The Ultimate Cyber Security

Career Roadmap!
 Contents

02
Chapter
Introduction
01
Pg

Chapter
05 Reasons why you should choose Cyber Security as a full-
02 Pg

time career option?

Chapter
09 Career Paths in Cyber Security
03 Pg

Chapter
46 Top Cyber Security Companies
04 Pg

Chapter
47 List of Useful Resources to remain updated with Cyber
05 Pg

Security

Pg
51 Conclusion

1
Contents

The Ultimate Cyber Security Career Roadmap!

CHAPTER Introduction
#1 Cyber-attacks, security breaches, phishing scams, are some of the topics that make headlines almost every day.
That’s the reason, organizations all over the world, are betting big on cybersecurity. In addition to that, there are
also a few numbers that had played an important role in cybersecurity’s steep growth and wide impact, let’s have
a look at them:

In the last two years, with ever-increasing adoption

A report says, by 2021, damage costs
related to cybercrime is projected
to hit $6 trillion annually. The cost
associated with cybercrime can be
crippling to those companies who
have not made cybersecurity part of
their regular budget.
of Internet of Things (IoT), Cloud Computing and
Big data, we have generated almost ninety percent
By 2022, 75% of the projected popula-
of all existing data. Likewise, in 2020, there will be
tion of eight billion, will be using the
around a total of 40 zettabytes (40 trillion gigabytes)
internet. In other words, the human at-
of data. This is the data, cybersecurity professional
tack surface is exponentially growing.
work very hard to protect from cyber attackers.

These numbers are indicating that at work, at home and in the community, we need the next generation cybersecurity professionals
to take action to protect ourselves and our information.

2
Introduction

The Ultimate Cyber Security Career Roadmap!

 Can I enter the cybersecurity pro-

fession without any prior knowledge

RI,7RU&\EHUVHFXULW\ÀHOG"

Do I need to do a specialist
What skills I would require for
GHJUHHLQF\EHUVHFXULW\"
a career in the cybersecurity

ÀHOG"

The market for cybersecurity professionals is evident as the scenario above

QSFTFOUTBOFWFSCFGPSFTFFOEFNBOEGPSRVBMJmFEDZCFSTFDVSJUZQSPGFTTJPO-
als who can help organizations prevent data theft, system compromise, and
other security breaches.

But, on the other hand, if you’re looking to make your career in cybersecurity,
may have some questions in your mind.
For example-

3
Introduction

The Ultimate Cyber Security Career Roadmap!

 Do I need to learn loads of programming

WREHFRPHDF\EHUVHFXULW\SURIHVVLRQDO"

What are the best companies

How much a cybersecurity to work for as a cybersecurity
SURIHVVLRQDOHDUQV" SURIHVVLRQDO"

5IJTHVJEFXJMMIPQFGVMMZIFMQZPVUPmOEBOTXFSTUPUIFTFWBMJERVFTUJPOTBOE
set a career path for an interesting cybersecurity profession.

4
Introduction

The Ultimate Cyber Security Career Roadmap!

CHAPTER Reasons why you should choose Cybersecurity as a
#2 full-time career option?
Choosing a career path is a decision that impacts your whole future. Of course, it’s not easy and no one can
make that decision for you. However, the reasons are given below-why you should choose cybersecurity as a
full-time career options- are some pointers that can help you make the right decision.

Effectively 0% unemployment

There is no denying that companies are betting high on cybersecurity and the demand for cybersecurity professionals is on a rise.
However, there is presently a tremendous, problematic shortage of such qualified professionals and the gap between their demand
and supply is sizeable.

Cybersecurity Ventures, in their Cybersecurity Jobs Report, predict that there will be 3.5 million cybersecurity job openings by
2021. According to NASSCOM (The National Association of Software and Services Companies), due to the unprecedented rise in the
number of cyber attacks, India alone will need 1 million cybersecurity professionals by 2020.

So, if you are properly trained on the latest technologies & methodologies in the field of Cyber Security, finding a job working in cy-
bersecurity is probably a lot easier than in many other fields.

Reasons why you should choose Cybersecurity as a full-time career option?

5 The Ultimate Cyber Security Career Roadmap!

 Sky-high salaries

Organizations, around the globe, has realized the sheer importance of cybersecurity and are looking for experts who can protect their
systems from cybercriminals. The organizations are willing to pay high salaries, thanks to the increasing demand for talent.

This is the right time to upskill for anyone who wants to start a career in cybersecurity as the opportunities are endless and salaries
are sky high.

Cyber Security has something for everyone

“You need loads of program-

ming or technical expertise to

You may have heard some myths around cybersecurity career like
enter cybersecurity field”

Well, all these myths are really myths because the cybersecurity
profession has something for everyone. “I’m bad at math, so I’ll not
“To be a cybersecurity profes-
have a successful cybersecuri-
sional requires a nerd mind”
ty career.”

Reasons why you should choose Cybersecurity as a full-time career option?

6 The Ultimate Cyber Security Career Roadmap!

Many people think of cybersecurity professional as a nerd. But, most of the cybersecurity professionals, in their career span, never
touch a line of code or configure a server.

Moreover, there are many career paths in cybersecurity that don’t require you to be a technology expert or a programmer. The career paths in-
clude threat intelligence, legal regulatory compliance, business analyst, etc.

:PVDBOIBWFBTVDDFTTGVMDBSFFSJODZCFSTFDVSJUZFWFOJGZPVFOUFSGSPNBmFMEPVUTJEFPG*5

The world is your oyster

With the advancements in the field of IoT (internet of things), Big Data,
Automation, Cloud Computing, and Edge Computing, there are a vari-
ety of opportunities available for cybersecurity professionals in several
industries around the world. The gates are wide open for cybersecuri-
ty professionals because who don’t want to secure themselves on the
digital front?

Reasons why you should choose Cybesecurity as a full-time career option?

7 The Ultimate Cyber Security Career Roadmap!

A career that helps make the world be a better place

The salary is a perk, but most of the people are fascinated by this profession because they feel they are doing something good to make
the world be a better place. In their whole career, everything that the Cyber Security professionals do at work is intended to make the
world a better place, to bring goodness to the world. Most cybersecurity professionals have dedicated their careers protecting inno-
cent people against a variety of cyber-attacks that to compromise their confidentiality, availability, and integrity.

You’ll always be learning something new!

If you want to constantly learn new things, cybersecurity field would be the right choice for you. It is because the ecosystem is chang-
ing all the time, it is imperative for a cybersecurity expert to keep pace with the latest from the world of cyber-threats.

Moreover, as the state of technology will evolve, the cybersecurity professional’s work will have to evolve with it and their skills will
need to adapt.

Reasons why you should choose Cybesecurity as a full-time career option?

8 The Ultimate Cyber Security Career Roadmap!

 Career Paths in Cyber Security
CHAPTER
So, are you ready to get started in this high-paying, fast-growing career?
#3
Since cybersecurity as a profession has a wide scope, there are so many career paths you can walk to have a
bright career in cybersecurity. Let’s start exploring the top 10 of them:

Security Architect

Outsmart Online Criminals by De-

signing Tough-to-Crack Security

Systems

If creating bigger picture strategies for organizations is your forte or you are enthusiastic about problem-solving, then you should be
looking at the Security Architect career path.

A security architect is meant to plan, research, design, build, and implement the network and security for the organization. They are
responsible for developing complex security architectures and ensuring that the technical specifications of those architectures are
secure.

Security architecture is also responsible for performing Vulnerability testing, security assessment, and risk analysis.

Information Security Architect, Information Systems Security Architect are some similar job roles as “Security Architect”.

9
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Architect Salaries
$

According to Payscale.com, the median salary for a Security Architect in India is around ₹20 lacs per annum. Whereas, in the United
States, it’s around $121,000 per annum.

Skills required to become a Security Architect

Technical Skills

To land a job as a Security Architect, having knowledge of following technical skills should prove useful:

You should have knowledge about frameworks like ISO 27001/27002, ITIL, and COBIT.

You should be comfortable working with both Windows and Unix like operating systems.

5IFXPSLJOHLOPXMFEHFPGWBSJPVTTFDVSJUZDPOUSPMTTVDIBTmSFXBMMT *%4*14 /FUXPSL"DDFTT$POUSPMBOE/FUXPSL4FHNFOUBUJPO JTWFSZ

necessary.

:PVTIPVMEIBWFHSFBULOPXMFEHFBCPVUOFUXPSLJOHTFDVSJUZDPODFQUTTVDIBTXJSFMFTTTFDVSJUZ %/4 3PVUJOH 4XJUDIJOHBOE7-"/T

TFDVSJUZ 71/ 1SPYZTFSWJDFT %%04NJUJHBUJPOUFDIOPMPHJFT

:PVTIPVMELOPXIPXUPEFmOF EFWFMPQBOENBJOUBJO/FUXPSL4FDVSJUZ"SDIJUFDUVSF

10
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Soft Skills

As the role of a Security Architect is a managerial role, a person wants to pursue this career path should be comfortable with his/her
oral, teaching as well as communication skills. In the same regard, the person should have leadership skills also because a Security
Architect will be required to manage a lot of team members who may change and vary over time.

Got panic because you don’t have effective communications skills! Don’t panic, there are lots of creative tutorials to sharpen your
verbal and written communication skills.

11
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 &HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ6HFXULW\$UFKLWHFW-RE

To hire one, at this managerial position, the employer will be looking for advanced security certifications from accredited bodies. The
following list provides you the essential certifications that one should think of for Security Architect job:

$FSUJmFE*OGPSNBUJPO4ZTUFNT4FDVSJUZ1SPGFTTJPOBM(CISSP)

Information Systems Security Architecture Professional(CISSP-ISSAP)

$FSUJmFE*OGPSNBUJPO4FDVSJUZ.BOBHFS(CISM)

$FSUJmFE&UIJDBM)BDLFS(CEH)

$FSUJmFE4$"%"4FDVSJUZ"SDIJUFDU(CSSA)

GIAC(GSEC / GCIH / GCIA

4FDVSJUZ$FSUJmDBUJPOT

12
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Consultant

Advise and Implement Security

Solutions

A security consultant is responsible to assess all the cybersecurity risks and determining better ways to protect the organization’s
data, network and all the information systems from all possible risks. They also advise clients on how to protect their organization’s
cybersecurity objectives, best efficiently and cost-effectively.

Information Security Consultant, Computer Security Consultant, Database Security Consultant, and Network Security Consul-
tant are some other titles that could be classified as a “Security Consultant”.

13
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Consultant Salaries
$

According to Payscale.com, the median salary for a Security Consultant in India is around ₹8 lacs per annum. Whereas, in the United
States, it’s around $85,000 per annum.

Skills required to become a Security Consultant

Technical Skills

Technical knowledge is paramount for the one who is looking to land a job as a Security Consultant. Followings are some technical
skills employers are seeking in candidates:

You should know how to use and implement Intrusion Detection (IDS) or Intrusion Prevention System (IPS).

It is required that you should understand the performance tuning views, indexes, SQL and PLSQL.

You should have knowledge about frameworks like ISO 27001/27002, ITIL, and COBIT.

&YQFSJFODFXJUIDPNNPODPNQMJBODFBTTFTTNFOUTMJLF1$* )*1"" /*45 (-#"BOE409JTWFSZOFDFTTBSZGPSBTFDVSJUZDPOTVMUBOU

:PVTIPVMEIBWFHSFBULOPXMFEHFBCPVUOFUXPSLJOHTFDVSJUZDPODFQUTTVDIBT4VCOFUUJOH %/4 7P*13PVUJOH 4XJUDIJOHBOE7-"/T

TFDVSJUZ 71/

14
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 You should be aware of Advanced Persistent Threats (APT), Social Engineering and various methods used for phishing in order to protect
the organization’s system and network from cyber attack.

Soft Skills

As a Security Consultant, you’ll be working with many security teams within the organization and talking to the client also. So, it goes
without saying that excellent communication skills, negotiation skills, and leadership skills are going to be useful. Problem-solving
skills along with some creative traits would be a bonus.

&HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ6HFXULW\&RQVXOWDQW-RE

Before hiring you as a Security Consultant, an employer may require proof of IAPSC (International Association of Professional Security
Consultant) membership. So, you need to know about IAPSC.

In addition, the following list provides you the some of the suggested certificates that’ll be very useful for Security Consultant job re-
quirements:

0GGFOTJWF4FDVSJUZ$FSUJmFE1SPGFTTJPOBM (OSCP)

$FSUJmFE4FDVSJUZ$POTVMUBOU(CSC)

$FSUJmFE1SPUFDUJPO1SPGFTTJPOBM (CPP)

15
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 $FSUJmFE&UIJDBM)BDLFS(CEH)

Physical Security Professional (PSP)

(*"$4FDVSJUZ$FSUJmDBUJPOT

$FSUJmFE*OGPSNBUJPO4ZTUFNT4FDVSJUZ1SPGFTTJPOBM(CISSP)

*OBEEJUJPOUPUIFTFDFSUJmDBUJPOT ZPVOFFEIBOETPOMFBSOJOHUPHFUFYQFSUJTFPOUIFBCPWFNFOUJPOFEUFDIOJDBMTLJMMT

.BTUFS$FSUJmDBUFJO$ZCFS4FDVSJUZ 3FE5FBN
UIFPOMZ$ZCFS4FDVSJUZDFSUJmDBUJPOQSPHSBNJO*OEJBPO0GGFOTJWF5FDIOPMPHJFT GSPN.BOJQBM
1SPMFBSO QSPWJEFTZPVTJNVMBUJPOCBTFEMFBSOJOHPOMBUFTUUFDIOPMPHJFTNFUIPEPMPHJFTJOUIFmFMEPG$ZCFSTFDVSJUZ8IBUTNPSF UIJTQSPHSBN
QSFQBSJOHMFBSOFSTGPSQSFTUJHJPVT04$1DFSUJmDBUJPO

16
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Penetration Tester/
Ethical Hacker

Hack and Protect Computer Sys-

tems for Good

If your mindset is both, technical as well as a business also, then this career path is well-suited for you.

The role of a penetration tester is sometimes referred to as ‘ethical hacker’ because they must think like a hacker while testing an or-
ganization’s network for vulnerabilities. Penetration testers use tools or simulators to replicate a real-life scenario to uncover security
loopholes. They are also responsible for designing newer penetration tests or tools.

Ethical Hacker and Assurance Validator are two common terminologies used for the same job functionalities like the “penetra-
tion tester” job.

17
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Penetration Tester Salaries
$

According to Payscale.com, the median salary for a Penetration Tester in India is around ₹5 lacs per annum. Whereas, in the United
States, it’s around $82,000 per annum.

Skills required to become a Penetration Tester

Technical Skills

A penetration tester is expected to perform several tasks such as security audit, developing code, automating security, reverse engi-
OFFSJOH5IBUTUIFSFBTPOUIFZTIPVMEIBWFHPPELOPXMFEHFPG04 /FUXPSLJOHQSPUPDPMTBOE4ZTUFNTPGUXBSF)FSFBSFTPNFUFDI-
nical skills a penetration tester must have:

A penetration tester should be comfortable working with both Windows and Unix like operating systems.

The candidate should have a solid knowledge of programming languages like C, C++, Java, C#, PHP, and Perl.

"DBOEJEBUFTIPVMEIBWFBXPSLJOHLOPXMFEHFPGOFUXPSLTDBOOJOHUPPMTTVDIBT/FTTVT /NBQ #VSQ4VJUF FUD

:PVTIPVMEIBWFLOPXMFEHFBCPVUGSBNFXPSLTMJLF*40 /*45 )*11" 409

He/she must have experience with some forensic tools.

18
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 As penetration testers are expected to attack different systems and platforms, solid knowledge of both hardware & software system is highly
recommended.

Soft Skills

Soft skills, an organization is looking in their penetration testers are creativity, problem-solving and analytical thinking. In addition to
the amount of paperwork, a penetration tester will have to talk to people very often. That’s the reason, again, oral and communication
skills are two other biggies.

&HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ3HQHWUDWLRQ7HVWHU-RE

Following is a list of some great certifications that could help greatly in your job as a Penetration tester, and could give you a push in
your career:

In addition, the following list provides you the some of the suggested certificates that’ll be very useful for Security Consultant job re-
quirements:

0GGFOTJWF4FDVSJUZ$FSUJmFE1SPGFTTJPOBM(OSCP)

$FSUJmFE1FOFUSBUJPO5FTUFS(CPT)

$FSUJmFE&UIJDBM)BDLFS(CEH)

19
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 ($*)(*"$$FSUJmFE*ODJEFOU)BOEMFS

(1&/(*"$1FOFUSBUJPO5FTUFS

GWAPT: GIAC Web Application Penetration Tester

($'&(*"$$FSUJmFE'PSFOTJD&YBNJOFS

($'"(*"$$FSUJmFE'PSFOTJD"OBMZTU

$FSUJmFE3FWFSTF&OHJOFFSJOH"OBMZTU(CREA)

$FSUJmFE$PNQVUFS'PSFOTJD&YBNJOFS (CCFE)

20
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Auditor

Find the Weak Spots in a Security

System Before Criminals do

A security auditor is tasked with keeping a record of the safety and effec-
tiveness of an organization’s computer systems and their related security
components (for example IT procedures). Security auditor is responsible
for the planning and execution of security audits across an organization.
It’s all about analysis and documentation hence, once completing a secu-
rity audit, security auditor will be supposed to prepare a detailed report,

Mentioning the effects of computer systems & their related security

components,
Explaining any security issues,
Suggesting changes and improvements.

Information security Auditor, Information Systems Auditor, IA Auditor,

and IT Auditor, are some other names by which Security Auditors are
known.

21
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Auditor Salaries
$

According to Payscale.com, the median salary for a Security Auditor in India is around ₹6 lacs per annum. Whereas, in the United
States, it’s around $62,000 per annum.

Skills required to become a Security Auditor

Technical Skills

Followings are some technical skills that an employer would like to see in their potential security auditor:

A Security Auditor should be comfortable working with both Windows and Unix like operating systems.

The candidate should have a solid knowledge of programming languages like C, C++, Java, C#, PHP, and Perl.

"DBOEJEBUFTIPVMEIBWFBXPSLJOHLOPXMFEHFPGOFUXPSLTDBOOJOHUPPMTTVDIBT/FTTVT /NBQ #VSQ4VJUF FUD

You should have great knowledge about frameworks like ISO 27001/27002, ITIL, COBIT.

A Security Auditor must know to work with data analysis software programs such as ACL, IDEA, etc.

"4FDVSJUZ"VEJUPSNVTULOPXUPXPSLXJUIBVEJUJOHBOEOFUXPSLEFGFOTFUPPMTTVDIBT'JEFMJT "SD4JHIU /JLTVO 8FCTFOTF 1SPPGQPJOU 

BlueCoat, etc.

22
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 You should have practical knowledge of MSSQL and ORACLE.

Soft Skills

As Security Auditor prepare audit reports and provide recommendations for the organization’s systems, he/she must have very good
oral and communication skills along with good command over grammar.

&HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ6HFXULW\$XGLWRU-RE

Following is the list of three great certifications that one should gain before considering Security Auditor job:

$FSUJmFE*OGPSNBUJPO4ZTUFNT"VEJUPS (CISA)

$FSUJmFE*OGPSNBUJPO4FDVSJUZ.BOBHFS (CISM)

$FSUJmFE*OGPSNBUJPO4ZTUFNT4FDVSJUZ1SPGFTTJPOBM (CISSP)

23
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Software
Developer
Develop Secure Software Tools &

Company-Wide Software Security

Strategy

A security software developer does one of the following two things:

Developing security software: In this, the security software developer will create new tools & systems for virus/spyware/mal-
ware detection, intrusion detection, traffic analysis, etc.

Integrating security into application software: Here, during software design and development, the security software developer
will be integrating security into application software. He/she will be ensuring that security measures are “baked-in” to every software
that the organization produces.

Security software developers also are known as programming guru. Like Security Auditor, the security software developer’s job also
involves auditing, testing, and documentation.

Cyber Developer, Security Developer, and Security Software Engineer are some equivalent positions of Security Software De-
veloper job role.

24
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Software Developer Salaries
$

According to Payscale.com, the median salary for a Security Auditor in India is around ₹7 lacs per annum. Whereas, in the United
States, it’s around $73,000 per annum.

Skills required to become a Security Software Developer

Technical Skills

The biggest part of the job of Security Software Developer is programming. Followings are some technical skills that most employers
look for when selecting between potential Security Software Developer candidates:

A Security Software Developer should be comfortable working with both operating systems, Windows as well as Unix.

The candidate should have a solid knowledge of programming languages like C, C++, Java, C#, PHP, ASM, and Perl, Python.

5IFDBOEJEBUFNVTUCFQSPmDJFOUJO*1TFDVSJUZEPNBJOBOEOFUXPSLJOHQSPUPDPMTMJLF5$1*1

"DBOEJEBUFTIPVMEIBWFXPSLJOHFYQFSJFODFXJUI9.- 8FC4FSWJDFT BOE"+"9

Security Software Developer should have experience working with RDBMS such as SQL, MySQL, and SQLite, etc.

The candidate having knowledge of cloud computing or having working experience in cloud computing will have an extra edge.

25
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Soft Skills

Security Software Developer leads the development team to ensure secure software development, and he/she often meet the client.
So, for all these reasons a Security Software Developer must have,

Good oral & communication skills,

Leadership skills

Problem-solving skills

The ability to work under pressure and meeting tight deadlines.

26
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 &HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ6HFXULW\6RIWZDUH'HYHORSHU-RE

Following is the list of some of the most important certificates that could ensure you to get a high salary and better opportunities in the
Security Software Developer career path:

&$$PVODJM$FSUJmFE4FDVSF1SPHSBNNFS (ECSP)

$FSUJmFE4FDVSF4PGUXBSF-JGFDZDMF1SPGFTTJPOBM(CSSLP)

GIAC Secure Software Programmer-Java (GSSP-JAVA)

(*"$$FSUJmFE8FC"QQMJDBUJPO%FGFOEFS(GWEB)

(*"$4FDVSF4PGUXBSF1SPHSBNNFS/&5 (441/&5

$FSUJmFE&ODSZQUJPO4QFDJBMJTU (CES)

27
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Manager

Keep Systems Secure with help

from an expert team

Security Manager or an information security manager is responsi-

ble for managing an organization’s IT security in every sense of the
word. Everything, developing any security strategies, getting the
security policy implemented within the enterprise, or even holding
training for the employees, is his responsibility.

Security Manager manages a diverse team of security administra-

tors, analysts and IT professionals. He must know how to convey
the knowledge to stakeholders and non-technical executives.

Information Systems Security Manager, Information Security

Manager, IT Security Manager, Systems/Applications Securi-
ty Manager, Security Manager (Systems/Applications/Informa-
tion), are some of the similar job roles as of security manager.

28
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Security Manager Salaries
$

According to Payscale.com, the median salary for a Security Manager in India is around ₹9 lacs per annum. Whereas, in the United
States, it’s around $112,000 per annum.

Skills required to become a Security Manager

Technical Skills

To be an Information Security Manager, the candidate should be comfortable with programming, architecture aspects, and IT security
matters. Followings are some technical skills that most employers look for when selecting between potential Security Manager candi-
dates:

A Security Manager should be comfortable working with both operating systems, Windows as well as Unix.

The candidate should have a solid knowledge of programming languages like C, C++, Java, C#, PHP, ASM, and Perl, Python.

:PVTIPVMEIBWFHSFBULOPXMFEHFPGOFUXPSLJOHJTTVFTTVDIBT3PVUJOH %/4 5$1*1 4XJUDIJOH GSPNUIFQFSTQFDUJWFPGTFDVSJUZ

"DBOEJEBUFTIPVMEIBWFXPSLJOHFYQFSJFODFXJUI9.- 8FC4FSWJDFT BOE"+"9

The security manager should also have experience working with RDBMS such as SQL, MySQL, and SQLite, etc.

29
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 A candidate must know about secure hacking and its practices.

Candidate should have some experience with ethical hacking as well as threat modeling.

An employer does not really require the candidate to be deeply aware of all the above technical skills, but he wants him to understand the con-
cepts of all these topics very well.

Soft Skills

The security manager is a linkage between the upper management and the technical staff so good soft skills are very essential in or-
der to satisfy the needs of both sides. A perfect security manager possesses the following soft skills:

Excellent oral and communication skills

Interpersonal skills

Process-oriented thinking

Creative thinking

Multitasking

30
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 &HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ6HFXULW\0DQDJHU-RE

Following is a list of some great professional certifications suitable for the position of Security Manager:

$FSUJmFE*OGPSNBUJPO4FDVSJUZ.BOBHFS (CISM)

$FSUJmFE*OGPSNBUJPO4ZTUFNT4FDVSJUZ1SPGFTTJPOBM (CISSP)

Information Systems Security Management Professional (CISSP-ISSMP)

GIAC Security Leadership (GSLC)

31
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Forensic Expert

Protect the Cyber World and Assist

Law Enforcement

A forensic expert is like a digital detective who is investigating traces of complex cybercrimes. Forensic experts’ main responsibility
is to harvest and analyze evidence from computer systems, networks and other forms of data storage devices.

32
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

Apart from technical skills, a forensic expert must know about evidence handling and the law. He/she must compile evidence for legal
cases, need to draft technical reports, write declarations, prepare evidence for trial, give expert counsel to attorneys about electronic
evidence in a case and advise law enforcement on the credibility of acquired data.

Information Security Crime Investigator, Computer Forensic Engineer, Digital Crime Specialist, Computer Forensic Investiga-
tor, Computer Forensic Specialist, Computer Forensic Analysts, Computer Forensic Examiner are some other titles that could
be classified as a “Forensic Expert”.

Forensic Expert Salaries

$

According to Payscale.com, the median salary for a Forensic Expert in India is around ₹5.5 lacs per annum. Whereas, in the United
States, it’s around $71,000 per annum.

Skills required to become a Forensic Expert

Technical Skills

Followings are some technical skills that most employers looks for when selecting between potential Forensic Expert candidates:

A Forensic Expert should have the working experience with technologies used for backing up information and archiving.

,OPXMFEHFPGF%JTDPWFSZUPPMTTVDIBT/6*9 3FMBUJWJUZ $MFBSXFMM FUD

33
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 You should have good knowledge of cryptography and its modern techniques.

You must be aware of the processes taken to handle evidence.

Knowledge of both aspects, software, and hardware, is mandatory.

A forensic Expert should be comfortable working with both operating systems, Windows as well as Unix.

The candidate having knowledge of cloud computing or having working experience in cloud computing will have an extra edge.

Soft Skills

A forensic expert must have the ability to think like an actual criminal. He/ she must be curious about how a computer works and how
people behave. You are supposed to convey your ideas and extracted evidence to other colleagues as well as lawyers and clients,
so you must need good oral and communication skills.

34
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 &HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ)RUHQVLF([SHUW-RE

Following is the list of some most important certificates that could ensure you to get a high salary and better opportunities in the Fo-
rensic Expert career path:

&O$BTF$FSUJmFE&YBNJOFS (EnCE)

(*"$$FSUJmFE'PSFOTJD&YBNJOFS (GCFE)

(*"$$FSUJmFE'PSFOTJD"OBMZTU(GCFA)

$FSUJmFE$PNQVUFS'PSFOTJDT&YBNJOFS(CCFE)

35
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Vulnerability
Assessor

Spot System Vulnerabilities and

Create Solutions

A vulnerability assessor identifies vulnerabilities or critical flaws by scanning applications and systems. Generally, a vulnerability as-
sessment is conducted for networks, applications, and operating systems. They also develop, test, and modify custom scripts and
applications for vulnerability testing.

'PSSFEVDJOHUJNFDPOTVNJOHUBTLT 7VMOFSBCJMJUZBTTFTTPSNPTUMZVTFTTPNFBVUPNBUFEUPPMT MJLF/FTTVT5IFZVTFNBOVBMUFTUJOH

techniques and methods as well to gain a better understanding of the environment.

What’s more, they need to present their findings in a comprehensive, prioritized list, called the Vulnerability Assessment. Organiza-
tions use this report as a blueprint for improvements.

The term “Vulnerability Assessor” has a host of pseudonyms, such as Vulnerability Assessment Analyst, Vulnerability Re-
searcher, Cyber Assessor, Security Assessor, Security Control Assessor, and Software Assurance Assessor.

36
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Vulnerability Assessor Salaries
$

According to Payscale.com, the median salary for a Security Expert with Vulnerability Assessment skills in India is around ₹6 lacs per
annum. Whereas, in the United States, the salary of Vulnerability Assessor/ Security Assessor is around $102,000 per annum.

Skills required to become a Vulnerability Assessor

Technical Skills

Followings are some general technical skills a vulnerability assessor should have:

5IFDBOEJEBUFNVTUCFQSPmDJFOUJO*1TFDVSJUZEPNBJOBOEOFUXPSLJOHQSPUPDPMTMJLF5$1*1

:PVTIPVMEIBWFHSFBULOPXMFEHFBCPVUGSBNFXPSLTMJLF*40 /*45 )*11" 409 FUD

The candidate must be familiar with security tools such as AppScan, Fortify, etc.

As this job role requires network assessment and application, you don’t need to be a hard-core programmer.

Working knowledge of the Metasploit framework will give the candidate an extra edge.

37
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Soft Skills

For the job role of Vulnerability, assessor company wants a candidate to be creative, curious enough and problem-solving. Vulnera-
bility Assessors should think of the system as their prey to exploit and attack.

In addition to that, the candidate should pay attention to the slightest details and have a puzzler’s brain.

&HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ9XOQHUDELOLW\$VVHVVRU-RE

Following is the list of some of the most important certificates that could ensure you to get a high salary and better opportunities in
Vulnerability Assessor career path:

$FSUJmFE7VMOFSBCJMJUZ"TTFTTPS (CVA)

$FSUJmFE*OGPSNBUJPO4ZTUFNT4FDVSJUZ1SPGFTTJPOBM(CISSP)

0GGFOTJWF4FDVSJUZ$FSUJmFE1SPGFTTJPOBM(OSCP)

38
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Incident
Responder

Prevent and Protect

Against Threats

An Incident Responder, also known as CSIRT (Computer Security Incident Response Team) Engineer, is a cyber firefighter. His/her
main role is to rapidly address security incidents and threats within an organization. He/she will play the role as a first responder. An
incident responder also creates a program development plan that includes security gap assessments, policies, procedures, play-
books, training, and tabletop testing.

Even if the roles of an incident responder and forensic expert are gradually merging but, the responsibilities of IR can be more immedi-
ate than that FE. An incident responder may be engaged in penetration testing & auditing, intrusion detection, and crisis handling.

Equivalent job titles for “Incident Responder” are Computer Security Incident Response Team (CSIRT) Engineer, Cyber Inci-
dent Responder, Incident Response Engineer, Cyber Security Incident Responder, and Computer Network Defense (CND) Inci-
dent Responder.

39
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Incident Responder Salaries
$

The median salary for IT Incident response Manager is around ₹7 lacs per annum. Whereas, in the United States, it’s around $80,000
per annum.

Skills required to become an Incident Responder

Technical Skills

Employers expect an incident responder to understand their systems from inside out and being able to identify the potential security
flaws in that. The tech giants like Google, also look carefully for forensics skills in an incident responder candidate. Followings list at-
tempts to give you an overview of some general technical skills an incident responder should have:

An incident responder must have the knowledge of main security concepts and applications in order to deal with web-based applications
used by the organization.

5IFDBOEJEBUFNVTUCFQSPmDJFOUJO*1TFDVSJUZEPNBJOBOEOFUXPSLJOHQSPUPDPMTMJLF5$1*1

:PVTIPVMECFQSPmDJFOUJOXPSLJOHXJUIFOUFSQSJTFTUPPMTGPSTZTUFNNPOJUPSJOHBOE4FDVSJUZ*OGPSNBUJPOBOE&WFOU.BOBHFNFOU 4*&.


Having good knowledge of cloud computing would be an extra advantage to the candidate looking for an Incident Responder job.

40
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

Apart from the above technical skills, the candidate should have the knowledge of both Windows & Unix OS and solid knowledge of
both software and hardware aspects of the computer.

Soft Skills

You don’t know when a security incident is going to happen, that’s why for the incident respondent role, the employer wants a person
that does not easily panic when faced with such hard or unpleasant situations.

Moreover, an incident responder is expected to have problem-solving skills as well as analytical skills. He/she should also be a cre-
ative thinker.

&HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ,QFLGHQW5HVSRQGHU-RE

Following is the list of some of the most important certificates that could ensure you to get a high salary and better opportunities in
Incident Responder career path:

(*"$$FSUJmFE*ODJEFOU)BOEMFS(GCIH)

(*"$$FSUJmFE*OUSVTJPO"OBMZTU (GCIA)

(*"$$FSUJmFE'PSFOTJD&YBNJOFS (GCFE)

$FSUJmFE$PNQVUFS&YBNJOFS(CCE)

41
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Chief Information
Security Officer
Expertise in Computer Security and

Business Acumen will Take You far

as a CISO

The position of a Chief Information Security Officer (CISO) is a C-level management position. A CISO is the five-star general of an IT
security department and its staff. The main responsibility of a CISO is to select, oversee, and provide leadership for any initiatives
that concern the overall security of an organization.

CISOs work directly with the management to establish an IT security risk manage-
ment program. CISOs also act as a spokesperson for the organization, especially
when that organization has had a serious security incident.

CISO seems to be the most popular name as the highest position in IT secu-
rity but, Chief Security Officer (CSO), Information Security Officer (ISO), and
Global Head of Information Security are some similar job titles as well.

42
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 &KLHI,QIRUPDWLRQ6HFXULW\2IÀFHU&,626DODULHV
$

According to Payscale.com, the median salary of CISO is around ₹16.5 lacs per annum. Whereas, in the United States, it’s around
$258,000 per annum.

Skills required to become a CISO

Technical Skills

A CISO should have the same technical skills the best engineer has or the same technical skills that the security director has. The
Followings list points out the most important skills for this position:

A CISO must be aware of both, the architecture of enterprise and security.

You should be aware of the practices and methods in order to deal with the IT strategy.

You should have a solid background in networking and communication concepts.

4IPVMEIBWFLOPXMFEHFPGUIFQSPUPDPMTUIBUEFBMXJUI*OUSVTJPO%FUFDUJPO *OUSVTJPO1SFWFOUJPO BOEmSFXBMMT

:PVTIPVMELOPXIPXUPEFmOFBOEEFWFMPQOFUXPSLTFDVSJUZBSDIJUFDUVSF

A CISO should have the knowledge of rules & methodologies used for third-party auditing and cloud risk assessment.

43
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 Soft Skills

As a CISO, you are expected to deal with different stakeholders and clients so you must have the following soft skills:

Excellent oral and communication skills

/FHPUJBUJPOTLJMMT

Interpersonal skills

Process-oriented thinking

Creative thinking

Must be able to deal with pressure when it comes to legal or regulatory requirements.

44
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

 &HUWLÀFDWLRQVWKDW\RXVKRXOGJDLQEHIRUHFRQVLGHULQJ&,62-RE

For the job of CISO, you are mostly required to have CISSP and CISM certifications. However, the following list has a bunch of other
certifications that you may consider adding your skills and knowledge:

$FSUJmFE*OGPSNBUJPO4ZTUFNT"VEJUPS (CISA)

$FSUJmFE*OGPSNBUJPO4FDVSJUZ.BOBHFS(CISM)

GIAC Security Leadership (GSLC)

$FSUJmFE$IJFG*OGPSNBUJPO4FDVSJUZ0GmDFS (CCISO)

$FSUJmFEJOUIF(PWFSOBODFPG&OUFSQSJTF*5(GGEIT)

$FSUJmFE*OGPSNBUJPO4ZTUFNT4FDVSJUZ1SPGFTTJPOBM (CISSP)

Information Systems Security Management Professional (CISSP-ISSMP)

5PHBJOQSBDUJDBMDZCFSTFDVSJUZFYQFSJFODF BOEFYQFSUJTFJOUIFSFRVJSFETLJMMT ZPVDBOQBJSZPVSDZCFSTFDVSJUZDFSUJmDBUJPOFYBNTXJUITJEFQSPK-

ects that utilize the same skills and/or can invest in self-directed learning and guided training.

45
Career Paths in Cyber Security

The Ultimate Cyber Security Career Roadmap!

CHAPTER Top Cyber Security Companies
Below is the list of top cybersecurity companies:
#4
Cisco Symantec IBM Check Point

1BMP"MUP/FUXPSLT McAfee Trend Micro BT

Sophos KnowBe4 RSA (Dell Technologies) Splunk

Darktrace Akamai Forcepoint

46
Top Cyber Security Companies

The Ultimate Cyber Security Career Roadmap!

CHAPTER List of Useful Resources to remain updated with
#5 Cyber Security
Keeping yourself up to date with the latest cybersecurity news and trends is not a choice but a necessity if you
want to build a successful career as a cybersecurity professional. Here is a list of some popular cyber security
blogs, news websites, and books help cybersecurity professionals grow and thrive.

Popular Cyber Security Blogs

Microsoft Security Blog

This blog from Microsoft is dedicated to discussion on security and the latest technology trends in cybersecurity. This is the
blog every cybersecurity professional should follow.

Krebs on Security
To have in-depth security news and investigation, you can follow the blogs written by Brain Krebs. He earned his outgrowth as
an investigative reporter for the Washington Post newspaper and now writes extensively on cybercrime, internet security and
other latest news.

List of Useful Resources to remain updated with Cyber Security

47 The Ultimate Cyber Security Career Roadmap!

 Schneier on Security
You can follow Bruce Schneier, also known as, the “security guru” through his blogs. He has been writing about security issues
since 2004. He is a fellow and lecturer at Harvard’s Kennedy School.

Security Affairs
From informative articles on cybersecu-
rity to updates, Security Affairs offers
everything that a cybersecurity profes-
sional need. It also wont the “2016 Best
European Personal Security” blog.

Zero Day Blog

Zero Day Blog is the powerhouse des-
tination for cybersecurity profession-
als looking for latest in software/hard-
ware security research, vulnerabilities,
threats, and computer attacks.

List of Useful Resources to remain updated with Cyber Security

48 The Ultimate Cyber Security Career Roadmap!

 Popular Cybersecurity News & Opinion
Websites

Dark Reading
W
WW
Dark Reading, one of the most widely read cybersecurity news sites, is a one-stop for anyone who is interested in cybersecu-
rity. Main topics covered by Dark Reading includes attack/breaches, app sec, mobile and, threats.

Threatpost
W
WW
Threatpost, an excellent news site working under the aegis of Kaspersky Lab, is providing news, videos, and feature reports
on every aspect of cybersecurity.

Naked Security
W
WW
/BLFE4FDVSJUZ UIFOFXTSPPNPG4PQIPT JTDZCFSQSPUFDUJPOBOETBGFUZNBEFTJNQMF5IFSFJTBOFOEMFTTDPVOUPGUIFOVN-
CFSPGDZCFSTFDVSJUZQSPGFTTJPOBMTUIBUSFMZPOOFXTBSUJDMFT QSPEVDUSFWJFXT BOEXIJUFQBQFSTGSPN/BLFE4FDVSJUZ

SC Magazine
W
WW
SC Magazine supplies cybersecurity professionals with a wide range of technical information resources and offers automated
testing results for mobile devices, web & cloud security, and email safety.

Infosecurity Magazine
W
WW
This magazine concentrates not only cybersecurity topics but also focus on valuable insights and strategy content on trending
topics. It makes it a one-stop source for the cybersecurity industry.

List of Useful Resources to remain updated with Cyber Security

49 The Ultimate Cyber Security Career Roadmap!

 Best Cybersecurity Books

¶&\EHU:DU7KH1H[W7KUHDWWR1DWLRQDO6HFXULW\DQG:KDWWR'R$ERXW,W· by Richard A. Clarke and Robert Knake,

is a broadside against complacency in cyber defense. It contains the analysis of the technical shortcomings of the web,
which can lead to war.

¶6HFUHWVDQG/LHV'LJLWDO6HFXULW\LQD1HWZRUNHG:RUOG·by Bruce Schneier, provides readers with a better under-

standing of why protecting our information is tough in this digital world. Do we need to sacrifice privacy for better secu-
rity? This book will tell you about this.

¶6HFXULW\(QJLQHHULQJ$*XLGHWR%XLOGLQJ'HSHQGDEOH'LVWULEXWHG6\VWHPV·by5RVV-$QGHUVRQcovers every-
thing from high-level policy to specialized protection mechanism to technical engineering basics.

¶6SDP1DWLRQ7KH,QVLGH6WRU\RI2UJDQL]HG&\EHUFULPHIURP*OREDO(SLGHPLFWR<RXU)URQW'RRU·by Brian Krebs,

gives a detailed view of the seamy world of organized cybercrime. Krebs focuses on the period from 2007-2013. This
book explores the world of spam, unmasking criminal groups responsible for flooding the email inboxes with scam offers.

¶57)05HG7HDP)LHOG0DQXDO·by Ben Clark, contains the basic syntax for commonly used Linux and Windows com-
mand line tools. It also encapsulates unique use cases for Python and Windows PowerShell. It’s a thorough reference
guide for serious Red Team members.

List of Useful Resources to remain updated with Cyber Security

50 The Ultimate Cyber Security Career Roadmap!

 Conclusion
From past couple of years, cybersecurity sector is on boom. Organizations, across the globe, are betting high on cybersecurity and
skilled cybersecurity professionals are in high demand, now, then ever. It is not just the demand, even the salaries are sky-high.

With endless career paths, cybersecurity, is here to stay as a viable career option for everyone. If you are looking up to building a
flourishing career in cybersecurity domain, this is the right time.

And it’s a wrap! Hope this guide has been valuable to you in getting in-depth insights on how to build a career in Cyber Security.

:DQWWREXLOGDVXFFHVVIXOFDUHHU XSVNLOO\RXUVHOILQ&\EHUVHFXULW\"

Have a look at 0DQLSDO·V&\EHU6HFXULW\FRXUVHKHUH!

51
Conclusion

The Ultimate Cyber Security Career Roadmap!