20 Coolest Cyber Security Careers

We've all been talking about The Skills Gap for some time now, but what does this mean, what effect does this have on global organizations, and is there anything we can we do about it?

According to the Cyber security Jobs Report, the demand to fill roles within the information security industry is expected to reach 3.5 million unfulfilled positions this year. Furthermore, unemployment in the industry is currently exceptionally low. Research in an annual global survey by the Enterprise Service Group (ESG) found that by 2021, 51% of IT decision-makers said they were struggling to fill open positions. This worrying statistic is exactly why the World Economic Forum (WEF) named cyber-attacks as the fourth most serious global concern, and data breaches the fifth, but also why those with an interest in, or currently employed in an IT role, should consider learning the skills to become a Cyber Security Professional.

We're counting down the 20 Coolest Careers in cybersecurity:

1: Threat Hunter

Featured top of the list for good reason, Threat Hunters are one of the most valuable jobs to the IT industry, with skills shown to improve the speed of threat detection and response more than two-fold, in comparison to teams without this dedicated resource. Enjoy job security by offering a 64% improvement in the detection of advanced threats, and a 63% reduction in investigation time according to the 2020 Threat Hunting Report.

Related SANS courses: SEC504 (GCIH Certification), FOR508 (GCFA Certification), ICS515 (GRID Certification), FOR572 (GNFA Certification), FOR578 (GCTI Certification), FOR610 (GREM Certification), and ICS612

2: Red Teamer

In this role you will be challenged to look at problems and situations from the perspective

of an adversary. The focus is on making the Blue Team better by testing and measuring the organization’s detection and response policies, procedures, and technologies. This role includes performing adversary emulation, a type of Red Team exercise where the Red Team emulates how an adversary operates, following the same tactics, techniques, and procedures (TTPs), with a specific objective like those of realistic threats or adversaries. It can also include creating custom implants and C2 frameworks to evade detection.

Related SANS courses: SEC560 (GPEN Certification), SEC565, SEC660 (GXPN Certification), SEC760 and SEC504 (GCIH Certification)

3: Digital Forensics Analyst

This expert applies digital forensic skills to a plethora of media that encompass an investigation. The practice of being a digital forensic examiner requires several skill sets, including evidence collection, computer, smartphone, cloud, and network forensics, and an investigative mindset. These experts analyze compromised systems or digital media involved in an investigation that can be used to determine what really happened. Digital media contain footprints that physical forensic data and the crime scene may not include.

Related SANS courses: FOR308, FOR498 (GBFA Certification), FOR500 (GCFE Certification), FOR508 (GCFA Certification), FOR509 (Course coming soon), FOR518, FOR572 (GNFA Certification), and FOR585 (GASF Certification)

4: Purple Teamer

In this recent job position, you have a keen understanding of both how cybersecurity defenses (“Blue Team”) work and how adversaries operate (“Red Team”). During your day-to-day activities, you will organize and automate emulation of adversary techniques, highlight possible new log sources and use cases that help increase the detection coverage of the SOC, and propose security controls to improve resilience against the techniques. You will also work to help coordinate effective communication between traditional defensive and offensive roles.

Related SANS courses: SEC599 (GDAT Certification) and SEC699

5: Malware Analyst

For those that like to fight the breach head on, a Malware Analyst will ensure the fast and effective response and containment to a cyber-attack.

Related SANS courses: FOR610 (GREM Certification), FOR518 and FOR585 (GASF Certification)

6: CISO/ISO or Director of Security

As a chief information security officer, you will be the balance between the IT department and the boardroom, with an equal understanding of both business and information security. Together with the ability to influence and negotiate, you will also have a thorough knowledge of global markets, policy, and legislation. With the ability to think creatively, the CISO will be a natural problem solver and will find ways to jump into the mind of a cyber criminal, discovering new threats and their solutions.

Related SANS courses: LDR512 (GSLC Certification), LDR514 (GSTRT Certification), LDR521, and LDR520

7: Blue Teamer – All Around Defender

This job, which may have varying titles depending on the organization, is often characterized by the breadth of tasks and knowledge required. The all-around defender and Blue Teamer is the person who may be a primary security contact for a small organization, and must deal with engineering and architecture, incident triage and response, security tool administration and more.

Related SANS courses: SEC530 (GDSA Certification), SEC450, SEC503 (GCIA Certification), SEC511 (GMON Certification, and SEC555 (GCDA Certification)

8: Security Architect

Design, implement, and tune an effective combination of network-centric and data-centric controls to balance prevention, detection, and response. Security architects and engineers are capable of looking at an enterprise defense holistically and building security at every layer. They can balance business and technical requirements along with various security policies and procedures to implement defensible security architectures.

Related SANS courses: SEC503 (GCIA Certification), SEC511 (GMON Certification), and SEC530 (GDSA Certification)

9: Incident Responder

When you're passionate about fighting cyber-crime, being an incident responder will bring a great deal of job satisfaction. Learn to discover the issue, mitigate the damages and investigate the situation from all angles.

Related SANS courses: All FOR classes plus SEC402, SEC504 (GCIH Certification), SEC508 (GCFA Certification), FOR509 (Course coming soon), FOR518, FOR572 (GCFA Certification), FOR578 (GCTI Certification), and FOR610 (GREM Certification)

10: Cyber Security Analyst/Engineer

As one of the highest-paid jobs in the field, the skills required to gain footing in this role are advanced. You must be highly competent in threat detection, threat analysis, and protection, broken authentication, cross-site scripting, and cross-site request forgery. This is a vital role in preserving the security and integrity of an organization’s data.

Related SANS courses: SEC401 (GSEC Certification), ICS410 (GICSP Certification), ICS456 (GCIP Certification), SEC501 (GCED Certification), SEC540 (GIAC Certification coming soon), SEC503 (GCIA Certification), SEC530 (GDSA Certification), SEC555 (GCDA Certification), SEC504 (GCIH Certification), SEC555 (GCDA Certification), and FOR509 (Course coming soon)

11: OSINT Investigator / Analyst

These resourceful professionals gather requirements from their customers and then, using open sources and mostly resources on the internet, collect data relevant to their investigation. They may research domains and IP addresses, businesses, people, issues, financial transactions, and other targets in their work. Their goals are to gather, analyze, and report their objective findings to their clients so that the clients might gain insight on a topic or issue prior to acting.

Related SANS courses: SEC487 (GOSI Certification), SEC537, and FOR578 (GCTI Certification)

12: Technical Director

This expert defines the technological strategies in conjunction with development teams, assesses risk, establishes standards and procedures to measure progress, and participates in the creation and development of a strong team.

Related SANS courses: LDR516, SEC566 (GCCC Certification), LDR551, and SEC557

13: Cloud Analyst

The cloud security analyst is responsible for cloud security and day-to-day operations. This role contributes to the design, integration, and testing of tools for security management, recommends configuration improvements, assesses the overall cloud security posture of the organization, and provides technical expertise for organizational decision-making.

Related SANS courses: SEC488 (GCLD Certification), SEC510, SEC545, SEC541, SEC401 (GSEC Certification), SEC588 (GCPN Certification), SEC557, and FOR509 (Course coming soon)

14: Intrusion Detection / (SOC) Analyst

Security Operations Center (SOC) analysts work alongside security engineers and SOC managers to implement prevention, detection, monitoring, and active response. Working closely with incident response teams, a SOC analyst will address security issues when detected, quickly and effectively. With an eye for detail and anomalies, these analysts see things most others miss.

Related SANS courses: SEC450, FOR508 (GCFA Certification), SEC511 (GMON Certification), SEC555 (GCDA Certification), SEC503 (GCIA Certification), FOR572 (GNFA Certification), and SEC504 (GCIH Certification)

15: Security Awareness Officer

Security Awareness Officers work alongside their security team to identify their organization’s top human risks and the behaviors that manage those risks. They are then responsible for developing and managing a continuous program to effectively train and communicate with the workforce to exhibit those secure behaviors. Highly mature programs not only impact workforce behavior but also create a strong security culture.

Related SANS courses: LDR433 (SSAP Certification), LDR521, and LDR512 (GSLC Certification)

16: Vulnerability Researcher & Exploit Developer

In this role, you will work to find 0-days (unknown vulnerabilities) in a wide range of applications and devices used by organizations and consumers. Find vulnerabilities before the adversaries!

Related SANS courses: SEC660 (GXPN Certification), and SEC760

17: Application Pen Tester

One of the most exciting roles within the cyber security industry, you will be responsible for the penetration testing (or ethical hacking), of applications, a significantly vulnerable point. The objective is to find security weaknesses before a cybercriminal does.

Related SANS courses: SEC542 (GWAPT Certification), SEC560 (GPEN Certification), and SEC588 (GCPN Certification)

18: ICS/OT Security Assessment Consultant

One foot in the exciting world of offensive operations and the other foot in the critical process control environments essential to life. Discover system vulnerabilities and work with asset owners and operators to mitigate discoveries and prevent exploitation from adversaries.

Related SANS courses: SEC560 GPEN Certification), ICS612, ICS515 (GRID Certification), ICS456 (GCIP Certification), and ICS410 (GICSP Certification)

19: DevSecOps Engineer

As a DevSecOps engineer, you develop automated security capabilities leveraging best of breed tools and processes to inject security into the DevOps pipeline. This includes leadership in key DevSecOps areas such as vulnerability management, monitoring and logging, security operations, security testing, and application security.

Related SANS courses: SEC522 (GWEB Certification), SEC540 (GCSA Certification), SEC510, and SEC584.

20: Media Exploitation Analyst

If investigating computer crime excites you, and you want to make a career of recovering file systems that have been hacked or damaged, then this may be the path for you. In this position, you will assist in the forensic examinations of computers and media from a variety of sources, in view of developing forensically sound evidence.

Related SANS courses:FOR500 (GCFE Certification), FOR508 (GCFA Certification), FOR572 (GNFA Certification), FOR585 (GASF Certification), FOR518, and FOR498 (GBFA Certification)

Conclusion

In our economy of increasing need for cyber security professionals, training in this profession puts you at an advantage in comparison to other industries. Safe in the knowledge that unemployment in this sector is so low, the investment of time and money to improve your cyber security skills is a wise move.

You can Level Up your skills with SANS, the global leader in cyber security training and certifications. Whether you're looking to give your career a boost, keep up to date with current cyber threats, or maybe you're joining the world of information security, SANS will offer you training and certification which you will be able to use in your career, the moment you complete the course.

To find out which course may suit your knowledge level, take the Level Up test which covers: Information Security Fundamentals, Pen-testing & Ethical Hacking, Cyber Defense, or Digital Forensics. When you've completed your test, Level Up will provide a list of suggested course options catered to your skillset. You can also use the SANS Roadmap to plan out the training path to your ideal goal.