More and more hackers are using increasingly sophisticated systems to carry out cybercrimes. Precisely for this reason, companies have realized the need to have cybersecurity teams to protect themselves from these attacks.
In fact, there is so much demand for cybersecurity professionals that it has already outstripped supply. According to a recently published report, the difference between supply and demand is 4.07 million professionals, compared to 2.93 the previous year. In short, if you want to work in cybersecurity, there has never been a better time.
According to the golden triangle, there are three main groups when it comes to cybersecurity jobs: People (responsible for cybersecurity tasks), Processes (the methods followed to perform cybersecurity tasks), and Technology (the tools to perform cyber tasks).
Any role in cyber security will fall into one of those three areas of the golden triangle, even if there is some overlap between them. Put another way, there are specific cyber security roles that fit more into one of the three sides. At the same time, it is important to understand that this classification is not decisive: there are no roles that are exclusively in charge of people, processes or technology. Additionally, switching roles is common throughout a cybersecurity career. For example, you may start out in a highly technological role, working with forensic tools, but over time the experience gained will allow you to accept a leadership role.
With this in mind, we are going to list some of the jobs offered by a large company in charge of cyber security that can be extrapolated to the entire industry.
- Sales: sell cyber security products and services.
- Training: teach courses in cyber security.
- Strategy: formulate cyber security strategies.
- Compliance: ensure compliance with business and regulatory requirements.
- Audit: independently confirm compliance.
- Vulnerability scanning: Scan vulnerabilities in the information ecosystem and, once found, remedy it within established deadlines.
- Monitoring and Detection: Monitor the information ecosystem for issues that may end up causing security incidents.
- Incident Response: Once detected, respond to security incidents.
- Software Security: Ensuring the security of software by reviewing and testing the design and code.
- Hardware Security: Ensure hardware security by reviewing and testing the design and architecture.