# Job roles in IT and cybersecurity
## Learning objectives
* Identify key IT and cybersecurity job roles
* Describe the roles' key responsibilities, skills, and industry certifications
This section gives a succinct overview of seven in-demand job roles in IT and cybersecurity. Key job responsibilities, skills, and certifications for the following IT and cybersecurity roles are covered: System Administrator, Network Administrator, Incident Responder, Penetration Tester, Cloud Engineer, Cybersecurity Manager, and Privacy Analyst.
## Topics covered in this section
* **System Administrator**
* **Network Administrator**
* **Incident Responder**
* **Penetration Tester**
* **Cloud Engineer**
* **Cybersecurity Manager**
* **Privacy Analyst**
* **Job roles in IT and cybersecurity summary table**
### System Administrator
System Administrators (“The server people”) are responsible for the installation, configuration, maintenance, and security of servers, operating systems, and critical software applications.
* Job responsibilities: Automation; Patch management and endpoint security; Server health/server set up, configuration, optimization, troubleshooting, and maintenance; Backup/DR: system backup and restoration in disaster recovery; App compatibility: ensuring system-wide software and hardware compatibility and interoperability; System hardening, including removing processes and services not needed; Creating users and groups; Windows Defender configuration
* Skills: Networking; Patch management; Backups and recovery; OS – Linux, Windows, Mac; Scripting and automation; PowerShell and Command line (CLI); Virtualization (VMWare); Cloud computing – containers, Kubernetes, AWS, Azure; Network monitoring, intrusion detection, intrusion prevention, firewalls
* Certificates: Azure Administrator Associate; Network+; Linux+; Security+; VMWare Certified Professional; RHCSA (Red Hat Certified System Administrator)
### Network Administrator
Network Administrators are responsible for day-to-day configuration, maintenance, and troubleshooting of different network devices and the network itself.
* Job responsibilities: Hardware: setting up, configuring, and maintaining network hardware/devices – routers, switches, firewalls, and different types of security appliances like IDS/IPS; Software/hardware installation; Network topology: mapping out the network topology; Troubleshooting (possibly 80% of the work); Network infrastructure design and optimization (equipment, budget, as well as from a data standpoint)
* Skills: Windows Active Directory – create/remove /manage user accounts; OS – Linux; Cisco/PAN (Palo Alto) Equipment; Servers -on-prem and cloud based; Virtualization like VMWare; Troubleshooting
* Certifications: CCNA; Network+; Azure Network Engineer Associate; AWS Certified Solutions Architect – Associate
### Incident Responder
Incident Responders are responsible for detecting, analyzing, and mitigating security breaches to minimize damage and restore normal operations swiftly.
* Job responsibilities: Monitor systems/networks; Security auditing; Forensic investigations; Risk analysis; Intrusion detection; Training staff and stakeholders; Documentation; PCAP analysis with Wireshark
* Skills: Networking; OS – Linux, Windows, Mac; Packet analysis; SIEM tools; Scripting automation (Python); Packet capturing tools (Wireshark); Backup process; Forensic tools
* Certifications: Security+; GSEC (GIAC Security Essentials); GCIH (GIAC Certified Incident Handler); ECIH (EC-Council Certified Incident Handler); CHFI (Computer Hacking Forensic Investigator); CEH
### Penetration Tester
Penetration Testers proactively simulate cyberattacks to identify vulnerabilities and strengthen an organization’s security defenses.
* Job responsibilities: Identify/exploit vulnerabilities (internal or external); Network, application, mobile, Wi-Fi (testing); Scoping; OSINT; Social engineering; Exploit; Persist; Reporting; Password cracking (Hydra, John the Ripper, Cain and Abel); Nmap
* Skills: Networking; OS – Linux; Documentation; OSINT; Scripting (Python, Bash) and programming languages (C); Tools (modifying code; or writing your own tools); CVEs; CLI (Command Line Interface)
* Certifications: OSCP (Offensive Security Certified Professional); CEH; eJPT (eLearnSecurity Junior Penetration Tester); GPEN (GIAC Penetration Tester); Pentest+; LPT (Licensed Penetration Tester – EC-Council)
### Cloud Engineer
Cloud Engineers design, deploy, and optimize cloud infrastructure and services to ensure scalability, security, and reliability.
* Job responsibilities: Maintain cloud infrastructure; Serverless infrastructure architecture; IAM (Identity and Access Management); Automation; Cost optimization; Performance optimization; Storage
* Skills: Networking; OS – Linux, Windows; Scripting and programming languages; Database; IAM; Troubleshooting
* Certifications: AWS Advanced Networking Specialty; Azure Network Engineer Associate; CCSK (Certificate of Cloud Security Knowledge); CCSP (Certified Cloud Security Professional); Cloud+
### Cybersecurity Manager
Cybersecurity Managers oversee security strategies, policies, and teams to protect an organization’s systems, data, and infrastructure from threats.
* Job responsibilities: Operations; Infrastructure; Oversee assessments and audits; Ambassador; Compliance; Policies; Business continuity planning/DR (Disaster Recovery)
* Skills: Negotiation; Time management; Incident response; Regulations and standards; Auditing; Policies and processes
* Certifications: CISSP (Certified Information Systems Security Professional); CISM (Certified Information Security Manager); CRISC (Certified in Risk and Information Systems Control); CISA (Certified Information Systems Auditor); SC-100: Microsoft Cybersecurity Architect
### Privacy Analyst
Privacy Analysts ensure compliance with data protection laws, assess risks, and implement policies to safeguard sensitive information.
* Job responsibilities: Assessing the business policies, procedures, and operations to ensure that the organization is meeting its privacy requirements; Making sure that the business is compliant with regulations or industry standards or laws that they have to follow to protect critical information; Risk management: help manage legal or operational risk; Research and analysis of sensitive data and figuring out how to comply with relevant rules; Training: developing policies and procedures and then training the organization on those policies and procedures
* Skills: Critical thinking; Privacy laws and regulations; Data life cycle management; Researching – identifying relevant laws, regulations, and standards; Communication skills; Gap analysis
* Certifications: CIPP (Certified Information Privacy Professional); GRC Professional; CDPSE (Certified Data Privacy Solutions Engineer); CISA (Certified Information Systems Auditor)
### Job roles in IT and cybersecurity summary table
| **Job role** | **Job responsibilities** | **Skills** | **Industry certifications** |
| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| System Administrator
“The server people”
| Automation
Patch management and endpoint security
Server health/server set up, configuration, optimization, troubleshooting, and maintenance
Backup/DR: system backup and restoration in disaster recovery
App compatibility: ensuring system-wide software and hardware compatibility and interoperability
System hardening, including removing processes and services not needed
Creating users and groups
Windows Defender configuration
| Networking
Patch management
Backups and recovery
OS – Linux, Windows, Mac
Scripting and automation
PowerShell and Command line (CLI)
Virtualization (VMWare)
Cloud computing – containers, Kubernetes, AWS, Azure
Network monitoring, intrusion detection, intrusion prevention, firewalls
| Azure Administrator Associate
Network+
Linux+
Security+
VMWare Certified Professional
RHCSA (Red Hat Certified System Administrator)
|
| Network Administrator
Do day-to-day configuration, maintenance, and troubleshooting of different network devices and the network itself.
| Hardware: setting up, configuring, and maintaining network hardware/devices – routers, switches, firewalls, and different types of security appliances like IDS/IPS
Software/hardware installation
Network topology: mapping out the network topology
Troubleshooting (possibly 80% of the work)
Network infrastructure design and optimization (equipment, budget, as well as from a data standpoint)
Wireshark
| Windows Active Directory – create/remove /manage user accounts
OS – Linux
Cisco/PAN (Palo Alto) Equipment
Servers -on-prem and cloud based
Virtualization like VMWare
Troubleshooting
| CCNA
Network+
Azure Network Engineer Associate
AWS Certified Solutions Architect – Associate
|
| Incident Responder
Digital Forensics and Incident Response (DFIR)
| Monitor systems/networks
Security auditing
Forensic investigations
Risk analysis
Intrusion detection
Training staff and stakeholders
Documentation
PCAP analysis with Wireshark
| Networking
OS – Linux, Windows, Mac
Packet analysis
SIEM tools
Scripting automation (Python)
Packet capturing tools (Wireshark)
Backup process
Forensic tools
| Security+
GSEC (GIAC Security Essentials)
GCIH (GIAC Certified Incident Handler)
ECIH (EC-Council Certified Incident Handler)
CHFI (Computer Hacking Forensic Investigator)
CEH
|
| **Penetration Tester** | Identify/exploit vulnerabilities (internal or external)
Network, application, mobile, Wi-Fi (testing)
Scoping
OSINT
Social engineering
Exploit
Persist
Reporting
Password cracking (Hydra, John the Ripper, Cain and Abel)
Nmap
| Networking
OS – Linux
Documentation
OSINT
Scripting (Python, Bash) and programming languages (C)
Tools (modifying code; or writing your own tools)
CVEs
CLI (Command Line Interface)
| OSCP (Offensive Security Certified Professional)
CEH
eJPT (eLearnSecurity Junior Penetration Tester)
GPEN (GIAC Penetration Tester)
Pentest+
LPT (Licensed Penetration Tester – EC-Council)
|
| **Cloud Engineer** | Maintain cloud infrastructure
Serverless infrastructure architecture
IAM
Automation
Cost optimization
Performance optimization
Storage
| Networking
OS – Linux, Windows
Scripting and programming languages
Database
IAM
Troubleshooting
| AWS Advanced Networking Specialty
Azure Network Engineer Associate
CCSK (Certificate of Cloud Security Knowledge)
CCSP (Certified Cloud Security Professional)
Cloud+
|
| **Cybersecurity Manager** | Operations
Infrastructure
Oversee assessments and audits
Ambassador
Compliance
Policies
Business continuity planning/DR
| Negotiation
Time management
Incident response
Regulations and standards
Auditing
Policies and processes
| CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CRISC (Certified in Risk and Information Systems Control)
CISA (Certified Information Systems Auditor)
SC-100: Microsoft Cybersecurity Architect
|
| Privacy Analyst
(Data Privacy Engineer, Data Privacy Architect, Data Privacy Specialist, Platform Privacy Specialist, Privacy Compliance Specialist, Privacy Compliance Analyst, and Privacy and Risk Engineer.)
| Assessing the business policies, procedures, and operations to ensure that the organization is meeting its privacy requirements
Making sure that the business is compliant with regulations or industry standards or laws that they have to follow to protect critical information
Risk management: help manage legal or operational risk
Research and analysis of sensitive data and figuring out how to comply with relevant rules
Training: developing policies and procedures and then training the organization on those policies and procedures
| Critical thinking
Privacy laws and regulations
Data life cycle management
Researching – identifying relevant laws, regulations, and standards
Communication skills
Gap analysis
| CIPP (Certified Information Privacy Professional)
GRC Professional
CDPSE (Certified Data Privacy Solutions Engineer)
CISA (Certified Information Systems Auditor)
|
These job roles are based on the free Cybrary course [Introduction to IT & Cybersecurity](https://www.cybrary.it/course/introduction-to-it-and-cybersecurity/) (1h 41m | CEU/CPE credits: 2), which is part of a Career Path: Information Security Fundamentals.
### Key takeaways
* Key IT and cybersecurity job roles include sysadmin, netadmin, Incident Responder, and Penetration Tester.
* Key IT and cybersecurity skills include IT networking, operating systems, troubleshooting, virtualization, and scripting languages.
### References
[Introduction to IT & Cybersecurity](https://www.cybrary.it/course/introduction-to-it-and-cybersecurity/) (Cybrary)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://dti-techs.gitbook.io/practical-foundations-in-cybersecurity/1.-it-career-planning/job-roles-in-it-and-cybersecurity.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.