The road to a cybersecurity career begins with a discovery of the various roles available. There are a diverse set of cybersecurity roles. Knowing what roles exist and which suit your skills and interests, provides you a goal to work towards as you transition to the Self-Education Phase of the Roadmap to a Cybersecurity Career.

The NICE Cybersecurity Workforce Framework is a very helpful resource to get an introduction to the wide breadth of specialties and roles in cybersecurity. The Framework’s 33 Specialty Areas and 52 Work Roles are grouped into seven high-level Categories of common cybersecurity functions. These Categories are:

Analyze

Performs highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.

Collect and Operate

Provides specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.

Investigate

Investigates cybersecurity events or crimes related to information technology (IT) systems, networks, and digital evidence.

Operate and Maintain

Provides the support, administration, and maintenance necessary to ensure effective and efficient information technology (IT) system performance and security.

Oversee and Govern

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.

Protect and Defend

Identifies, analyzes, and mitigates threats to internal information technology (IT) systems and/or networks.

Securely Provision

Conceptualizes, designs, procures, and/or builds secure information technology (IT) systems, with responsibility for aspects of system and/or network development.

What Specialty Areas would be interesting for cybersecurity aspirants? Here are a few highlights: 

• Cyber Defense Analysis

• Incident Response

• Vulnerability Assessment and Management

• Cyber Investigation

• Digital Forensics

• Program/Project Management (PMA) and Acquisition

• Legal Advice and Advocacy

While it’s a helpful resource, the NICE Cybersecurity Workforce Framework does have a bit of a federal government agency flavor to it. (There’s not much demand for Exploitation Analysts in private security.) It is a great starting point though.

You have to do your homework into cybersecurity specialties and roles. Getting a feel for the types of specialities is key. Once you better understand your cybersecurity interests, you can determine what to study.