it I sure do but I'm crazy like that there's also University College boot camps and heck even high school probably has some cyber security classes that you could become a teacher for and given how popular cyber security is getting so yes you too can become a cyber teacher if you like teaching Frameworks and standards not auditing actually this is being part of the team that actually creates the Frameworks themselves the rules some of the most popular Frameworks that regularly need updating and tuning and changing as the cyber world evolves and new threats emerge are nist ISO awas miter PCI DSS HIPAA and gdpr just to name a few of the major players so do you like making rules well here you go one of the worst things I've ever had to do in any of my jobs my current security analyst role and my last two help desk jobs was docu pigmentation we're heading the dreaded Sops so if you like endless documentation by all means this path can be for you naturally The Sibling to Frameworks is our next Niche governance do you like easy money and hate excitement oh boy it's your lucky day governance is arguably less boring while still retaining a good level of boring from the Frameworks path here we have people who make sure that companies and businesses are following the rules that they need to be following I don't think anyone loves being audited it's like a universal hatred why because businesses try to cut Corners wherever possible to retain the bottom line money so you might find that governance has its moments where interactions with businesses get a little spicy a little mucho caliente has failed so if you want a little Spice in your life after learning all about the Frameworks you can pivot your way into a governance role this path encompasses everything from internal auditor all the way to external auditor bottom line is you know all about the Cyber rules like the back of your hand Captain audit Enterprise risk management this is big business corporate that requires a specialized person who knows all the ins and outs of business think business continuity plans Disaster Recovery plans crisis management cyber Insurance audits that big businesses need no you don't perform the audit yourself but you will facilitate and initiate these audits this kind of encompasses a bit of governance but requires additional understanding of corporate environments and all of its intricacies for example a small business might need to be PCI DSS compliant but they probably don't need sock 1 and sock 2 audits the point of an Enterprise risk management specialist is to know how to ensure all the Assets in a company are accounted for and protected using the least amount of security necessary I picked up the phrase from a video I watched while studying for the CIA SSP sounds shady as hell but makes sense if you think about it a business shouldn't be spending more than absolutely necessary insecurity because any quote-unquote extra budget spent towards any cyber security tools cyber Insurance employees what have you that is not necessary is just wasted money and man do corporate Executives hate when they see wasted money application security this is very coding heavy very heavy so heavy in fact that it can be arguably considered a coding job more than a security job but it's considered cyber security as you don't always need to know how to code the entire software but just know enough to know how the bad guys are going to break it you need to secure stuff like apis source code CI CD which is continuous integration and continuous delivery a fancy term that just means that software is constantly updated and patched these updates can often bring new vulnerabilities into the software or the patch itself has vulnerabilities in it I think software security life cycles and data flow diagrams you are responsible for securing whatever code these software Engineers who think they're better than you because they know what a hash map is is secure and without gaping vulnerabilities threat intelligence this is kind of like becoming a cyber research specialist in my current job we have people whose primary role is threat intelligence or all of their day-to-day work there's tons of threat intelligence companies like FireEye crowdstrike kaspersy threat intelligence and so many more these are people that are doing the real fancy malware analysis you know that advanced malware analysis that I have yet to release a video on they specialize in keeping up with all of the apts and iocs apts are of course advanced persistent threats which are usually State actors which is again another fancy word for government and iocs as indicators of compromise which are just any artifact that can indicate that malware is in your environment this is important for obvious reasons if we don't have people looking for the new malware viruses fishing campaigns and social engineering tactics being used in a business then people cannot properly protect against them proactively can't just rely on AI yet Elon it's not ready user education I applied to a fishing awareness training specialist at Costco and I got ghosted much to my surprise because I thought my mad training skills resume would have piqued their interest this is somewhat what it sounds like businesses need people to facilitate employee educational programs on proper cyber security practices after all the weakest link in any business is always going to be people so naturally investing time and all your employees on the dangers of downloading that random font that they desperately need or click on that link that clearly bad Sharon is very much needed so this is a much less technical path to take but still requires a solid understanding of security principles and all the potential Avenues a bad guy might take to break into your company and steal the precious business data and sell it on the black market I saved the two most well-known cyber security paths for last risk assessment which is generally known as ethical hacking or red teaming and security operations or blue teaming red teaming is the most popular and probably the most sought after job in all of these cyber security paths due to how exciting and frankly over hyped it is penetration testing is what most people think red teaming is and it kind of pretty much sums up the role in a nutshell in this path you are an expert at breaking into things both virtually and physically like actual lock picking on premise through physical doors correct and testing the effectiveness of surveillance and alarms they also test how effective user education is by lying to their face or over the phone and glean whatever information they can to access secure data or secure office facilities or rooms or server rooms this path includes more than just the exciting on-premise penetration testing it also encompasses vulnerability scanning and risk assessment that don't involve attempting to break in using any means necessary the point of this path is to be able to locate and identify any vulnerability that can be exploited by a bad guy and make sure that it is properly fixed that when the real bad guys are knocking at the door The Blue Team sees it take action and stop them in their tracks which brings us to Blue teaming security operations this is the position I'm currently in as a security analyst working for the incident Response Team the most commonly known blue team job is the security operations center analyst usually split into sock level one two and three with level 1 consisting of the junior analysts that will escalate anything that they can't handle or may require additional senior remediation to Sock level two and three blue teaming goes beyond incident response though there's so much more to security operations that most beginners are unaware of there's usually security development and automation teams mixed in these teams ensure that the security tools that the incident Response Team use are functioning and provide access to everything that the IR team needs in order to complete their investigation and perform remediation so security development often referred to as SEC devops will install and maintain the security tools such as EDR Sim and WAFF tools and any other security tool that the environment may need and they're constantly patching and updating these tools automation is working with all the tools that the SEC devops team has put into place and they integrate them into playbooks and run books into a security orchestration Automation and response platform otherwise known as soar otherwise known as xor for the new versions and these soar platforms will be used to run scripts and automate and streamline investigations you want to network contain an endpoint the automation team will create a button that will run a script through the source platform that will then Network quarantine the device either through the soar platform itself if it supports that or through say crowdstrike as an integration since crowdstrike supports Network quarantining this allows the incident response team to be that much quicker with their response time and in IR the name of the game is time the faster that you can contain a breach the better your odds are at reducing the damages to the business or the company security operations is just like the name implies a large set of operations being performed by the security team to protect the company so this can overlap with many of the different previously mentioned cyberpaths threat Intel Gathering penetration testing forensics risk assessments heck even IAM can all be part of the in-house security team you'll also find that many of these cyberpaths do cross so while it's great to hyper focus on one particular path as you'll save time learning you can always pivot into a different path and become more of a hybrid role that knows how to do multiple jobs a perfect example of this is purple teaming which of course is the color you get when you mix red and blue as you might expect someone who works for a purple team is someone who knows how to print form both Blue Team and Red Team and acts as a middleman between the two teams ideally if there's enough communication and understanding between a blue team and a red team there shouldn't be a need for an additional man in the middle but if you ever worked in corporate you'll know that the bigger the business the more difficult it is to ensure that work gets done and gets done right so think of a purple team role as a sort of manager or supervisor that ensures that the people driving in their specific cyberpath Niche are doing their jobs correctly since they have a better broader understanding of the company needs since they know both sides of the coin all right so that's it for different cyber paths that you can do how do I get started if I know what cyber path that I want to get into well foundation Roots Basics whatever you want to call it is going to lay the groundwork for any path that you want to take this means a basic understanding of computers and networking user accounts programs operating systems processes IP configurations all that now this can be achieved through many different ways self-learning through help desk experience platforms like try hack me or hack the Box boot camps College University or certifications now I'm not going to be able to tell you which is best for you since everybody's situation is different some people are obsessed with computers and can self learn their way into a job no problem others can buckle down and study for certifications like no other and be able to actually understand the material not just memorize answers and others need a kick in the ass and need college to keep them on the learning path the fastest way to any job in the Cyber field is certification hands down what certifications can I do to get into each of these paths this is the last certification map that you'll ever need and if you want to see it please subscribe as I'll be covering it in this cyberpath series I hope this was helpful in clearing up some of the confusion on the umbrella term that is cyber security [Music]