THE NICHES
I once wrote about the different pathways or niches in cybersecurity. I decided it was time to update it, so I am writing this new one.
You must have seen different roles or niche descriptions in cybersecurity by now. However, I will base these descriptions on their common goal.
THEIR DESCRIPTIONS
1. Deployment (in charge of building, maintaining, or deploying tools used)
2. Respond (in charge of monitoring and analyzing; better-called defence or blue team
3. Attack (in charge of testing and attacking; better-called offence or red team
4. Review (in charge of policies, rules, and guidelines)
DEPLOYMENT
These are cybersecurity professionals involved in planning, designing, and implementing the cybersecurity infrastructure of a company.
Examples are:
•Security Engineer
•Security Architect
•Solution Architect
•DevSecOps Engineer
•Cloud Security Engineer
RESPOND
These cybersecurity professionals spot new cyberattacks as they happen. They are the first line of defence between an organization and an active cyber threat by monitoring networks, analyzing data, and investigating anomalies.
Examples are:
• Security Analyst
• Incident Responder
• Digital Forensics Investigator
• Security Operations Center Analyst
ATTACK
These cybersecurity professionals or testers are responsible for finding gaps in the organization’s defences by trying to break into the system. These testers find vulnerabilities and ethically hack networks.
Examples are:
•Penetration Tester
•Threat Researchers
•Security Consultants
•Bug Bounty Hackers
•Red Team Operators
REVIEW
According to Mike Miller, Cyber Security is driven by compliance more than we accept. These cybersecurity professionals search for evidence to ensure the organization’s policies and procedures are followed.
Examples are:
•Risk Assessor
•Security Auditor
•Security Policy Analyst Security Compliance Analyst
•Governance Risk Compliance Analyst (GRC)