Cybersecurity is becoming as one of the hottest job paths in tech. Demand is ever-increasing, but so is competition, as more and more IT workers look toward this attractive option. But, the cybersecurity career market can look like a maze with all kinds of rare niches. How do you choose the right cybersecurity specialization for you?
For this reason, we’ve made this brief guide to give you an idea of the main types of cybersecurity specialization, and how to know which is the best for you.
Red team: the crown of cybersecurity specializations
Of all the cybersecurity fields, pentesting is the most coveted. And for this reason, it’s also one of the hardest to get into as a pro. Yet, if you work hard work and never give up, it’s very possible to launch a great career in red teaming. Though blue team usually pays more and is less hard to get into, red team is the only choice for some people who are truly in love with hacking and want the thrill of breaking into real systems.
Networking and sysadmin experience are helpful to break into pentesting (no pun intended!), however, it’s kind of its own beast. If you want to get a feel for pentesting, there are two great ways to do so:
1. Play CTFs with realistic options, such as HackTheBox.
2. Study for, and then get, a well known cybersec cert, like OSCP.
There are also courses and tools that can help you learn the requisite skills. What’s great about pentesting is that it’s fun to learn about it. So even tho you might need years of study before you’re really ready for a proper, paid role, the journey is as enjoyable as the destination.
SOC Analyst: the beginner-friendly cybersecurity specialization
One of the most common complaints from job seekers is that it’s hard to land your first cybersecurity role. SOC analysis roles buck that trend, and are a great option if you have little security or even tech experience. In many ways, SOC analysis is the opposite of pentesting: easy to get into, but not necessarily very exciting or sought after.
Do you have a keen eye and enjoy scouring logs for possible clues? Maybe you think the logs below look like an intrigueing puzzle.
$ tail /var/log/apache2
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/Extranet/branches/SOW-101 HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/[xxxx]/trunk HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/[xxxx]/user=john&pass=iloveyou HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/Extranet/branches/SOW-101 HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/[xxxx]/trunk HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/[xxxx]/2.5 HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/[xxxx]/trunk HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/[xxxx]/trunk HTTP/1.1"
x.x.x.90 - - [13/Sep/2023 -0700] "/svn/[xxxx]/Extranet/branches/SOW-101 HTTP/1.1"
Entry level SOC jobs are common, and for those, it’s helpful to have a technical university degree. General certs like CCNA or Sec+ are also great, but not always required. Learning about networks and broad tech skills is always good, and can give you a leg up during interviews.
Security engineering
If you’ve worked in any of the jobs below, security engineering might be a good choice for you.
- Project manager
- DevOps
- Sysadmin
- IT manager
- Compliance auditing
Of course, if you worked as a PM but had no security training or even knowledge, you will want to sharpen up those skills before searching for a security engineering job. In the same vein, compliance auditing is extra helpful if you audited systems for something like SOC2.
A good metric for whether or not you’d thrive in this role would be to read out article on automating your own CTF solution, which you can read here: https://www.hackingloops.com/automate-your-own-ctf-solution/. If that kind of thing seems fun to you, you’d probably enjoy security engineering. If it seemed easy, even better.
Application security
Appsec is the best route for coders. If you have strong dev experience, you’ll find it easy to move into this role. In fact, coding knowledge is often better than outright security experience. Why? Since it’s easy to teach a developer about common app vulns, but much harder to teach a hacker how to create good code.
If you’re a software dev, you can transition to this role by learning about common vulns from sources like OWASP. Read bug reports from sites like HackerOne. Once you have a good grasp of what exploits are common in the wild, implement your own apps with these vulns and hack them. Blog about the experience of doing so.
When you’re ready, start bug bounty hunting and contributing patches to open source apps. Not only will you learn, you’ll also build a portfolio of contributions and accomplishments that you can show off when you talk with hiring teams. Appsec is not that easy to break into, but if you have strong coding skills, it can be a cake walk to get into to this fairly similar discipline.
Certs are less crucial in appsec, but learning more “obscure” parts of software development like cryptography, regular expressions, and SQL may be helpful.
Summary of cybersecurity specialization key concepts
You can learn more about all of the cybersecurity specializations and what requirements they have, you can go on job sites like Upwork. There, you can search for keywords like “cybersecurity” or “appsec” and see what clients ask for. Alternatively, you could go on Hacker News and check out the monthly hiring thread to see what opportunities are available. You could even reach out directly to a hiring manager and ask for tips, given your background and interests.
If none of the job types we listed above appeal to you, don’t fret! Plenty of other options exist. In fact, there is also a whole world of roles that are merely adjacent to cybersecurity. To name just a few random examples, we could look at any of the options below.
- Manager roles
- Digital forensics
- Compliance and standards
- And many more
In practice, of course, it would be hard to cover all of these sister fields. If you have a background that’s right for these roles, you’re likely already well aware of that. Still, look into the job market for your favorite cyber specialty and see what it would take to make your dreams come true.
Hopefully, this guide gives you an idea of what kind of background matches which specialization. As you try things out and move towards your goal, it will become more and more clear what kind of role is likely best for you. So never stop hacking!
Leave a Reply