Cybersecurity is a major concern for businesses, governments, and people worldwide—and with good reason. Ever more complex cyberattacks jeopardize security and disrupt the economy at both the private and civic levels.
In recent news headlines, the press has highlighted the effect of malware such as Shamoon, Stuxnet and Flame on the business community. These high profile cyberattacks illustrate the vulnerability of industry and government operations. Growing use of mobile solutions and cloud computing services adds additional risk to these activities.
To combat the expansion in cybercrime, it’s critical for organizations to implement robust IT security policies. Solid IT security ensures the resilience of essential information systems and helps to maintain business and operational continuity.
Ensuring the cybersecurity of an organization requires a deep understanding of its operations, its strategic activities, and its interactions with customers and business partners.
Security Consultant/Specialist: Broad services that encompass any one or all of the other roles/titles, tasked with protecting computers, networks, software, data, and/or information systems against viruses, worms, spyware, malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever increasing list of attacks by hackers acting as individuals or as part of organized crime or foreign governments.
Analyst: analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, and/or management of security solutions.
Engineer: Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements.
Architect: Designs a security system or major components of a security system, and may head a security design team building a new security system.
Administrator: Installs and manages organization-wide security systems. May also take on some of the tasks of a security analyst in smaller organizations.
Software Developer: Develops security software, including tools for monitoring, traffic analysis, intrusion detection, virus/spyware/malware detection, anti-virus software, and so on. Also integrates/implements security into applications software.
Cryptographer/Cryptologist: Uses encryption to secure information or to build security software. Also works as researcher to develop stronger encryption algorithms.
Cryptanalyst: Analyzes encrypted information to break the code/cipher or to determine the purpose of malicious software.
Security Officer: a high-level management for the entire information security division/staff. The position may include hands-on technical work.
Very Specialized Roles:
Intrusion Detection Specialist: Monitors networks, computers, and applications in large organizations, looking for events and traffic indicators that signal intrusion. Determines the damage caused by detected intrusions, identifies how an intrusion occurred, and recommends safeguards against similar intrusions. Also does penetration testing to identify vulnerabilities and recommend safeguards as preemptive measures.
Computer Security Incident Responder: A member of team that prepares for and mounts rapid response to security threats and attacks such as viruses and denial-of-service attacks.
Source Code Auditor: Reviews software source code to identify potential security issues and vulnerabilities that could be exploited by hackers to gain unauthorized access to data and system resources.
Virus Technician: analyzes newly discovered computer viruses, and designs and develops software to defend against them.
Penetration Tester (also known as Ethical Hacker or Assurance Validator): Not only scans for and identifies vulnerabilities, but exploits them to provide hard evidence that they are vulnerabilities. When penetration-testing, large infrastructures such as power grids, utility systems, and nuclear facilities, large teams of penetration testers, called Red Teams, are employed.
Vulnerability Assessor: Scans for, identifies and assesses vulnerabilities in IT systems including computers, networks, software systems, information systems, and applications software.