Information Security Career attracts professionals who are looking for lucrative jobs. Cyber security threats and internal breaches are always on the rise, and organizations across the world are looking for qualified and talented professionals who can join them, and protect their information and systems from external and internal breaches.
A recent report issued by industry leaders shows that job postings across the field have grown 74 percent between 2007 and 2016, twice the rate of all other IT jobs. The growth rate of jobs in information security analysis is at the rate of 37% as of now.
Where to start, how to move to Information Security career?
Passion towards what you do is the secret of success, which applies to Information Security career also. Once you realize that working in this field is what you are looking forward, you have to ensure certain preliminary preparedness.
Make sure that the basics are learned, and those fundamentals are at your fingertips. It may be related to networking field, or other IT systems, and technologies.
Although engineering graduates mostly occupy information security field, there is no such limitation, as somebody who is passionate, and eager to learn always has the chance to be successful, if they and ready to put in the extra effort.
In general, the field is for somebody with a positive attitude, aptitude to learn, passionate to innovate, and ambition to succeed.
Information security may be part of IT, Risk, Compliance or it may be a standalone department, where the Head of Department (Chief Information Security Officer) reports to the CEO or Board of Directors.
It could be a combination of IT Security & Information Security at different levels. However, information security function has matured greatly over the past 20 years or so, creating a situation for growing demand for both risk-based and IT-focused roles.
Whether in IT, Risk or not, there are ample opportunities to build a profession in information security – as long as one advances the current skill set to relevant requirements in different areas.
Even though one starts with a particular subdomain in the Information Security field; learning, growing and developing themselves could lead to moving into a specialist or leadership role.
Different Job roles in Information Security domain:
Let us find out details of the ten key roles that have a huge demand in information security.
#1: Chief Information Security Officer (CISO) or Information Security Director
A Chief Information Security Officer (CISO) is a C-level management executive, whose primary task is to oversee the organization’s Information Security strategy and program. He is the prime accountable person to ensure end-to-end security for the company information and systems. Strong background in technology, risk, and a business acumen are key requirements to become a successful CISO.
People management and communications skills are critical for engaging business and technical teams in implementing the security program effectively. Although CISO’s placement in the organization still being contemplated, the significance of the role is ever increasing nowadays! A CISO Reporting to CEO or Board of Directors is the ideal organizational structure, that can empower a CISO to be a successful leader in the organization. Youngsters who are aspiring to be a C-Suite Executive; this is a role you could be dreaming and targeting
#2: Information Security Architect
This role is a senior-level position that is responsible for building and maintaining the computer and network security infrastructure for an organization. Based on company requirements, the role has to build the security architecture design and at the same time protect the services and information from security threats. The person must be knowledgeable in various technical domains, including networking, and also standards like IOS 27001, ITIL, COBIT, TOGAF, Operating systems and other security controls. In a certain organization, this role may be at a hands-on level, who involved in designing and implementing the secure networks and systems. The seniority levels may be different from organization to organization
#3: Information Security Manager
Information Security Manager is a mid-level role that manages and implement the organizational Information Security policy. Leadership and communication skills are critical for this role, with appropriate technical knowledge and experience. This role must execute the security strategies formulated by CISO or InfoSec Directors.
They must lead the security awareness programs and implement technical controls and manage those with his team. In some organizations security managers even head the function and is in charge of the overall information security program development and implementation. Here again, the organizational types, size, and commitment to security define the role and its seniority.
#4: Security Engineer/Officer/Analyst/Specialists
This role is responsible for the IT Security solutions and software installation and management. In this capacity, security engineers configure firewalls, test new security solutions, and investigate intrusion incidents, among other duties.
This role must possess a strong technical background in networking, security products/solutions, application and encryption technologies, web related protocols, latest and existing security threats/attacks. The more tools/solutions they know, the better in helping out the organizations in managing the technical security spectrum and at the same time their career growth.
#5: Security consultants
Security Consultant is a role primarily part of a vendor or service provider, but sometimes the same may be on site for a longer period. This role must be knowledgeable in a wide range of security standards, security systems, and authentication mechanisms. The person must be quickly able to adapt and understand the new client environment and requirements. Soft skills must include communication with management and other team members.
#6: Incident Responder/Handler
Primarily responsible for addressing security incidents, with deep level expertise in troubleshooting, containment, and recovery from incidents.
The person must actively monitor networks and systems for intrusions, perform security testing and audits, conduct malware analysis and reverse engineering. Incident responders normally are members of a Computer Security Incident Response Team (CSIRT).
The role must be having strong technical background in relevant technological domains with a deep level knowledge and expertise in cyber security attacks, tools, hacking methods, resources for hacking and other security intelligence services.
# 7: Computer Forensics Experts:
Responsible for analyzing the security incidents, collecting, compiling, and deep level inspection of the evidence to come up with causes, conclusions about the events. The person must be able to carry out the security investigations on all kind of IT equipment including network devices, servers, mobile devices, and storage equipment.
They must also be well aware of the legal and regulatory requirements and frameworks so that the evidence and investigations are in alignment with the set policies, and procedures with relevant deliverables are as per the demands of the concerned agencies. Cryptography, forensics tools/solutions, e-discovery tools, and other related software expertise is a key success factor for efficiency in these areas.
#8: Malware Specialist
A Malware Specialist is responsible for helping an organization to proactively and reactively understand, analyze, research and investigate on Viruses, Trojans, and Malware.
This role closely works with forensics team and incident responders, and in some cases, these roles may be the same. The role assigned to the task of identifying and sterilizing from the malicious software that may have intruded into the organizational network.
Responsibilities include static and dynamic analysis of system and network traffic for malware code. It helps to detect and act on any malware in the network timely, and also for taking corrective measures to prevent future malware attacks/infection.
#9: Security Assessors/Assurance Officers
This role needs to perform security testing and compliance checks based on regulations and policies. Must know ethical hacking, networking, some level of programming and other security tools/solutions. Security Assessors must be conducting technical and procedural assessments of the organizational controls, to check whether they are efficient and adequate. Compliance assurance of External/internal policies, regulations, standards by conducting evaluation activities so that all the implemented controls are assessed based on tried and tested practices. Technical assessors and process assessors may be different roles, or in some cases, it may be one role in charge of both functions.
#10: Security Operators/Monitoring
Primary duty is to monitor security incidents, and alerts on a regular basis and those that need further analysis and actions addressed accordingly. Security operators shall escalate an incident or alerts to the next level of responders or other departments/teams.
In some cases, the escalation may be to external agencies in coordination with higher management. The security monitoring team or operators must be someone with basic security understanding and skills with a vigilant mindset in carrying out their tasks.
Finally, the latest evolving role is a Threat Intelligence Officer
#11: Threat Intelligence & Hunting Officer *** Hot Role
Threat Intelligence and Hunting is an area, that is getting more prominence these days, based on the evaluation of information security function, and the understanding of being more proactive to handle the challenges posed by cyber adversaries and criminals. Collecting the intelligence and threat information from various external and internal sources, that includes the security monitoring system, dark web and other hacker communities, latest attacks in the cyber world.
The professionals who work in this areas must be intelligent enough and technically capable to research, hunt, collect information and should be able to categorize the data based on the relevance and criticality to the organization. Targeted and non-targeted attacks need timely identification for deploying preventive controls. The role requires some exposures to hacking, and dark webs, with a good understanding of all latest attacks, and security technologies. Great attitude, vision, business accumen, understanding and experience in various security fields in the past, are a good base for further development.