Estimated Read Time: 8 minutes
Five cybersecurity jobs your team need
Organisations require cybersecurity skills to help keep sensitive data and systems safe from malicious hackers, defend an ever-expanding security perimeter, and comply with stringent regulatory mandates related to data security and privacy. As companies work to accelerate digital transformation efforts and build a more automated, cloud-based, data-driven workplace that can support remote teams, the need to assemble and maintain a deep bench of IT security expertise is becoming only more critical. The ever-rising level of cybercrime places even more pressure on businesses to keep their systems up to date and vulnerabilities patched so they can swiftly respond to and recover from cybersecurity incidents stemming from malware, ransomware and phishing.
So, which cybersecurity jobs does your organisation need to help you cover all your IT security bases? Christian Schmitz, Head of Technology at Robert Half Germany and Maria Sartori, Associate Director, at Robert Half Brazil, provide an overview of the responsibilities, skills and credentials for five of the most in-demand roles.
1. Penetration tester
This pivotal role involves spearheading the development, implementation, and oversight of Penetration Testing Programmes. As a Senior Penetration Tester, you will be responsible for not only creating essential policies, standards, and procedures to support the program but also conducting a wide array of penetration tests across various technology domains. Key responsibilities include:
- Lead the development of a robust Penetration Testing programme.
- Establish critical policies, standards, and procedures necessary to underpin the success of the Penetration Testing programme.
- Execute penetration tests on web applications, mobile applications, networks, wireless systems, and operational technology.
- Perform comprehensive security assessments of cloud environments and conduct application source code reviews.
- Employ industry-standard methodologies (e.g., OWASP, NIST, PTES) to carry out penetration tests.
- Utilise common penetration testing and red-team tools, tactics, techniques, and procedures.
- Harness custom-built penetration testing tools, frameworks, and infrastructure.
- Evaluate the risk associated with identified vulnerabilities, considering both likelihood and severity.
- Meticulously document findings and deliver detailed technical reports, complete with recommendations for vulnerability remediation.
- Foster effective collaboration with clients throughout assessments to provide status updates and insights on vulnerabilities.
- Continuously enhance existing capabilities and toolsets.
2. IT Auditor
An IT auditor may work on a variety of specific projects that include analysing information security systems, programs and software for any type of IT system. In addition to making sure these systems are in line with government and internal regulations, those in IT auditor jobs identify potential issues and offers solutions for improvement.
There’s plenty of room for advancement, as many organizations staff a team of IT experts overseen by senior IT auditors or IT auditing managers.
Candidates interested in IT auditor jobs should know they are typically expected to hold a bachelor’s degree in information technology, computer science or business. Some employers may require additional certification for certain IT positions, such as the Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) credentials. Those require three to five years’ experience before taking the qualifying exam.
3. Security architect
A security architect’s core job is finding ways to stay one step ahead of all digital threats to the company’s network, from hackers and viruses to malware. A security architect can, essentially, come into your business, look at your IT security “house” (i.e., infrastructure) and recommend where and how to make improvements without compromising your business systems’ performance.
Security architects can perform testing to detect and monitor suspicious activity and analyse threats to help your business improve its IT security approach and reduce the risk of future attacks. They are always thinking about future requirements and stay informed about relevant regulations that impact IT security. The best cybersecurity professionals also have strong interpersonal, leadership and change management skills. They may supervise staff and work with other teams, as well, to help meet strategic IT goals such as migrating to the cloud or building mobile applications.
4. Network/Cloud Engineer
Network engineers are responsible for designing, implementing, and managing business connectivity via various networks. These include wired and wireless networks for on-premises business connectivity and cloud-based networks for secure remote work. Everything from printers and staff desktops to cable management, mail servers and web servers fall under the network engineer’s remit.
It’s a network engineer’s job to find the most suitable solution for their business, to install it, maintain it, and get it back online quickly, should the worst happen. You’ll be trusted to continually optimise business networks and design them with security in mind.
Engineers work alongside infrastructure engineers, infrastructure architects and product/sales teams, and report to the CTO or infrastructure manager.
5. Cybersecurity Consultant
Faced with ever-increasing threats to IT security, organisations need to maintain a vigilant approach to protect their systems and data, and a Cybersecurity Consultant plays a key role in this process. Cybersecurity Consultants are responsible for several functions associated with IT security - from conducting reviews of software security, through to updating information security policies.
A Cybersecurity Consultant job description should include the following responsibilities:
- Conduct information security management reviews and information security management system (ISMS) assessments
- Ensure technical implementation and business processes are aligned
- Lead the design, implementation, operation and maintenance security management systems
- Participate in the creation, review and update of information security policies
- Provide complex technical advice, recommendations and consultancy on networks, infrastructure, products and services supplied
- Provide or assist with implementation documentation
- Ongoing project management
Security matters in all things IT. No matter what other cybersecurity jobs your business needs to hire for — look for candidates who can bring solid basic security skills and knowledge to the table. Focus on professionals who will keep security front and centre in everything they design, build and deliver for your business today and in the future.
Maria Sartori is a chemical engineer, a graduate of UNICAMP with a postgraduate degree in Finance from the same institution. She began her career in the recruitment field in 2011, contributing to the startup of Robert Half's Campinas office. Currently, she serves as an Associate Director, overseeing Technology, Engineering, Sales, and Marketing at the São Paulo office.
Christian Schmitz is Head of Technology Germany at Robert Half. The tech expert has been advising companies across all industries on all aspects of IT and their digitalization programs with a focus on consulting and recruitment, including global market leaders and DAX40 companies. He has extensive expertise in enterprise technologies such as SAP, Microsoft, Salesforce and ServiceNow and covers business and IT alignment, new ways of working and digital enablement.