Practical Foundations in Cybersecurity
  • πŸ–ŒοΈPractical Foundations in Cybersecurity
  • 1. IT career planning
    • Introduction - IT career planning
    • IT career paths – everything you need to know
    • Job roles in IT and cybersecurity
    • How to break into information security
    • The Security Operations Center (SOC) career path
    • The GRC analyst role
    • How to get CCNA certification
    • Job search strategy
  • 2. Introduction to cybersecurity
    • Introduction - Introduction to cybersecurity
    • Foundational cybersecurity concepts and practices
    • The cybersecurity threat landscape
    • Common cyber attacks
    • Risk mitigation methods
    • Network security risk mitigation best practices
  • 3. Cybersecurity GRC
    • Introduction - Cybersecurity GRC
    • Cybersecurity GRC
  • 4. Networking fundamentals
    • Introduction - Networking fundamentals
    • How data flow through the Internet
  • 5. Wireless security and cryptography
    • Introduction - Wireless security and cryptography
    • SSL/TLS cryptography
    • Wireless network security
  • 6. Practical foundations in ethical hacking
    • Introduction - Practical foundations in ethical hacking
    • Ethical assessment of teaching ethical hacking
    • The ethical teaching of ethical hacking
    • Professional ethical hacking body of knowledge
      • The ethics of ethical hackers
      • The penetration testing process
      • What do ethical hackers do?
    • Who are ethical hackers?
  • 7. Conclusion
    • Introduction - Conclusion
    • Final words
Powered by GitBook
On this page
  • Learning objectives
  • Topics covered in this section
  • Job roles in IT and cybersecurity
  • Key lesson takeaways
  • References
  1. 1. IT career planning

Job roles in IT and cybersecurity

This section summarizes key IT and cybersecurity job roles along with their relevant job responsibilities, skills, and industry certifications

PreviousIT career paths – everything you need to knowNextHow to break into information security

Last updated 8 hours ago

Learning objectives

β€’ Identify key IT and cybersecurity job roles β€’ Describe the roles' key responsibilities, skills, and industry certifications

This section gives a succinct overview of in-demand . Key job responsibilities, skills, and certifications for the following IT and cybersecurity roles are covered: System Administrator, Network Administrator, Incident Responder, Penetration Tester, Cloud Engineer, Cybersecurity Manager, and Privacy Analyst.

Topics covered in this section

  • Key IT and cybersecurity job roles

  • Job responsibilities

  • Skills and industry certifications

Job role

Job responsibilities

Skills

Industry certifications

System Administrator β€œThe server people”

Automation Patch management and endpoint security Server health/server set up, configuration, optimization, troubleshooting, and maintenance Backup/DR: system backup and restoration in disaster recovery App compatibility: ensuring system-wide software and hardware compatibility and interoperability System hardening, including removing processes and services not needed Creating users and groups Windows Defender configuration

Networking Patch management Backups and recovery OS – Linux, Windows, Mac Scripting and automation PowerShell and Command line (CLI) Virtualization (VMWare) Cloud computing – containers, Kubernetes, AWS, Azure Network monitoring, intrusion detection, intrusion prevention, firewalls

Azure Administrator Associate Network+ Linux+ Security+ VMWare Certified Professional RHCSA (Red Hat Certified System Administrator)

Network Administrator Do day-to-day configuration, maintenance, and troubleshooting of different network devices and the network itself.

Hardware: setting up, configuring, and maintaining network hardware/devices – routers, switches, firewalls, and different types of security appliances like IDS/IPS Software/hardware installation Network topology: mapping out the network topology Troubleshooting (possibly 80% of the work) Network infrastructure design and optimization (equipment, budget, as well as from a data standpoint) Wireshark

Windows Active Directory – create/remove /manage user accounts OS – Linux Cisco/PAN (Palo Alto) Equipment Servers -on-prem and cloud based Virtualization like VMWare Troubleshooting

CCNA Network+ Azure Network Engineer Associate AWS Certified Solutions Architect – Associate

Incident Responder Digital Forensics and Incident Response (DFIR)

Monitor systems/networks Security auditing Forensic investigations Risk analysis Intrusion detection Training staff and stakeholders Documentation PCAP analysis with Wireshark

Networking OS – Linux, Windows, Mac Packet analysis SIEM tools Scripting automation (Python) Packet capturing tools (Wireshark) Backup process Forensic tools

Security+ GSEC (GIAC Security Essentials) GCIH (GIAC Certified Incident Handler) ECIH (EC-Council Certified Incident Handler) CHFI (Computer Hacking Forensic Investigator) CEH

Penetration Tester

Identify/exploit vulnerabilities (internal or external) Network, application, mobile, Wi-Fi (testing) Scoping OSINT Social engineering Exploit Persist Reporting Password cracking (Hydra, John the Ripper, Cain and Abel) Nmap

Networking OS – Linux Documentation OSINT Scripting (Python, Bash) and programming languages (C) Tools (modifying code; or writing your own tools) CVEs CLI (Command Line Interface)

OSCP (Offensive Security Certified Professional) CEH eJPT (eLearnSecurity Junior Penetration Tester) GPEN (GIAC Penetration Tester) Pentest+ LPT (Licensed Penetration Tester – EC-Council)

Cloud Engineer

Maintain cloud infrastructure Serverless infrastructure architecture IAM Automation Cost optimization Performance optimization Storage

Networking OS – Linux, Windows Scripting and programming languages Database IAM Troubleshooting

AWS Advanced Networking Specialty Azure Network Engineer Associate CCSK (Certificate of Cloud Security Knowledge) CCSP (Certified Cloud Security Professional) Cloud+

Cybersecurity Manager

Operations Infrastructure Oversee assessments and audits Ambassador Compliance Policies Business continuity planning/DR

Negotiation Time management Incident response Regulations and standards Auditing Policies and processes

CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CRISC (Certified in Risk and Information Systems Control) CISA (Certified Information Systems Auditor) SC-100: Microsoft Cybersecurity Architect

Privacy Analyst (Data Privacy Engineer, Data Privacy Architect, Data Privacy Specialist, Platform Privacy Specialist, Privacy Compliance Specialist, Privacy Compliance Analyst, and Privacy and Risk Engineer.)

Assessing the business policies, procedures, and operations to ensure that the organization is meeting its privacy requirements Making sure that the business is compliant with regulations or industry standards or laws that they have to follow to protect critical information Risk management: help manage legal or operational risk Research and analysis of sensitive data and figuring out how to comply with relevant rules Training: developing policies and procedures and then training the organization on those policies and procedures

Critical thinking Privacy laws and regulations Data life cycle management Researching – identifying relevant laws, regulations, and standards Communication skills Gap analysis

CIPP (Certified Information Privacy Professional) GRC Professional CDPSE (Certified Data Privacy Solutions Engineer) CISA (Certified Information Systems Auditor)

Key lesson takeaways

β€’ Key IT and cybersecurity job roles include sysadmin, netadmin, Incident Responder, and Penetration Tester β€’ Key skills include IT networking, operating systems, troubleshooting, virtualization, and scripting languages

References

This table (Job roles in IT and cybersecurity) is based on the free Cybrary course (1h 41m | CEU/CPE credits: 2), which is part of a Career Path: Information Security Fundamentals.

job roles in IT and cybersecurity
Job roles in IT and cybersecurity
Introduction to IT & Cybersecurity