Danny's newsletter - Issue #12

Update to Cybersecurity Roadmap

Here are some updates from the first roadmap that can shed light on what a role from one of these job families can look like. Remember, Cybersecurity is an umbrella in which there are many different domains underneath.

There are lots of roles within the umbrella of Cybersecurity but these are some of the main ones you will see as you look through job postings

Triage Security Analyst

This role falls under the Blue team and can serve as a benchmark and foundation for the rest of your career. Creating and amending runbooks that aid in expanding the knowledge of your peers​​. Success in this role depends on the effective dispatch of security triage events to the correct persons in a timely manner. This is an entry-level role.

Senior Security Analyst

This role also falls under the Blue team and as you’ll see requires more cross organizational work. Assist in developing standards and best practices to enable an effective and efficient SOC. Coordinate with cross discipline engineering and operations personnel Security, Infrastructure, Development) to ensure quality monitoring and detection.

Detection Engineer

This can either fall under the Blue team or Purple team depending on the company. Develop enrichment pipelines and automation to enhance the fidelity of detections. Develop correlation and automation to create high-fidelity threat detections

Penetration Tester

This role falls under the Red Team. Develop and execute penetration plans for new releases; provide technical support and recommendations to remedy the findings Review and validate vulnerabilities reported via responsible disclosure program (Bug Bounty)

I hope this provides some clarity on what a day to day can look like in the field of cybersecurity, as always feel free to reach out if you have any questions.