5 cybersecurity career paths: A roadmap to your first role

You don't need to read typical AI-generated text to tell us the importance of cybersecurity “in today's ever-evolving digital landscape” (see what we did there?).

As a result, there is a high demand for professionals to fill specialized roles in cybersecurity, each requiring a particular set of skills (read with Liam Neeson's voice). 

While penetration testing may be the first thing that comes to mind when you think of cybersecurity, it’s not all about hacking—there are strategic cybersecurity positions, defensive roles, and so much more. 

To help you make an informed decision, let's explore five of the most popular cybersecurity career paths.

1. Cyber defense & analysis

Working within a security operations center (SOC), a cybersecurity analyst is responsible for defending an organization’s network. This means identifying threats and protecting systems against cyber attacks that involve unauthorized access, data theft, and disruptions to normal business operations.

An analyst's career path can take many directions and provide ample opportunities for success in the field. Often considered to be a good path for those new to the field even without any prior experience.

💡Recommended read: how to start a career in cybersecurity with no experience.

Jobs along this career path

This path is for you if:

• You think the devil's in the details (and you'll find it.)

• You have a strong logic and analytic sense.

• You have a natural talent for correlating information.

• You’re a problem solver.

Skills to develop:

• Cybersecurity fundamentals.

• Knowledge of security protocols.

• Network traffic analysis.

• Log analysis.

• Malware analysis.

• Communication skills.

• Threat hunting.

💡Related read: How to become a cybersecurity analyst.

2. Ethical hacking & testing systems

When talking about testing as a cybersecurity career, we refer to tasks that evaluate the security of computer systems, digital assets, and networks. Testers are responsible for identifying security gaps and weaknesses before the criminals do. 

They identify vulnerabilities and potential threats to an organization’s assets. This could involve testing network security, system access management, and application functionality, among other things.

This path is related to the popular term "ethical hacker" or "red teamer." Where cybersecurity professionals simulate real-world attacks on digital assets to identify vulnerabilities from the attacker's perspective.

3. Governance and risk management

Cybersecurity specialists in governance, risk, and compliance (GRC) ensure that organizations follow the best security practices and comply with international laws and regulations by planning and overseeing regular risk and vulnerability audits.

A career in cybersecurity governance and risk management involves taking care of an organization's overall security strategy. This includes planning cybersecurity policies, ensuring implementation, and evaluating effectiveness.

Jobs along this career path

This path is for you if:

• You're a natural leader.

• You have a strong sense of responsibility.

• You love to plan and strategize.

• Your favorite board game is Risk.

• Your favorite TV show is Law and Order.

Skills to develop:

• Organizational business processes and operations.

• Knowledge of cybersecurity laws, standards, and regulations like GDPR, PCI DSS, and ISO 27001.

• Risk management.

• Project management.

• Communication skills.

Entry requirements & common certifications

Cybersecurity core concepts and frameworks are fundamental to governance and risk management roles. You must be able to relate them to a structured cybersecurity strategy that aligns with industry regulations.

GRC is more than just check-the-box compliance. It's about identifying ways that the business can achieve its goals while meeting privacy and security goals.

 

Howard Poston, CISO, Qorra.

A typical entry-level job is a junior cybersecurity compliance consultant. It's common to see professionals from auditing job roles related to different areas, such as IT auditing, transition to cybersecurity GRC. 

While it's not mandatory to have a formal degree to follow a governance and risk management path, it can be beneficial to speed up your career. Having a degree in IT and getting industry-credible certifications can make for a solid foundation.

Common GRC certifications include: 

• Certified in Governance.

• Risk and Compliance (CGRC).

• Certified Information Systems Auditor (CISA).

• Certified in Risk and Information Systems Control (CRISC).

• Certified in Risk and Information Systems Control (CISSP).

4. Incident response & digital forensics

In the field of cybersecurity, it is not a question of if an incident will happen, but rather when it occurs. 

Jobs related to incident response involve preparing for cybersecurity incidents and jumping to action as soon as they happen.

Security professionals in this area develop detailed security protocols that outline procedures and assign responsibilities for handling unexpected situations. 

They may even conduct forensic investigations to identify the source and nature of incidents. If it comes to that, they work closely with law enforcement to gather evidence, making sure it's admissible in court. Elementary, my dear Watson.

💡Recommended read: A step-by-step guide to writing incident response reports (free template inside).

Jobs along this career path

This path is for you if:

• You work well under pressure.

• You love to plan and keep yourself organized.

• You're a problem solver.

• You love teamwork.

• You like to cosplay Sherlock Holmes (meaning you love to solve mysteries.)

Skills to develop:

• Soft skills like communication, collaboration, and working well under pressure.

• Fundamental computer and computer network concepts.

• Solid understanding of cybersecurity concepts, frameworks, and methodologies.

• Proficiency in incident responder and forensic tools like Endpoint detection and response (EDR), Intrusion Prevention Systems (IPS), Intrusion detection systems (IDR), and Security Orchestration and response tools (SOAR.)

Entry requirements & common certifications

To start a career in incident response, you must possess strong technical foundations and keep up with the latest attack techniques.

If you come from a technical or IT background, we recommend learning cybersecurity basics and becoming proficient in field-specific tools and methodologies like the NIST Incident Response Framework.

With no IT background, consider getting hands-on experience while learning foundational concepts. Working in an entry-level IT job such as a help desk or IT technician might be a speedy way to make a career change to an incident responder.

While some employers may prefer formal educational training, like a computer engineering or cybersecurity degree, this is not mandatory.

Recommended training and certifications:

• CompTIA's Security+.

• GIAC Certified Incident Handler (GCIH) or Certified Computer Forensics Examiner (CCFE).

• HTB Certified Defensive Security Analyst certification.

• SOC Analyst job-role path.

💡Take a comprehensive approach to incident handling by checking out the Incident Handling Process module on Hack the Box (HTB) Academy.

5. Cybersecurity engineering & operations

Cybersecurity engineers make sure the cybersecurity machine is up and running.

They design and engineer security systems, build and implement them, and monitor operations to ensure they align with the strategic security posture of the organization. 

Jobs along this career path

This path is for you if:

• You love playing with building blocks.

• You have a passion for technology.

• You love tailoring and configuring software to suit your needs.

• You like being responsible for the technical structure that keeps cybercriminals at bay.

Skills to develop:

• Solid understanding of cybersecurity concepts, principles, and frameworks.

• Collaboration and communication skills.

• Knowledge of cloud and on-premises infrastructures.

• Knowledge of operating systems and virtualization technologies.

• Networking and network security controls.

• Scripting and programming languages.

• Project management.

Author bio: Pedro Correia (g4rg4m3l), Cybersecurity Lead, Red Teamer, and Instructor at Code For All_ Pedro Correia is a cybersecurity professional with a strong commitment to both learning and teaching. He currently serves as a Cybersecurity Lead, Red Teamer, and Instructor at Code For All_. He oversees a specialized team focused on penetration testing and cybersecurity assessments, with years of experience in educating students from diverse backgrounds worldwide in the domains of cybersecurity and programming. He also creates content specializing in various cybersecurity domains under the alias of “Cybersecurity Paladin.” As a Hack The Box Ambassador, Pedro hosts meetups, showcases, and live hacking demonstrations, making cybersecurity concepts more accessible to a wider audience. You can find him on HTB as “g4rg4m3l.” Pedro has embarked on a self-imposed delusional mission to infiltrate every Active Directory environment. Join him on this crusade. Feel free to connect with him on LinkedIn.