My shallow dive into the vast world of cybersecurity

There are a plethora of jobs and career pathways under the cybersecurity umbrella, and even more related to the subject. One of the jobs that I personally find interesting is the Penetration Tester. The Pen Testers for short, are hired by a company in order try to expose holes and exploit any security vulnerabilites in said companies systems. Essentially, they perform ethical hacking on a system in order to improve and fix possible problems. Part of the interest is the diversity in work, and the constantly changing landscape of the work done. The other piece of my interest in pen testing is that it just sounds fun, which is something a lot of people don’t take into account when researching jobs, and finding careers.

However, it is uncommon for pen testers to be hired straight out of school as of now- though the process of job hiring and training could change within the next few years of so-. Currently, skills and experience far outweighs schooling and education specifically for pen testing, although many of the prerequisite positions to pen testing encourage education along with experience. At least 2 to 4 years are expected to be spent in the field with security related experience and practice in pen testing (cyberdegrees.org). While there is no definite list for skills and certifications, pen testing is a branch of cybersecurity that does require a plethora of certifications, skills, and most importantly experience.

Another field within cyber security, is digital forensics which can cover a couple different responsibilities. While ‘forensics’ often elludes to feelings of a CSI esque job, the job of a digital forensic speciallist, often is not encompassed in the legal field and may be restricted to violation of company policy (interworks.com) . Maybe that means finding which employee downloaded a file off of a restricted website, or all the way to a data breach that needs to be upheld in court. Either way, a digital forensic speciallist is an essential part to any cyber security system in efforts to analyze, and prevent future issues.

Alongside the others, you have jobs such as the security architect, who is, “responsible for building and maintaining the computer and network security infrastructure for an organization” (tripwire.com). They need to be able to understand what kind of security a company will need and how to carry out the procedures to ensure information security. Also needed as a skill, the security architect needs to be able to develop as well as test these security systems to make sure they run properly.

Personally, I understand how vast the world of cybersecurity is. Much like a football team, there are many, very different moving parts all working toward the same goal, to provide information security to a client or company. Howwever, I would be curious to see if certain jobs, such as pen testing and security architects have certain ‘pathways’ in order to end up with the necessary experience to be considered for that specific job. How long is the ladder to climb in the world of cyber security? With the ever changing world of technology, it will be interesting to see in what ways, and how rapidly the community will change in the upcoming years.