As the security threat landscape evolves, so do the roles that security professionals play. Chief security officers (CSOs) and chief information security officers (CISOs) are seeing the scope of their responsibilities expand. Other professionals, such as security analysts and engineers, are finding they need to know more about working with other groups within their organizations. Newer roles such as malware analyst and incident responder are emerging to better combat threats.
The effectiveness of any security-focused job depends on clear definitions of roles and strong communication up and down the line as to the tasks and responsibilities for which each player is responsible. Job hunters will also want to see a well-defined job description. Crafting a good cyber security job description is a big challenge, because each company has different needs and has its own expectations for each role on the security team.
Cyber security job descriptions
Having a common baseline for cyber security jobs provides a good starting point for companies as they assign duties and responsibilities. It also helps anyone looking for a job in security to identify the roles for which they are best suited.
The articles below are intended to help management build job descriptions for key cyber security jobs and also provide information on salaries and certifications typically required for each role. They also discuss requirements that are specific to certain industries such as healthcare and finance.
The chief information security officer has a big, mission critical job. Make sure you spell out the CISO's duties and expectations for the role.
A thorough, clear job description will ensure that security analysts stay on the same page with management expectations.
A good information security architect straddles the business and technical worlds. Writing a solid, clear job description ensures that both sides understand the role.
The IT security engineer is on the front line of protecting a company's assets from threats. The job requires strong technical, organizational and communication skills.
How to get a job in cyber security
What cyber security jobs are available and what training do you need? We interviewed top practitioners in a range of security roles to provide a first-hand narrative of the path they took and the skills and experience that a particular security role requires.
A CISO typically has a technical information security or IT risk background, but the path that leads to the role can vary greatly. Here’s how one CISO landed his first job in the position.
The proliferation of ransomware and other attacks has increased demand for experts who can analyze how the software works and devise a response.
While the path to security architect varies, anyone considering the role should have a passion for IT infrastructure and protecting data.
The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set now.
The move to security consultant can be rewarding and challenging (in a good way), but be prepared to market and sell yourself and your services.
A wide range of technical skills and curiosity about the mechanics and goals of an attack are key for effective incidence response.
Developers with a security focus will be in strong demand, especially for financial, cloud and internet of things applications.
There are many more openings for security systems administrators than qualified applicants. That creates opportunities for IT professionals willing to get the training and certification.
This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his sights are set now.
Data security strategist is a fast-growing career, and one that will get even hotter as data from AI and IoT initiatives pours into enterprises.
How to build a cyber security career
What does it mean to be a security professional? CSO's Steve Ragan and Fahmida Rashid break down what it takes to get ahead in the field.
More on cyber security jobs
- How to jumpstart your infosec career
- Which non-technical skills are most important to a career in security?
- 4 tips to keep your career relevant
- Top 5 reasons to quit your cyber security job
- Security recruiter directory
- Essential certifications for smart security pros