Forensic Computer Analyst
The forensic computer analyst is the detective of the cyber security world. Forensic computer analysts review computer-based information for evidence following a security breach or other incident. Tasks include handling hard drives and other storage devices and employing specialized software programs in order to identify vulnerabilities and recover data from damaged or destroyed devices. Forensic computer analysts must be sensitive to the security concerns of their employers or clients and follow closely all privacy procedures when dealing with financial and personal information. They must also keep detailed and accurate logs and records of their findings, which are often used in litigation.
Information Security Analyst
An information security analyst (ISA) is responsible for the protection of an organization's computer systems and networks. They plan and execute programs and other measures, including installing and using software for data encryption and firewalls. Additionally, ISAs help design and execute plans and methods for the recovery of data and systems following a cyberattack. ISAs must continuously stay on top of the latest industry trends and cyber threats, which involves researching new security technologies and networking with other professionals.
Penetration testing concerns the proactive authorized employment of testing techniques on IT infrastructures to identify system vulnerabilities. Simply put, penetration testers attempt to (with authorization) hack into computer and network systems to preemptively discover operating system vulnerabilities, service and application problems, improper configurations and more, before outside intruders have the opportunity to cause real damage. Penetration testers must be highly creative in their methods, often using testing tools of their own design, to "break into" the systems under scrutiny. Penetration testers are required to keep careful records of their activities and discovered vulnerabilities.
A Security architect is responsible for establishing and maintaining network security for his or her organization. Security architects work in all sectors of the economy for companies, government agencies, and nonprofits. They may be employees of companies or independent contractors. In addition to working on specific security systems, security architects develop and implement organization security policies and procedures for employees and others with access to computer, network and data systems. Security architects are responsible for the hands-on repair of issues raised in problem reports as well as analysis of breaches following security incidents. They typically work in an office environment on a full-time basis.
IT Security Engineer
Security engineering provides a specialized engineering approach to cyber security, specifically regarding the design of security systems to counter potentially catastrophic issues. Security engineers are often involved in systems maintenance, performing security checks to identify potential vulnerabilities, as well as keeping logs and developing automation scripts to track security incidents. To succeed as a security engineer, individuals must have strong math and communication skills and a solid working knowledge of computer operating systems and languages.
Security Systems Administrator
A security systems administrator's core responsibilities are quite similar to those of many other cyber security jobs: installing, administering, maintaining and troubleshooting computer, network and data security systems. The main distinction between security systems administrators and other cyber security professionals is that the security systems administrator is normally the person in charge of the daily operation of those security systems. Typical tasks include systems monitoring and running regular backups, and setting up, deleting and maintaining individual user accounts. Security systems administrators are additionally often involved in developing organizational security procedures.
IT Security Consultant
IT security consultants meet with clients to advise them on how to best protect their organizations' cyber security objectives efficiently and cost effectively. They are often hired by smaller companies and agencies that cannot afford to handle their security issues in-house, but are also employed by larger businesses to supplement their security teams and provide an unbiased outside perspective to current systems issues. Working as an IT security consultant can require long, flexible hours and often involves a fair amount of traveling to client business locations.