🙌
Writeups
LearningLinkedIn
  • The Great Escape
  • Lookback
  • Outlook NTLM Leak
  • Year of the Fox
  • PS Eclipse
  • Eavesdropper
  • Tony the Tiger
  • Intro to Offensive Security
  • MD2PDF
  • Content Security Policy
  • Agent T
  • Introduction to Flask
  • Atlas
  • Bugged
  • Sigma
  • Intro to Cloud Security
  • Holo
  • CCT2019
  • Opacity
  • Empline
  • Phishing Emails 5
  • BlueTeam
  • Tempest
  • hackerNote
  • Watcher
  • CMesS
  • HA Joker CTF
  • OWASP Top 10 2021
  • Metasploit
  • Oh My WebServer
  • Road
  • Anonymous
  • Ollie
  • Training for New Analyst
  • Tokyo Ghoul
  • Dependency Management
  • KoTH Food CTF
  • Android Malware Analysis
  • Intro To Pwntools
  • AD Certificate Templates
  • CVE 2022 26923
  • Basic Static Analysis
  • Introduction To Honeypots
  • Intro to Pipeline Automation
  • Intro to Containerisation
  • ARP Spoofing
  • Mindgames
  • Brute Force Heroes
  • SQLMAP
  • Insekube
  • TakeOver
  • Boiler CTF
  • GoldenEye
  • Splunk 3
  • Tempus Fugit Durius
  • Warzone 1
  • OWASP API Security Top 10 2
  • Temple
  • AllSignsPoint2Pwnage
  • OWASP API Security Top 10 1
  • Secret Recipe
  • NoNameCTF
  • Binex
  • Jack
  • Tactical Detection
  • Jurassic Park
  • DX1 Liberty Island
  • Brute
  • Biblioteca
  • Napping
  • Kubernetes for Everyone
  • 0day
  • Osiris
  • Set
  • NoSQL injection Basics
  • Warzone 2
  • Atlassian, CVE 2022 26134
  • Jason
  • VulnNet: Roasted
  • VulnNet Internal
  • VulnNet Node
  • Brooklyn Nine Nine
  • Thompson
  • The Cod Caper
  • Neighbour
  • ColddBox Easy
  • Library
  • All in One
  • Poster
  • Gallery
  • Cat Pictures
  • Boogeyman 1
  • Corridor
  • Team
  • Ra 2
  • Advent of Cyber 2022
  • Bookstore
  • Intro to Malware Analysis
  • TheHive Project
  • Velociraptor
  • KAPE
  • Lunizz CTF
  • Linux Forensics
  • DFIR An Introduction
  • Benign
  • Cyborg
  • Year of the rabbit
  • Blaster
  • Easy Peasy
  • Couch
  • Chocolate Factory
  • REmux The Tmux
  • Spring4Shell
  • Dirty Pipe
  • OverlayFS
  • Pwnkit
  • CTF collection Vol.2
  • Gotta Catch'em All!
  • Break Out The Cage
  • Bolt
  • Source
  • AttackerKB
  • Intro to Defensive Security
  • Careers in Cyber
  • OSI Model
  • Packets&Frames
  • Extending Your Network
  • How websites work
  • Putting it all together
  • Operating System Security
  • Network Security
  • Security Operations
  • Network Services
  • Network Services 2
  • Active Directory Basics
  • Attacking Kerberos
  • Subdomain Enumeration
  • Authentication Bypass
  • IDOR
  • File Inclusion
  • Masterminds
  • SSRF
  • Command Injection
  • Cross site Scripting
  • Burp Suite Extender
  • Burp Suite Intruder
  • Surfer
  • Willow
  • Conti
  • Unattended
  • Tardigrade
Powered by GitBook
On this page

Was this helpful?

Careers in Cyber

PreviousIntro to Defensive SecurityNextOSI Model

Last updated 2 years ago

Was this helpful?

Cyber security careers are becoming more in demand and offer . There are many different jobs within the security industry, from offensive pentesting (hacking machines and reporting on vulnerabilities) to defensive security (defending against and investigating cyberattacks).

Why get a career in cyber:

  • High Pay - jobs in security have high starting salaries

  • Exciting - work can include legally hacking systems or defending against cyber attacks

  • Be in demand - there are over 3.5 million unfilled cyber positions

This room helps you break into cyber security by providing information about various cyber security roles; it also links to different learning paths that you can use to start building your cyber skills.

Answer the questions below

Let's start exploring the different roles in cyber security! No answer needed

Security Analyst

Responsible for maintaining the security of an organisation's data

Security analysts are integral to constructing security measures across organisations to protect the company from attacks. Analysts explore and evaluate company networks to uncover actionable data and recommendations for engineers to develop preventative measures. This job role requires working with various stakeholders to gain an understanding of security requirements and the security landscape.

Responsibilities

  • Working with various stakeholders to analyse the cyber security throughout the company

  • Compile ongoing reports about the safety of networks, documenting security issues and measures taken in response

  • Develop security plans, incorporating research on new attack tools and trends, and measures needed across teams to maintain data security.

Learning Paths

TryHackMe's learning paths will give you both the fundamental technical knowledge and hands-on experience, which is crucial to becoming a successful Security Analyst.

Read about what a security analyst does. No answer needed

Security Engineer

Security engineers develop and implement security solutions using threats and vulnerability data - often sourced from members of the security workforce. Security engineers work across circumventing a breadth of attacks, including web application attacks, network threats, and evolving trends and tactics. The ultimate goal is to retain and adopt security measures to mitigate the risk of attack and data loss.

Responsibilities

  • Testing and screening security measures across software

  • Monitor networks and reports to update systems and mitigate vulnerabilities

  • Identify and implement systems needed for optimal security

Learning Paths

TryHackMe's learning paths will give you both the fundamental technical knowledge and hands-on experience, which is crucial to becoming a successful Security Engineer.

Answer the questions below

Read about what a security engineer does. No answer needed

Incident Responder

Incident responders respond productively and efficiently to security breaches. Responsibilities include creating plans, policies, and protocols for organisations to enact during and following incidents. This is often a highly pressurised position with assessments and responses required in real-time, as attacks are unfolding. Incident response metrics include MTTD, MTTA, and MTTR - the meantime to detect, acknowledge, and recover (from attacks.) The aim is to achieve a swift and effective response, retain financial standing and avoid negative breach implications. Ultimately, incident responders protect the company's data, reputation, and financial standing from cyber attacks.

Responsibilities

  • Developing and adopting a thorough, actionable incident response plan

  • Maintaining strong security best practices and supporting incident response measures

  • Post-incident reporting and preparation for future attacks, considering learnings and adaptations to take from incidents

Learning Paths

TryHackMe's learning paths will give you both the fundamental technical knowledge and hands-on experience, which is crucial to becoming a successful Incident Responder.

Digital Forensics Examiner

If you like to play detective, this might be the perfect job. If you are working as part of a law-enforcement department, you would be focused on collecting and analysing evidence to help solve crimes: charging the guilty and exonerating the innocent. On the other hand, if your work falls under defending a company's network, you will be using your forensic skills to analyse incidents, such as policy violations.

Responsibilities

  • Collect digital evidence while observing legal procedures

  • Analyse digital evidence to find answers related to the case

  • Document your findings and report on the case

Malware Analyst

A malware analyst's work involves analysing suspicious programs, discovering what they do and writing reports about their findings. A malware analyst is sometimes called a reverse-engineer as their core task revolves around converting compiled programs from machine language to readable code, usually in a low-level language. This work requires the malware analyst to have a strong programming background, especially in low-level languages such as assembly language and C language. The ultimate goal is to learn about all the activities that a malicious program carries out, find out how to detect it and report it.

Responsibilities

  • Carry out static analysis of malicious programs, which entails reverse-engineering

  • Conduct dynamic analysis of malware samples by observing their activities in a controlled environment

  • Document and report all the findings

Penetration Tester

You may see penetration testing referred to as pentesting and ethical hacking. A penetration tester's job role is to test the security of the systems and software within a company - this is achieved through attempts to uncover flaws and vulnerabilities through systemised hacking. Penetration testers exploit these vulnerabilities to evaluate the risk in each instance. The company can then take these insights to rectify issues to prevent a real-world cyberattack.

Responsibilities

  • Conduct tests on computer systems, networks, and web-based applications

  • Perform security assessments, audits, and analyse policies

  • Evaluate and report on insights, recommending actions for attack prevention

Learning Paths

TryHackMe's learning paths will give you both the fundamental technical knowledge and hands-on experience, which is crucial to becoming a successful Penetration Tester.

Red Teamer

Red teamers share similarities to penetration testers, with a more targeted job role. Penetration testers look to uncover many vulnerabilities across systems to keep cyber-defence in good standing, whilst red teamers are enacted to test the company's detection and response capabilities. This job role requires imitating cyber criminals' actions, emulating malicious attacks, retaining access, and avoiding detection. Red team assessments can run for up to a month, typically by a team external to the company. They are often best suited to organisations with mature security programs in place.

Responsibilities

  • Emulate the role of a threat actor to uncover exploitable vulnerabilities, maintain access and avoid detection

  • Assess organisations' security controls, threat intelligence, and incident response procedures

  • Evaluate and report on insights, with actionable data for companies to avoid real-world instances

Learning Paths

TryHackMe's learning paths will give you both the fundamental technical knowledge and hands-on experience, which is crucial to becoming a successful Red Teamer.

  • Red Team Learning Path (coming soon)

[[Intro to Defensive Security]]

Answer the questions below

Design, monitor and maintain security controls, networks, and systems to help prevent cyberattacks

Identifies and mitigates attacks whilst an attackers operations are still unfolding

Responsible for using digital forensics to investigate incidents and crimes

Analyses all types of malware to learn more about how they work and what they do

Responsible for testing technology products for security loopholes

Plays the role of an adversary, attacking an organisation and providing feedback from an enemies perspective

Pre Security
Cyber Defense
Cyber Defense
JR Penetration Tester
Offensive Pentesting
Cyber Defense
JR Penetration Tester
Offensive Pentesting
JR Penetration Tester
Offensive Pentesting
high salaries
|300
|250
|250
|100
|300