Job roles in IT security

I'm researching about different career paths in IT security and wanted to know from people that are already in the field what types of job roles do some of you currently have in the field?

Find more posts tagged with

Comments

emerald_octane

hmm. you can do pen test, application sec, policy and planning, network sec, PKI , lots of different ways.

LarryDaMan

Google is your friend for this question, but there are many many different types of security roles and then even more specializations/quirks/deviations within those.

I'm currently doing FISMA compliance assessments/audits. So I go through NIST 800-53 controls and tell people what they need to fix and then we argue (negotiate) about how long it should take to fix, then I compile an extensive report/assessment, and then the CIO decides if the information system should be allowed to operate (or continue to operate).

the_Grinch

I'm in auditing and regulation. It's actually a fairly interesting position because you still need the technical background (my agency is just realizing this), but get to learn knew skills as well (since I'm a regulator I get to shape the regulations). Lots of avenues you can go in security, just a matter of your background. Seems like you are geared up towards networking so a ton you can do in that realm. Always remember though, a strong foundation is needed before moving into security. If you can't set the device up, no way you can secure it.

JDMurray

Right now I'm doing network defensive security. You try to get into my network and I try to detect and stop you. The entire Internet is a Red Team to me; some of my internals users seem to be on that same Red Team too.

samurai86

That is a good one JD I feel the same way. I deal with auditing our network security and reviewing changes. I also play a big role in security awareness for our users. I manage our physical access for our data rooms.

But my main role and my favorite role is investigations, incident response, and forensics (these 3 things go hand in hand very often).

LionelTeo

I am working in a newly startup Global SOC at the moment.

paul78

@JD - all you blue team guys are so paranoid -

@OP - the roles in information security is quite diverse. A good place to see what the various areas are is to review the domains that are listed on the ISC2 web site - https://www.isc2.org/cissp-domains/default.aspx - My own role is in management - so it's more about oversight of risk, privacy, and infosec programs.

colemic

I deal with Ironport and firewalls. Good at the former, work in progress on the latter... I can't change a password on the device without having to go through a CCB so it's difficult to learn in real-time. A decent job, but I am really hoping to eventually leverage my MSISA, certs, and potentially even higher degree into more analysis/management than technical.

JDMurray

colemic wrote: »

I can't change a password on the device without having to go through a CCB so it's difficult to learn in real-time.

Just do lots and lots of 'show' commands.

YFZblu

I work in a SOC - We perform network security monitoring, and incident response on:

-Malware
-Recon / exploitation attempts on the network
-Look for exfil of sensitive data / signs of compromise
-Policy violations
-We also manage a CIRT mailbox which provides work to the SOC in the form of User emails - typical tickets have to do with a spam email someone received, social engineering, or any security-related event our Users think should be looked at.

101010

The below site has "Top 20" listing of job roles in INFOSEC, along with a small description of what the role entails.

Careers in cybersecurity | Cyber Aces | Free online cybersecurity courses

JDMurray

Ha! My original career track is on the bottom of that list.

Also, the tagline for my current career track, "Security Analyst," is completely wrong and doesn't match the given description.

Gorby

Thanks 101010! This would help give somebody just starting out a basic understanding of the different roles in the field.

SephStorm

I don't think i've seen this, but my new job is a mix of one or 2 of those.

flt0nujr

I think this is an awesome list of various IT Security Roles within the industry. I was having a tough time trying to decide between continuing down the road as a Network Engineer / Service Provider or get back to my roots of VPN, Firewall, IPS and stick with Network Security/Intrusion Analyst.

JDMurray

How fun a Network Security/Intrusion Analyst role depends on the size and complexity of the network and what kind of traffic you are analyzing. Bigger, more complex network are more interesting to me. It can be a crappy job if you aren't given the budget for the tools you need to do the security analysis in a timely and efficient manor. The it's just a manual drudge mucking through the logs every day. It really depends on the network environment and how large a piece of it you are allowed to work on.

GoodBishop

I work as a GRC manager, doing everything from auditing to risk assessments to privacy. It's good times.

And I started out in help desk.