united kingdom

Cyber Security Jobs

Incident and Threat Managers, Forensics Experts

One way or another, your job is right at the coal face. You might manage the security of your organisation’s network and keep attackers out. You may work for a company which tests other’s networks to assess their security and advise how to make them less vulnerable to attack. No-one is able to avoid all incidents, so you may also be an incident manager, able to respond quickly in a crisis and manage the impact. There may be difficult choices for the business to make. You will need to work with other managers who may not have your technical understanding of what has happened or what needs to be done to get systems back working but will know about the impact on the business if certain functions are stopped. You might need to do forensic analysis - to see how the attacker got in and what he did. Planning what to do to respond to different incidents, balancing all the different demands will be important to managing a crisis well and you are likely to be an important member of the business continuity planning team. There are some very technical jobs in this area examining new malware, working out countermeasures and much more. Plus, of course, it is not all on networks now as mobile devices are increasingly holding more data and carrying out functions previously only possible on a computer.

Risk Analysts and Managers

To do this you need to understand how different threats will impact on a business and advise about which risks to cover off and which to take. The Board will be listening to your advice and you will need to be able to explain the risks in non-technical language that shows the impact on business clearly. Some risk managers are non-technical and have come up through the business, others come from the technical side of the business. Some people are involved in the audit of networks and ensuring that compliance issues are understood and dealt with. One reply to our survey said that these people "go and speak to our clients about risk and compliance, explaining the law, any changes in legislation and identifying weakness and helping clients to comply".

Policy Makers and Strategists

These are the people who devise the security policies that will define how a company deals with lots of different security risks. Getting the policy right is a must for an organisation to meet its legal obligations. Getting people to implement policies means showing people why the policies matter and raising awareness of the potential consequences of not following advice. In the private sector you have CISOs (Chief Information Security Officers) leading this work often supported by a team. In Government there are ITSOs (IT security officers) and DSOs (Departmental security officers). The latter are responsible for physical, personnel and information security issues and the IT security officer usually reports to them.

Operations and Security Management

You may be responsible for protecting your organisation’s data on its networks, laptops or mobile devices. As we all chose different ways to work and the development of new technologies is creating new possibilities daily you will have to keep up to date. You may manage encryption and other protective measures like the rules on Firewalls, security logs and incident reporting.

Engineering, Architecture and Design

If you can get the design of a system right then you can make it tough for attackers to get in. But the situation changes daily and if you are to keep up you will need to run fast. You may be dealing with hardware or software, design and development or secure applications. You may be a talented secure software writer - too many of our coders in the past have been driven by the pressure of being first to market and have had insufficient awareness of security. You may design security tools or sell them. Sales and marketing is an essential part of the business.

Education, Training and Awareness

Training is an ongoing need for most of us in business nowadays. As new technologies come on line staff need to understand how to use them effectively to enable the business to survive and suceed securely so new risks are managed. The experts need to be kept up to date too so they understand new attack vectors, new ways of managing security, new ways of assessing and communicating risk. Some sales jobs are closely aligned to this work as they educate customers about what they need in their business. There are a number of training companies that deal with all levels of training and the best work hard to keep their material up to date. One of the respondents in our survey described his job as: "To raise awareness in Cyber Security related matters both internally and as a service to other organisations. To produce, accredit and provide Cyber Security training courses internally and to other organisations as a service".

Research

There are many areas of research, some highly technical and others much more policy orientated. Some create complex models to help us understand situations that are changing faster than we can comprehend without technical help. Others are thinking about the technologies of the future and how they may help us manage security better. Respondents to the survey described the jobs as "To investigate new technologies to manage risk and to learn to manage risk with new technologies. Most people in security research concentrate on the former, crypto, firewalls etc yet the latter, securing Internet 2.0 is far more important"; "Looking for the next ‘big thing’"; "Researching the way attacks are conducted in the real world. Tracking of various types of malware and how they change thereby making it possible to prevent major strikes against customers. Invent new products based on what is seen in the real world and work with developers to produce these products."

Lawyers specialising in advice and prosecution for Internet crime and data protection

Advice and prosecution of data security and Internet crime. It is not easy to prosecute the perpetrators of these crimes and companies need help to understand their responsibilities and to put the evidence together. Since the data losses of recent years there have been some significant changes in the law. For example organisations which don’t sufficiently look after people’s data on their systems may be fined up to 0.5million, so many want to have their security policies audited to ensure they are fit for purpose.