Careers in Cyber
Tasks
- Task 1 — Introduction
- Task 2 — Security Analyst
- Task 3 — Security Engineer
- Task 4 — Incident Responder
- Task 5 — Digital Forensics Examiner
- Task 6 — Malware Analyst
- Task 7 — Penetration Tester
- Task 8 — Red Teamer
- Task 9 — Quiz
Task 1 — Introduction
Cyber security jobs are growing fast and pay well. The field covers a wide range, from offensive work like pentesting to defensive work like incident response and forensics.
A few reasons to consider it: high starting salaries, genuinely interesting work, and more open positions than there are people to fill them.
This room walks through the main roles in the industry and points to learning paths for each one.
Task 2 — Security Analyst
Security Analysts monitor and protect an organisation’s network. They investigate alerts, write reports, and work with different teams to figure out what the company needs security-wise and how to improve it.
Responsibilities:
- Work with different teams to understand the security situation across the company
- Write regular reports on the state of the network, logging any issues and how they were handled
- Build security plans based on new attack trends and what each team needs to keep data safe
Task 3 — Security Engineer
Security Engineers build and maintain the systems that keep a company protected. They use data from analysts and other security staff to develop solutions against things like web attacks, network threats, and whatever new tactics attackers are coming up with.
Responsibilities:
- Test and check that security measures across software are actually working
- Monitor networks and reports to keep systems updated and fix vulnerabilities
- Figure out what security systems the company needs and put them in place
Task 4 — Incident Responder
Incident Responders are the ones who jump in when an attack is actually happening. It’s a high pressure role, decisions have to be made fast, in real time, while the incident is still unfolding.
Key metrics for this role are MTTD, MTTA, and MTTR. Mean time to detect, acknowledge, and recover from an attack. The faster those numbers are, the better.
Responsibilities:
- Develop and maintain a clear, actionable incident response plan
- Keep security best practices in place and support the response process during incidents
- Write post-incident reports and use what was learned to prepare for future attacks
Task 5 — Digital Forensics Examiner
If you like playing detective, this might be the role for you. Depending on where you work, you’re either helping law enforcement solve crimes by collecting and analysing digital evidence, or you’re working for a company investigating internal incidents like policy violations.
Responsibilities:
- Collect digital evidence while following legal procedures
- Analyse that evidence to find answers related to the case
- Document your findings and put together a report
Task 6 — Malware Analyst
Malware Analysts dig into suspicious programs to figure out what they do and how they work. The job is sometimes called reverse engineering because a big part of it is taking compiled programs and converting them back into readable code. It requires a solid programming background, especially in low-level languages like assembly and C.
Responsibilities:
- Carry out static analysis, reverse engineering the malicious program without running it
- Carry out dynamic analysis, running the malware in a controlled environment and observing what it does
- Document and report all findings
Task 7 — Penetration Tester
Penetration Testers, or pentesters, are basically ethical hackers. Their job is to try to break into a company’s systems before the bad guys do, finding vulnerabilities and exploiting them to show how much damage a real attack could cause. The company then uses that report to fix the issues.
Responsibilities:
- Test computer systems, networks, and web applications for vulnerabilities
- Perform security assessments and audits
- Report findings and recommend what needs to be fixed
Task 8 — Red Teamer
Red Teamers are similar to pentesters but with a more specific goal. Instead of just finding vulnerabilities, they simulate a full real-world attack, staying hidden, maintaining access, and seeing how well the company detects and responds. Assessments can run for up to a month and are usually done by an external team.
Responsibilities:
- Act like a real threat actor. Exploit vulnerabilities, maintain access, and avoid detection
- Test the company’s security controls, threat intelligence, and incident response
- Report findings with clear recommendations on what needs to improve
Task 9 — Quiz
The last task is just a short quiz that asks you a few questions and tells you which cyber security role fits you best based on your answers.