Discover which role is right for you

While a career in cybersecurity can be challenging, it's also extremely rewarding. The responsibilities of a cybersecurity professional may vary, but each role can be simplified into one function: protect a company's data from being compromised in an attack.

Team at laptop working

Here are some popular careers based on experience level:

Entry-Level Roles:

  • Systems engineer.
  • Systems administrator.
  • Web developer.
  • IT technician.
  • Network engineer.
  • Security specialist.

Mid-Level Roles:

  • Security technician.
  • Security analyst.
  • Incident responder.
  • IT auditor.
  • Cybersecurity consultant.
  • Penetration tester.

Advanced-Level Roles:

  • Cybersecurity manager.
  • Cybersecurity architect.
  • Cybersecurity engineer.
  • Chief information security officer.


Systems Security Analyst

This is usually the first job after finishing college for most people working in cyber security. Security analysts need to get to know the Information and Communications Technology (ICT) systems used by a business very well, analyse the potential weaknesses and explain to the business operator the costs of improving the systems or risking a cyber security attack. People typically spend two years in this role before moving to other more specific jobs in cyber security.

Entry-level postition

Two People looking at a monitor


Cyber Defence Incident Responder

Incident responders are the firefighters of the cybersecurity world. They are called in to fix the problem after a cyber security attack. Large companies usually have an incident responder within the company. They know the common attack methods and how to resolve them. They also work with other cybersecurity professionals such as Systems Security Analysts and penetration testers to understand the ICT systems and restore the normal functioning of the system after an attack. This is a more senior role requiring a lot of experience and understanding of ICT systems and cyber-attack methods.

Senior-level position

Work colleagues collaborating


Ethical Hacker

Also known as a penetration tester, pen tester for short, or a white hat hacker. There are 3 main types of hackers, white hat (hacking for good), grey hat (sometimes unethical but do not intend harm) and black hat (intend to harm the business/person). Ethical Hacking is not a typical entry-level role, so ethical hackers normally have some years' experience in the industry. The main character in Mr. Robot was a black hat hacker. Ethical hackers are authorised to hack into systems to test the weak points and report these to the business operator, it is illegal to do this without permission. Ethical hacking can include social engineering as part of the role, as most cyber security attacks involve human error. Social engineers test how people in the company can be manipulated to give access to systems (i.e. they hack people!). The most common form of social engineering you will know are phishing emails, but social engineers construct far more cunning and sophisticated attacks that involve a combination of methods. In the most successful cases victims are unaware of an attack having occurred.

Experienced-level position

Man working at laptop with headphones on


Cyber Crime Investigator

The Cyber Crime Investigators are the detectives of the cyber security world and will use digital forensic techniques to investigate a cyber-attack to understand what has been done and how, and also what group with attackers worked with. They have excellent knowledge of how operating systems work and will track the digital footprint of the attack. They can also investigate if an attempted attack has taken place. To support law-enforcement they will preserve the digital record of the attack and can restore deleted files as evidence.

Detective of Cyber Security

Team of women collaborating at desktop