Jobs in Infosec

Introduction#

In one of my recent posts, Getting Started in Infosec, I called out a variety of roles that exist in Information Security (infosec). In this post, we’re going to take a look into those roles and get a glimpse into what it looks like to work in different positions.

I’d like to give a shoutout and huge thanks to everyone who responded to my Twitter post where I solicited 280-character day-in-the-life descriptions of their jobs.

We’ll start by taking a look at what the more broad job areas are in infosec (aka those I called out in my other post), and then we’ll check out what people said they do in their specific roles. Let’s go!

General Infosec Areas#

This section is not at all exhaustive, but expands upon roles and areas mentioned in my Getting Started in Infosec post.

Programming-based security:

  • Application Security: Testing software for anything that could be exploited (bugs, vulnerabilities) and building in secure functionality
  • Static Code Analysis: Performing analysis of code by using static analysis tools (this is ideally an inherent part of developers’ pipelines, not done separately)

Infrastructure (systems, networks, & pipeline) protection:

  • Network Security: Architecting networks, implementing security solutions, re-architecting insecurely implemented pieces of the network
  • System Administration and Hardening: Protecting users and the company through system set-up, debugging, and maintenence
  • Cloud Security: Protecting company and user data floating around in the sky
  • DevOps Security: Integrating and maintaining secure infrastructure and pipelines (like static code analysis is ideally done by developers, security is ideally an inherent aspect of DevOps engineering)

Offense:

  • Red Teaming: Accomplishing a specified objective and preventing a system from operating as expected
  • Penetration Testing: Finding as many vulnerabilities in a system as possible within a specific timeframe

Defense:

  • Blue Teaming: Defending a system/network; often falls under alternative titles, e.g. incident response
  • Incident Response: Identifying and responding to incidents (e.g. attacks, data breaches) discovered on your systems and networks

Day in the Life#

Let’s see how people in the community explained their jobs! I couldn’t include everyone’s answers, so check out the thread for even more jobs and descriptions.

Offense

Penetration Testing Consultant:

Defense

Security Engineer:

Security Analyst:

Application Security (AppSec) Engineer:

Security Architect:

Cyber Crime Investigator:

Threat Hunter:

Incident Response Analyst:

Detection Engineer:

Countermeasure Manager:

Technical Meets Business

Technical Writer:

Technical Writer and Evangelist:

Privacy and Security Attorney:

Cyber Auditor:

Software Engineering Consultant:

Management

CEO:

Chief Information Security Engineer (CISO):

Chief Security Officer (CSO):

Director of Security:

Director of Threat Research:

Director of Identity Access Management (IAM):

Security Operations Center (SOC) Manager:

Engineering Manager:

Wrapping Up#

There are so many types of jobs in infosec, and there are more roles than any of us could name. Hopefully this post helped you get an idea of what kinds of opportunities and roles exist, and maybe even gave you some ideas of what you’d like to try out.

One more big thanks to everyone who shared job descriptions, this was a really fun post to do with the community!