Levels of InfoSec

shawnx715

I was thinking about this the other as I was looking at posting to get into the InfoSec world.

What are different levels of InfoSec roles? For instance, is SOC Analyst more entry level than Incident Response? Security Architect higher then Pen Testing? etc etc.

Just curious for what are some entry level roles I should look at when applying for InfoSec jobs.

aderon

I'd say that's an extremely difficult question to answer lol. For one, it's going to be extremely opinionated. Two, an architect at one company could be doing less technical work than a technician at another, so job titles are kind of meaningless in that way. And then there's also the fact that other than just levels, there's also different types of work: compliance, assurance, research, forensics, management, offensive, defensive, development, etc. They're all different and require different strengths and skills to be successful. So, I don't think you could really qualify one as being harder than the other in a lot of respects.


But, just for the hell of it, and at the risk of invoking forum wrath, I'm going to rank them in my own opinionated, ridiculous, inaccurate, incomplete, and completely biased fashion haha:

From least difficult, to most difficult
============================
Security Product Tech Support Tier 1
SOC Technician
Social Engineering
Compliance/Info Assurance
Security Analyst
Security Product Tech Support Tier 2
Penetration Testing (Automated Tools/Compliance crap)
Threat Hunting + Intel
Cloud Security
Network Security
Security Engineer
Solutions/Sales Engineer
Incident Response
AppSec
Security Product Tech Support Tier 3
Forensics
Penetration Testing (Manual)
Security Architect
Malware Analysis/Reversing
Exploit Dev
Cryptography


Regarding your question about entry level roles. From what it sounds like you're interested in, I'd say these would be worth shooting for. Keep in mind that these will likely require a tour of duty in non-security related IT fields first before someone will hire you:

Security Product Tech Support Tier 1
SOC Technician
Security Analyst

Also, most of those terms are pretty interchangeable. You can kind of mix and match and do whatever you want.

SOC Analyst
Technical Support Analyst
Security Technician

So just play around w/ the terms, since most places will name the same jobs differently. This post probably wasn't helpful at all haha, but the question is very difficult.

jibtech

Aderon is spot on with the variability of roles within security. Since there are no predesignated definitions, different companies use wildly different titles for the same role. Honestly, this can sometimes provide some insight into how much the company values information security.

Here in Virginia, the state positions can be even worse. There is a working title, which is separate from the role title. A quick search on the role title of "Information Technology Specialist II" yields positions as far ranging as:

Java Developer
Business Analyst
Information Security Engineer
Information Security Analyst
Jr Java Developer

All of that said, positions that are more entry level positions are sometimes named to make them stand out. If I were looking for more entry level jobs, I would key in on jobs with junior, entry, associate and sometimes analyst in the title.

The next major tier would be senior, engineer, lead, etc.

By no means exhaustive, and you will constantly see jobs that don't fit these categories, but that has been my general experience.

Hope it helps.

jibtech

Delete this. Post put into the wrong forum. I feel stupid.

Danielm7

aderon wrote: »

But, just for the hell of it, and at the risk of invoking forum wrath, I'm going to rank them in my own opinionated, ridiculous, inaccurate, incomplete, and completely biased fashion haha:

I love the disclaimer! But you're dead on. Titles and levels in security seem more goofy than any other IT specialty I've worked in. Just yesterday i met with Security Managers who don't have anyone to manage. In some companies an analyst is the lowest level, but then you'll see SANS courses taught be an analyst. Then enter the intelligence community and it seems like an analyst isn't entry level at all. Then step up to the engineer level, where most of the job ads don't mention any sort of engineering at all, but instead IR, some forensics and maybe pentesting. It really is all over the map.

Also, i seems like the salaries don't also scale with difficulty level. You might get someone who does forensics or even reverse engineering, but many compliance people get paid way more but on a technical skill level there is no comparison at all.

shawnx715

Thanks you all very much! All the info was very helpful!

@aderon it was exactly what i was looking for.

ITSec14

I look at the job description more than anything. Companies are always trying to water down titles/salaries, but beefing up the job requirements.

IronmanX

Look at the job description.
Job titles are not accurate.

Even job descriptions are not accurate.
I once got into a position and asked for a raise a couple of months in due to the position's job description and even the interview description of the job not matching what was actually being done.

beads

It depends on what your strengths are and are not. Your probably not going to start off working in cryptography without a Ph.D. in crypto so we can safely say that avenue is out.

Do you have a hardware, software or GRC background? Each of these skillsets will determine whether employers will look at you for a particular position or not? Problem with security and there are many, is that security itself touches everything to some regard. Making it tough for people to zero in on one specialty or another.

- b/eads