Responsibilities of Cybersecurity Roles
Cyber Sales Professional
Developing relationships with key technical decision-makers and influencers within the target customers. •Driving new sales opportunities by proactively engaging with the technical community within target accounts. •Capturing cybersecurity requirements, proposing technical solutions, and overseeing the selection of services. •Engaging with customers as a trusted advisor, listening and understanding their challenges, and communicating this back to the sales team clearly. •Scoping and translating requirements, solutions, and value proposition into proposals/Statement of Work (SOW). •Staying updated with the latest security trends, changes in the threat landscape, and new product and service offerings, in order to tailor sales propositions. •Meeting their agreed targets and managing the sales pipeline.
Security Analyst
Monitoring networks for all incoming code and responding to any negative activity. •Installing, managing, and updating software on the systems and networks they monitor. •Encrypting data transmissions and building firewalls. •Developing plans to protect against malware and procedures for attack response. •Ensuring all software within the network has adequate security measures in place. •Compiling reports on the safety of the organization's networks documenting security issues and response measures. •Analyzing existing networks to provide suggestions and best practices to maintain data security. •Staying updated on trends and advances in security and information technology. •Training employees and data users on security threats and protection best practices.
Data Loss Prevention Engineer
Working with vendors to implement and support DLP technology, including troubleshooting and upgrading. •Maintaining DLP technology, configuring policies, and compiling reports for analytics. •Monitoring and responding to alerts generated from DLP systems and other technologies. •Working with the Incident Response team to escalate and respond to potential or real threats. •Serving as a DLP subject matter expert within the organization. •Collaborating on the DLP rule development lifecycle including policy development, response rules, and maintenance.
Cybersecurity Specialist
•Analyzing existing systems and network structure, studying devices used, and testing security measures like firewalls and software permissions. •Reporting their findings to business leaders and making relevant recommendations. •Collaborating with other departments to ensure all colleagues understand the organization's cybersecurity best practices. •Implementing and modifying cybersecurity software that helps meet business goals. •Identifying potential or real cyber incidents and effectively applying solutions to any breaches that may occur. •Creating and implementing security audits across hardware and software. •Ensuring that networks and computer systems are up to date. •Designing firewalls and other security measures to ensure that systems are compliant with the relevant data privacy and protection regulations.
Reverse Engineer/ Malware Analyst
•Analyzing malware samples to support ongoing investigations. •Working with the incident response team to disassemble, deconstruct, and reverse engineer malicious code to allow the organization to protect against similar attacks in the future. •Conducting reverse engineering by disassembling software. •Developing threat detection tools and methods for use in hunt and incident response activities. •Researching and developing tracking methods and detecting malicious activity within a network. •Compiling malware intelligence and research to present to business leaders and stakeholders. •Staying up to date on the latest malware and keeping software updated to defend against it. •Writing alerts to keep the security team informed on attacks.
Security Architect
•Assessing IT and technology to identify security strengths and weaknesses. •Conducting penetration tests, risk assessments, and ethical hacks on networks. •Analyzing routers, firewalls, and other security systems to determine efficacy and efficiency. •Planning and implementing architectural changes to boost security structures and developing entirely new security architectures. •Preparing budgets, overseeing expenses, and allocating personnel resources for the security team. •Leading analysts, security administrators, and security engineers to coordinate effective security protocols. •Assessing the causes, damage, and data recovery when incidents arise, preparing incident reports for the organization, and updating architecture in response.
Cybersecurity Technical Writer
•Assists in collecting and organizing information for user manuals, training materials, installation guides, proposals, and reports. •Edits functional descriptions, system specifications, special reports, and any other customer deliverables and documents. •Expressing security policy, legal code, audit journaling, test results, and business plans so readers can understand. •Developing editorial processes to ensure effective proofreading and project deadline fulfilment. •Proofreading documents for grammatical, syntactical, and usage errors, spelling, punctuation, and adherence to standards. •Assists in document tracking and logging, and consults with technical staff to determine format, contents, and the organization of technical reports and proposals. •Tracking new information as it arises to keep company documentation up to date. •Preparing documents for compliance audits, cyber security and vulnerability assessments, and contributing to the development of the relevant compliance programs.
Cybersecurity Sales Engineer
•Being a trusted technical advisor to prospective customers. •Managing key aspects of the sales cycle including requirements gathering, demos, proof of concept, and product specification. •Presenting the product and all features to customers at meetings and events. •Troubleshooting client problems, answering questions from customers relating to solutions, and delivering technical enablement. •Building strong consultative relationships with individuals in customer and partner organizations to ensure customer and partner satisfaction. •Support the partner certification program for partners. •Communicating customer requirements to product management teams. •Providing advanced training and support for the sales teams across all business territories. •Maintain up-to-date knowledge of industry, technical and competitive landscape to ensure the presentation and sale of the best client solutions.
Cyber Data Scientist
•Collaborating with data owners to identify problems, sources, and opportunities, while enabling the collection of data. •Implementing automation for the preparation and ingestion of data into databases. •Building enhanced analysis opportunities by identifying previously unseen relationships within databases. •Immersing themselves into cybersecurity through training and working with others on the security team. •Collecting data from disparate systems using technologies such as PowerShell and APIs.
Security Engineer
•Collaborating with the entire cybersecurity team to develop the best security protocols for the organization. •Planning and creating policies that prevent cyber attacks and security incidents. •Running tests and breach simulations that help determine an organization's vulnerabilities. •Testing firewalls and data encryption technologies regularly. •Deploying new security software and hardware-based on existing weaknesses and current cybersecurity trends. •Implementing and upgrading corporate policies around security. •Maintaining security systems and managing the repair or replacement process. •Investigating and determining the causes of security breaches or potential incidents. •Reporting their findings and presenting their recommendations and improvements to management.
Chief Security Officer (CSO)
•Coordination of security efforts across the company, including information technology, human resources, communications, legal, facilities management and more. •Manage the implementation of global security policy, standards, guidelines and procedures. •Physical security responsibilities may include asset protection, access control systems, video surveillance, and more. •Information security responsibilities may include network security architecture, network access and monitoring policies, employee education and awareness, and more. •Work with a team of executives to develop security initiatives and plan security spending. •Oversee incident response and the investigation of security breaches, assisting with the aftermath of data breach recovery.
Cybersecurity Administrator
•Creating a safe digital environment, allowing employees to work effectively. •Developing policies and systems to protect business and customer data. •Identifying the networks' weak points and installing firewalls, site-blocking programs, and anti-malware software in response. •Repairing vulnerabilities and handling the response to an incident. •Creating and enforcing network and system authorization and usage protocols. •Designing system recovery plans and preparing the organization for cyber breaches.
Cryptography Professional
•Creating algorithms and ciphers to encrypt data for businesses, government, healthcare companies, financial organizations, and the military. •Deciphering algorithms and ciphertext to decrypt information. •Analyzing existing encryption systems to identify weaknesses and vulnerabilities. •Testing cryptology theories and techniques to implement new and improved encryption solutions. •Advising staff on cryptical/mathematical methods and applications. •Ensuring wireless networks are not illegally accessed or altered.
Cloud Security Engineer
•Creating cloud-based infrastructure and programs including implementing identity and access management and configuring cloud environments securely. •Performing penetration testing and threat simulations to identify potential risks. •Managing cryptography and encryption in the cloud. •Monitoring for and responding to incidents in the cloud environment. •Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. •Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. •Working with analysts, engineers, and data scientists across the organization to continually improve cyber resilience.
Cybersecurity Software Engineer
•Creating efficient, secure software programs and applications that meet security requirements and business goals. •Assessing and adjusting existing software by introducing new security measures and technologies. •Analyzing users' needs and using their assessments as a guide when testing applications and programs. •Integrating programming techniques, design concepts, and knowledge of software exploitation in the design and testing processes. •Creating new tools and systems to detect and prevent vulnerabilities and weaknesses. •Documenting application and program functions, making changes and performing upgrades as part of daily maintenance. •Coordinating the integration of software components in collaboration with programmers, software analysts, and executives.
Cybersecurity Director
•Creation and execution of security strategies that will increase the efficiency of IT systems and projects at your organisation. •Directing crisis management by investigating the cause of a breach and implementing the right solutions. •Allocating the correct resources to ensure that staff are delivering secure solutions. •Managing cybersecurity teams within the organization. •Overseeing vulnerability audits, penetration tests and forensic IT investigations, ensuring that any outcomes are understood and applied. •Liaising with other senior level directors and the board to ensure that new systems align with the organization's overall security policies and data protection strategies. •Ensuring that staff security training and compliance efforts are up to date. •Preparing budgetary allocations and financial forecasts relating to cybersecurity. •Managing partners, stakeholders, vendors and third party solutions providers.
Application Security Engineer
•Defining and embedding technical security policies, principles, and standards within the application. •Driving and supporting application security reviews and threat modeling, including code review and dynamic testing. •Managing and performing application security vulnerability management. •Facilitating and supporting the preparation of security releases. •Supporting and consulting with product and development teams in the area of application security. •Creating and leading security training for their team. •Assisting in the development of automated security testing to ensure the organization is following best practices.
Cybersecurity Project Manager
•Delivering on projects using the best approach as set out within any project methodology processes. •Clearly defining project scope, costs, success criteria, dependencies, assumptions, and constraints with stakeholders. •Defining priorities and requirements and managing the project through planning, design, build, testing, and service transition phases. •Ensuring the agreed objectives and success criteria are delivered on time and within budget. •Identifies and facilitates the resolution of any issues that may arise. •Managing 3rd party vendors and managing multiple individuals and project aspects running concurrently.
Identity and Access Management Engineers (IAM)
•Designing, implementing, and managing Identity Directory and identity services. •Implementing technologies to centrally integrate identity systems across the organization. •Streamlining and improving customer experiences. •Implementing access controls to applications and maintaining and updating roles in the directory. •Managing access and permissions where necessary and implementing automated solutions. •Collaborating with key engineering stakeholders to help tackle challenges within the IAM space. •Troubleshooting and managing issues related to identities, systems access accounts, authentication, authorization, entitlements, and permissions. •Implementing and maintaining technologies to ensure audit and privacy compliance.
Cyber Insider Threat Analyst
•Documenting procedures, practices, and policies that need to be in place to begin threat analysis. •Carrying out surveys and interviewing key personnel regarding security procedures and identifying possible gaps in security. •Extracting data to observe the behavior and activity of potential inside threats. •Combining data from multiple sources to observe any anomaly in employee behavior. •Creating and implementing detection methods and strategies for insider threats. •Conducting risk assessments on collected data and establishing systems that extract data to monitor suspicious activity. •Taking immediate action on any activity that looks to have malicious intent. •Making recommendations on existing procedures and policy layers.
Data Privacy Officer
•Educating the company and employees on important compliance requirements. •Training staff in compliant data processing and storage. •Conducting audits to ensure compliance and addressing any potential issues proactively. •Acting as an organization's data protection and privacy evangelist. •Serving as the point of contact between the company and supervisory authorities. •Maintaining records of all data processing activities conducted by the company, including all processing activities. •Interfacing with data subjects to inform them on their rights, how their data is being used, and what processes the company has put in place to protect their data.
Privacy Analyst
•Ensuring compliance with data privacy and protection regulations, including GDPR, CCPA, and NIST. •Answering queries on global data privacy processing and protection requirements from internal stakeholders. •Conducting compliance gap analysis and readiness assessments for upcoming policy changes. •Creating and maintaining documentation, privacy notices, privacy statements, SOPs, work instructions and guidance notes in cooperation with legal teams. •Managing any Data Subject Request process that the organization has. •Collecting and maintaining records of processing activities. •Preparing reports on regulatory compliance. •Escalating any potential data breaches for investigation and resolution.
Data Security Engineer
•Establishing safety protocols to protect all data collected and used by the organization. •Ensuring the compliance of policy, processes, and procedures throughout the day-to-day management of the organization. •Continually assessing security effectiveness, updates, and opportunities for renewals or updates. •Avoiding unsafe data transmission and carrying out confidential data transfers with firewall protection. •Installing, uninstalling, and maintaining data security software. •Compiling post-breach information for forensic analysis. •Performing penetration testing on their systems. •Drafting security plans depending on the organization's needs and current threats.
Threat Hunter
•Follow and neutralize highly advanced adversaries who cannot be detected with automated solutions. •Searching for hidden threats before they happen. •Gathering information on the behavior, goals, and techniques that the adversary is using. •Analyzing collected data to determine trends in the security environment of the organization. •Making cybersecurity predictions based on their findings and eliminating current vulnerabilities.
Cybersecurity Manager
•Hiring new cybersecurity professionals and coaching and developing team members through knowledge sharing and personal development programs. •Preparing and overseeing cybersecurity budgets. •Monitoring systems for security gaps, designing effective solutions for these gaps, and providing reports to management and executive staff. •Developing wide-ranging policies, regulations, and strategies to enhance the security of the organizations. •Evaluating new security tools and technologies. •Running risk assessments and testing data processing systems. •Advising on digital and technical aspects of cyber security governance, frameworks and operating models
Cybersecurity Forensic Engineer
•Investigating cybersecurity crime and incidents. •Securing tamper-proof access to devices, systems, and networks that hold digital evidence related to any investigations. •Finding and following data trails to link suspects to other dangerous parties. •Recovering hidden, encrypted, or deleted information. •Offering security insight to law enforcement personnel and prosecutors regarding their digital evidence. •Interviewing cybercrime suspects or victims. •Helping to prepare evidence before criminal trials. •Creating reports of their findings and presenting them when necessary.
Cybersecurity Lead
•Leading the cybersecurity function for the business. •Managing Cybersecurity Specialists and ensuring their output aligns with the organization's goals and priorities. •Identifying new security opportunities and challenges, ensuring that the right actions are taken to avoid risks. •Encouraging self-sustaining security practices and behaviors within delivery teams. •Performing risk assessments for threats and incidents. •Ensuring that regulatory and legal requirements are met. •Establishing teams to implement new security solutions and managing budgets. •Taking ownership and responsibility for reaching objectives and meeting goals. •Reviewing the existing security position and stay updated on the cybersecurity industry globally to propose positive changes.
Cyber Risk Analyst
•Managing and analysing incoming cyber risks for all departments of the organization. •Preparing risk reports and ensuring actions are documented and delivered. •Tracking and monitoring risk activities, notifying action owners, and escalating where required. •Ensuring risks and remediation plans are regularly addressed. •Conducting quality assurance on all risk assessments. •Building understanding and awareness of cybersecurity risks throughout the organization. •Improving the cybersecurity processes, solutions, and professional practices of the team. •Using judgement to make risk-based recommendations and decisions within parameters.
Governance and Compliance Analyst
•Managing risks related to the use of Information Technology, Information Security, Privacy, Regulatory Compliance and Governance. •Ensuring and monitoring compliance with industry and government rules and regulations at all levels. •Conducting gap analysis and implementing frameworks and standards such as ISO 27001, GDPR, NIST, and SOX. •Developing and revising policies, standards, processes, and guidelines for the organization. •Conducting vendor risk assessments against organizational security requirements. •Continually testing and monitoring the effectiveness of security controls. •Conducting research to aid threat assessment or risk mitigation activities. •Developing mechanisms to align with the adoption and usage of current and emerging technologies.
Chief Information Security Officer (CISO)
•Managing their organization's overall security practices and needs. •Identifying weaknesses within existing security solutions and developing policies and practices to remedy them. •Introducing new technology to the business, overseeing education programs, and providing security guidance to personnel. •Preparing budgets for security operations and maintenance. •Carrying out risk assessments and audits to ensure regulatory compliance. •Building a strong security team to carry out their strategic plans.
Cyber Insurance Professional
•Managing, processing, and overseeing cybersecurity claims and their progress. •Process and audit claims data to ensure claim management processes adhere to established standards. •Using risk expertise and industry knowledge to develop solutions that are personalized to their clients. •Providing exceptional client service and creating and maintaining professional relationships. •Staying ahead of changing insurance and risk market conditions, as well as evolving cyber threats that may pose new security risks. •Ensuring procedural compliance and ensuring contracts are executed as required. •Participating in internal and external audits where applicable. •Maintaining regular contact with a portfolio of clients to build trust and ensure departmental accountability.
Cyber Threat Intelligence Analyst
•Monitoring and analyzing external and internal cyber threats to assess risk. •Analyzing the likelihood that an emerging threat will impact their organization and identify where weaknesses are. •Delivering reports and recommendations to the business to enable the effectiveness of mitigation and remediation efforts. •Providing requirements to influence threat mitigation strategies. •Analyzing internal risk and security controls to identify existing security weaknesses. •Consolidating cyber threat intelligence feeds and sources. •Providing threat intelligence support to cybersecurity teams during security incidents.
Incident Responder
•Monitoring, assessing, testing, and analyzing systems to identify and correct potential security breaches. •Creating security plans, policies, protocols, and training to prepare their organization for efficient and effective incident response. •Establishing protocols for internal and external communication during and after security incidents. •Working under pressure to assess and respond to threats through intrusion detection, security auditing, and risk analysis. •Using network forensics, reverse engineering, and penetration testing skills to address security threats. •Creating incident reports for management, administrators, and law enforcement.
Vulnerability/Threat Management Analyst
•Operating the vulnerability scanning tool set, including Nexpose and Tenable. •Improving business-wide knowledge and understanding of emerging threats. •Reviewing and analyzing vulnerability data to identify trends and patterns. •Advising employees responsible for remediation on the best reduction and remediation practices. •Influencing the development of vulnerability management standards and security policies. •Operating vulnerability management processes, suggesting applicable change controls, and security exceptions. •Designing and implementing vulnerability reporting and monitoring solutions. •Maintaining and updating process guides and assisting with reporting to leadership and service stakeholders. •Assisting and supporting the manager in incident handling/investigations. •Performing risk-based technical assessments on technical vulnerabilities.
Red Teamer
•Performing testing on a wide scope of systems, including web applications, security controls, network infrastructure, wireless, and mobile deployments. •Working as a team to explore the network until they reach their goal, taking their time to avoid detection. •Planning, executing, reporting, and leading testing activities and outcomes. •Executing covert Red Team Cyber operations to mimic adversary tactics and work closely to test exploits.
Cybersecurity Advisor
•Plan and implement security features and components for the organization. •Accelerating the deployment of the right security tools and enhancing the overall cybersecurity posture of the organization. •Ensuring all security procedures are up to date and safe for key stakeholders, clients, customers, and staff. •Identifying the right systems to leverage and secure the business. •Defining the cleanest implementation path with the least complications. •Working in a collaborative team environment to advise, mentor, and support colleagues on all aspects of cybersecurity. •Monitoring for incidents and alerts and providing responses to address security events.
C-Suite
•Planning, implementing, developing, and directing the organization's operational and monetary performance and its progress towards the company's mission. •Acting as a strategic partner by developing and implementing the plans and programs of their department of the business. •Effectively communicate with the organization and with the Board of Directors. •Liaise and advise the rest of the C-Suite about the execution of plans. •Continuously instruct the department by improving the planning and the budgeting process. •Encourage, interact with, and mentor the employees within their department and the entire company. •Positively represent their organization.
Cybersecurity Professor/Instructor
•Preparing and equipping students in the best possible way to pursue or develop their cybersecurity careers with confidence and purpose. •Teaching undergraduate and graduate levels and the supervision of dissertations and research projects in these areas. •Designing courses to meet learning outcomes and promote students' participation. •Creating an effective learning environment that fosters students' intellectual curiosity. •Contributing to and providing leadership in academic and professional communities. •Being an active member of the cyber security education team in the school or organization. •Pursuing high quality research in cyber security. •Enhancing students' links with industry professionals to enable knowledge exchange.
Product Service Engineer
•Providing security guidance on all new products and technologies within the organization. •Collaborating with the engineering team to perform regular product security assessments and threat modelling. •Managing the operations and effectiveness of the product security pipeline tools. •Updating product security tooling to reduce false positives. •Responding to vulnerabilities disclosed through threat detection systems. •Maintaining internal documentation and security standards to ensure security best practices are followed. •Designing and implementing tools to automate and scale security processes. •Supporting the incident detection and response processes. •Providing security support and leadership to the product engineering team.
Cybersecurity/Privacy Attorney
•Providing support, including risk assessment and contract drafting, on data privacy and protection issues. •Advising teams on compliance requirements or possible issues during the development, sale, and marketing of products and services, ensuring privacy by design. •Assisting with the development, implementation, and management of compliance and risk mitigation strategies relating to global data privacy and protection laws and regulations. •Developing a network inside and outside of the organization to support the objectives of the Legal team and the business. •Producing documentation including privacy risk assessments, risk analyses, and incident reports. •Ensuring that the applicable privacy and security requirements are incorporated into Policies, SOPs, and other controls.
Security Researcher
•Researching emerging cybersecurity technologies and threats. •Evaluating security solutions and contributing to research publications. •Developing new approaches to threat management. •Identifying new methods for improving awareness and countering new threats. •Dismantling malware to see what vulnerabilities the software is exploiting in order to glean intelligence about its structure and how it communicates. •Building behavior profiles so security analysts and incident responders can identify future threats.
Penetration Tester
•Seeking, identifying, and attempting to breach existing weaknesses in digital systems and computing networks. •Utilizing existing threat actor tools and strategies as well as devising their own. •Documenting their testing process to generate detailed reports on how they bypassed established security protections. •Working with clients to define their requirements from the test. •Planning and creating penetration methods, scripts, and tests. •Creating reports and recommendations from findings, including security issues uncovered and level of risk. •Presenting findings, risks, and conclusions to management.
PKI Professional
•Supporting the design, build, and deployment of enterprise PKI systems. •Ensuring PKI systems comply with the relevant data privacy and protection frameworks and adhere to industry best practices. •Assessing and remediating the design and implementation of PKIs to mitigate risk. •Integrating items such as TLS inspection, IoT devices, and mobile device management (MDM) solutions. •Managing the configuration of PKI systems and testing PKI systems before production deployment. •Creating and maintaining system documentation. •Defining and improving PKI best practices. •Keeping up with industry trends and threats, particularly around PKI technologies.
DevSecOp (Development, Security, and Operations)
•Working alongside DevOps Engineers to ensure that security vulnerabilities are addressed and fixed during development. •Defining, implementing, and operating a platform support model that leverages DevSecOps principles. •Attacking software to find vulnerabilities, as opposed to running scans once it has been created. •Monitoring and managing deployment and support and serving as an escalation point for cybersecurity incidents. •Enforcing processes and tools that ensure compliance with the relevant data privacy and protection regulations. •Serving as a point of contact for product teams as it relates to automation, CI/CD, and DevSecOps. •Understanding and assessing existing processes to identify how to improve and streamline team effectiveness. •Communicating threat knowledge with the entire cybersecurity team.
Cybersecurity Program Manager
•Working with partners, vendors, employees, and agencies to ensure project success. •Supporting the development, implementation, and communication of cybersecurity activities and programs. •Leading the set-up and execution of program events, briefings, and meetings. •Liaising with other teams to identify and exploit opportunities with other programs across the organization. •Managing multi-functional team coordination, opportunity screening, benefit/cost analysis, vendor selection, schedule and budget oversight, management of consultants/contractors, issue resolution, and reporting. •Coordinating with internal and external legal, contracting, procurement, finance, and communications departments to ensure successful project rollout and streamline communications.
