The new Digital Cybersecurity roles in 2021.
As the employment landscape changes and corporations work to become more efficient, many professionals find themselves in limbo between traditional roles and new opportunities. Digital Cybersecurity Roles may soon be a viable option for people who were once employed in Information Technology (IT) roles such as network engineers, system administrators, developers or security administrators.
The changing role of Digital Security Roles
In the past, IT professionals have been able to focus on one area of expertise and be employed for decades. Jobs have slowly become more specialized and employers have moved from a staff-to-contractor model where staff do all of the work, including after hours work simply because they did not want to recruit new people.
Employers often provide significant training and certifications for staff. This leads to a high rate of turnover (very expensive) and an already skilled employee looking for new challenges.
This has forced many IT professionals to look at other options in order to progress in their chosen career path. Network engineers and system administrators who worked closely with security technologies are likely to transition into security roles for this very reason.
For instance, a firewall or IDS/IPS engineer who is interested in the computer forensics field may find opportunities at their current employer opening up due to staff turnover. Digital Cybersecurity Roles are becoming more common within organizations and are the "bread and butter" of larger IT service providers.
What are the options?
People within IT and computer science related roles sometimes find themselves treading water or simply not growing due to market conditions and their own interests. The following is a list of Digital Cybersecurity Roles that may be an option for experienced professionals:
Digital Forensic Specialist
A digital forensic specialist works closely with law enforcement and legal counsel to produce evidence needed for prosecution. They are often required to collect, analyze and report on various forms of digital media such as computers, mobile phones or online applications used by criminals during investigations.
Digital Investigator
The role of a Digital Investigator is very similar to that of a forensic specialist but may also work in Information Technology departments to help with security audits, investigations and forensics.
Security Analyst
A Security Analyst role involves managing projects from start to finish, including the development of a risk management plan. They also define communication protocols, policies and procedures before an incident occurs as well as provide guidance during an event.
System/Network Administrator – Disaster Recovery
A System or Network Administrator with a strong focus on Disaster Recovery ensures that business continuity is maintained in the event of infrastructure failure. They also work closely with security and risk management teams to ensure systems are properly patched and configurations are secure.
Information Security Specialist
Security specialists help an organization achieve compliance by identifying risks, manage day-to-day operations and monitor the implementation of the plan. They are often responsible for building relationships with stakeholders and advising executive management on business decisions related to security.
Security Architect
A Security Architect is responsible for designing and maintaining a secure network infrastructure in coordination with other IT teams such as development and system/network administration. The role also involves performing risk analysis, threat modeling, system engineering and security control selection.
Threat/Vulnerability Analyst
Threat or vulnerability analysts examine networks to assess the risk of a hacker attack. They work with penetration testers to identify vulnerabilities in systems that could be exploited by an outside source. They also provide guidance on patch management and system hardening to reduce risk exposure.
As organisations have collected more sensitive information online they have come to rely on IT professionals with skills in Digital Forensics & Investigations. This is the field where experts are required to investigate cybercrimes, eDiscovery and digital forensics which has created a need for new kinds of people with different skill sets."
The following are some of the core skills that digital forensics and investigations professionals need to know:
Computer Forensics Skills
Log Analysis
Web Page Tools
Examining Email Threats
Network Protocols and Encryption
Mobile Device Forensics - iOS devices, Android devices and Windows Phones.
Corporate Governance in IT
Business IT Strategy
IT Security Policy & Governance
Data Privacy Compliance
Intellectual Property Enforcement
Computer Science Skills
Journey to Digital Forensics Specialist
Programming Languages for Digital Forensics or Penetration Testing are also very useful depending on the specific role. These languages include Ruby, Python, PERL, C++ and Java which are used in Server or Database Administration.
"It is not unusual for Digital Forensics and Investigations professionals to have gained their skills through a combination of relevant work experience in IT and formal qualifications."
Professional Certifications in Digital Forensics and Investigations: "The following professional certifications are recognized globally as being highly regarded within the field of digital forensics and investigations:
1. Certified Information Systems Security Professional (CISSP)
2. EnCase Certified Examiner (EnCE)
3. GIAC Cyber Forensics Professional (GCFP)
4. International Council of E-Commerce Consultants (EC-Council) Computer Hacking Forensic Investigator (CHFI)
5. (ISC)2 Certified Information Systems Security Professional (CISSP-ISSAP)"
"Professional bodies also offer certifications in areas related to digital forensics and investigations including the following:
1. Association of Certified Fraud Examiners ACFE - Certified Fraud Examiner
2. Institute of Management Accountants IMA - Certified Management Accountant (CMA)
3. American College of Forensic Examiners ACFE - Certified Fraud Examiner"
"When looking to gain employment as a Digital Forensics and Investigations professional, it is essential that you have strong experience within the following areas: "
1. Operating Systems such as Windows, Unix, Linux and Mac OS X.
2. Networking such as Cisco, Microsoft, Unix/Linux and Windows Server Administration.
3. Encryption & Security Protocols such as SSL, PGP, VPN and SSH.
4. Application Development Tools such as Perl, Python and Ruby on Rails." "
Digital Forensics and Investigations professionals need a good understanding of programming languages such as C, C++, .NET and Java."
"In addition to the formal qualifications required for this role, people within the field also advise that professional certifications are highly valued by employers. In order to keep up with changes in technology it is advised that you research which changes are expected in the future to ensure you remain a valuable asset to your employer."
"This is a growing area of IT and one where there will always be a demand for skilled workers. Digital Forensics and Investigations professionals can expect excellent pay rates along with access to training events provided by industry leaders."
Information Systems Security - "Information Systems Security professionals protect information and IT systems from unauthorized access, use or modification." "They help organizations ensure their mission-critical operations continue uninterrupted by preventing system compromises. This team works to assess risks, identify vulnerabilities and develop mitigating controls to secure a company's computers and networks."
"As technology continues to change at an ever increasing pace so too does the field of Information Security with new technologies being born each day. It is important for professionals within this area to stay up-to-date on current cybersecurity trends in order to ensure their organizations are fully protected."
"So how can you become an information security professional? "
"Many people in this field have gained their skills through experience working in related roles such as computer, network or database administrators. Skills can be gained through experience or by taking formal qualifications."
"There are also many online training courses specific to the field which you may find beneficial if gaining personal experience is not possible."
The following professional certifications are recognized globally as being highly regarded within the Information Security and Investigations professions.
1. Certified Information Systems Security Professional (CISSP)
2. EnCase Certified Examiner (EnCE)
3. GIAC Cyber Forensics Professional (GCFP)
4. International Council of E-Commerce Consultants (EC-Council) Computer Hacking Forensic Investigator (CHFI)
5. Licensed Penetration Tester (LPT)
6. Certified Information Security Manager (CISM)
7. Certified Ethical Hacker (CEH)"
Computer Forensics - "Computer forensics is the process of identifying, extracting, and authenticating digital evidence to be used in court by law enforcement agencies."
"It is important to remember that any evidence which you uncover during the investigation must be able to stand up in court. As such, it is vital for professionals within this field to know how to behave lawfully and ethically at all times."
"Professionals working within this area are usually asked by either law enforcement agencies or private companies to investigate and determine whether a crime has been committed through the use of computers or data storage devices."
"Attention to detail is essential in this role as there may be tiny pieces of evidence which could provide vital information. It is also important for professionals within this field to be able to communicate well with others such as law enforcement officers."
"To become a computer forensics professional, it is advised to gain experience within the field with formal qualifications offered in most countries."
"The following are all respected certifications held by professionals working in this area:"
1. EnCE - EnCase Certified Examiner
2. LPT - Licensed Penetration Tester
3. GCFA - GIAC Certified Forensic Analyst
4. CFCE - Certified Forensic Computer Examiner"
Security Operations Center (SOC) - "A Security Operations Center or SOC is a specialized facility that supports the monitoring and detection of security events, provides analysis support and recommends appropriate responses to cyber-security incidents."
"A SOC is focused on detecting, assessing and responding to security breaches or attempted breaches of computer networks."
"It can be set up by both private companies and government agencies looking to protect their information. Those working within this field may have a number of different roles including monitoring logs, managing alerts or creating reports about potential threats." "To become a member of this field, it is usually necessary to have experience working in another related discipline such as computer forensics or penetration testing."
"The following are all respected certifications held by professionals working within this area:"
1. GCIH - GIAC Certified Incident Handler
2. GCFE - GIAC Certified Forensic Examiner"