The coolest jobs in

cyber security

S W I P E
 Indian servers
Threat Hunter
This expert applies new threat intelligence against existing evidence to
identify attackers that have slipped through real-time detection
mechanisms. The practice of threat hunting requires several skill sets,
including threat intelligence, system and network forensics, and
investigative development processes. This role transitions incident
response from a purely reactive investigative process to a proactive one,
uncovering adversaries or their footprints based on developing
intelligence.
W H Y I S T H I S R O L E I M P O R T A N T ?
Threat hunters proactively seek evidence of attackers that were
not identified by traditional detection methods.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D

SEC504 GCIH FOR508 GCFA ICS515 GRID FOR572 GNFA

FOR578 GCTI FOR610 GREM ICS612

Red Teamer
In this role you will be challenged to look at problems and situations from
the perspective of an adversary. The focus is on making the Blue Team
better by testing and measuring the organization’s detection and
response policies, procedures, and technologies. This role includes
performing adversary emulation, a type of Red Team exercise where the
Red Team emulates how an adversary operates, following the same
tactics, techniques, and procedures (TTPs), with a specific objective
similar to those of realistic threats or adversaries. It can also include
creating custom implants and C2 frameworks to evade detection.
W H Y I S T H I S R O L E I M P O R T A N T ?
Red Teamers will have a holistic view of the organization’s preparedness for
a real, sophisticated attack by testing the defenders, not just the defenses.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC504 GCIH SEC560 GPEN SEC564 SEC660 GXPN SEC760

@indianserverltd
 Indian servers
Digital Forensic Analyst
This expert applies digital forensic skills to a plethora of media that
encompass an investigation. The practice of being a digital forensic
examiner requires several skill sets, including evidence collection,
computer, smartphone, cloud, and network forensics, and an investigative
mindset. These experts analyze compromised systems or digital media
involved in an investigation that can be used to determine what really
happened. Digital media contain footprints that physical forensic data
and the crime scene may not include.
W H Y I S T H I S R O L E I M P O R T A N T ?
You are the sleuth in the world of cybersecurity, searching computers,
smartphones, cloud data, and networks for evidence in the wake of an
incident/crime.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
FOR308 FOR498 GBFA FOR500 GCFE FOR508 GCFA

FOR509 FOR518 FOR572 GNFA FOR585 GASF

Purple teamer
In this fairly recent job position, you have a keen understanding of both
how cybersecurity defenses (“Blue Team”) work and how adversaries
operate (“Red Team”). During your day-to-day activities, you will organize
and automate emulation of adversary techniques, highlight possible new
log sources and use cases that help increase the detection coverage of
the SOC, and propose security controls to improve resilience against the
techniques. You will also work to help coordinate effective communication
between traditional defensive and offensive roles.
W H Y I S T H I S R O L E I M P O R T A N T ?
Help blue and red understand one another better! Blue Teams have
traditionally been talking about security controls, log sources, use cases,
etc. On the other side Red Teams traditionally talk about payloads,
exploits, implants, etc.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC599 GDAT SEC699

@indianserverltd
 Indian servers
MALWARE ANALYST
Malware analysts face attackers’ capabilities head-on, ensuring the
fastest and most effective response to and containment of a cyber-attack.
You look deep inside malicious software to understand the nature of the
threat – how it got in, what flaw it exploited, and what it has done, is trying
to do, or has the potential to achieve.
W H Y I S T H I S R O L E I M P O R T A N T ?
If you’re given a task to exhaustively characterize the capabilities of a
piece of malicious code, you know you’re facing a case of the utmost
importance. Properly handling, disassembling, debugging, and analyzing
binaries requires specific tools, techniques, and procedures and the
knowledge of how to see through the code to its true functions. Reverse
engineers possess these precious skills, and can be a tipping point in the
favor of the investigators during incident response operations.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
FOR518 FOR518 GASF FOR610 GREM

CHIEF INFORMATION SECURITY OFFICER (CISO)

The CISO leads staff in identifying, developing, implementing, and
maintaining processes across the organization to reduce information and
information technology risks. CISOs respond to incidents, establish
appropriate standards and controls, manage security technologies, and
direct the establishment and implementation of policies and procedures.
The CISO is also usually responsible for information-related compliance,
such as supervising efforts to achieve ISO/IEC 27001 certification for an
entity or a part of it. Typically, the CISO’s influence reaches the entire
organization.
W H Y I S T H I S R O L E I M P O R T A N T ?
Business acumen and tech know-how are crucial factors for CISOs so they
can take an up-to-date approach to information security issues from a
technical standpoint, understand how to integrate security planning into
wider business objectives, and develop a culture of security and risk.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
MGT512 GSLC MGT514 GSTRT MGT520 MGT521
@indianserverltd
 Indian servers

BLUE TEAMER - ALL-AROUND DEFENDER

This job, which may have varying titles depending on the organization, is
often characterized by the breadth of tasks and knowledge required. The
all-around defender and Blue Teamer is the person who may be a primary
security contact for a small organization, and must deal with engineering
and architecture, incident triage and response, security tool administration
and more.
W H Y I S T H I S R O L E I M P O R T A N T ?
This job role is highly important as it often shows up in small to mid-size
organizations that do not have budget for a full-fledged security team
with dedicated roles for each function. The all-around defender isn’t
necessarily an official job title as it is the scope of the defense work such
defenders may do - a little bit of everything for everyone.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC450 SEC503 GCIA SEC505 GCWN SEC511 GMON SEC530 GDSA

SEC555 GCDA SEC586

SECURITY ARCHITECT & ENGINEER

Design, implement, and tune an effective combination of network-centric
and data-centric controls to balance prevention, detection, and response.
Security architects and engineers are capable of looking at an enterprise
defense holistically and building security at every layer. They can balance
business and technical requirements along with various security policies
and procedures to implement defensible security architectures.
W H Y I S T H I S R O L E I M P O R T A N T ?
A security architect and engineer is a versatile Blue Teamer and cyber
defender who possesses an arsenal of skills to protect an organization’s
critical data, from the endpoint to the cloud, across networks and
applications.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC503 GCIA SEC505 GCWN SEC511 GMON SEC530 GDSA

@indianserverltd
 Indian servers
INCIDENT RESPONSE TEAM MEMBER
This dynamic and fast-paced role involves identifying, mitigating, and
eradicating attackers while their operations are still unfolding.
W H Y I S T H I S R O L E I M P O R T A N T ?
While preventing breaches is always the ultimate goal, one unwavering
information security reality is that we must assume a sufficiently
dedicated attacker will eventually be successful. Once it has been
determined that a breach has occurred, incident responders are called
into action to locate the attackers, minimize their ability to damage the
victim, and ultimately remove them from the environment. This role
requires quick thinking, solid technical and documentation skills, and the
ability to adapt to attacker methodologies. Further, incident responders
work as part of a team, with a wide variety of specializations.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC402 SEC504 GCIH FOR508 GCFA FOR509 FOR518

FOR572 GCFA FOR578 GCTI FOR610 GREM

CYBERSECURITY ANALYST/ ENGINEER

As this is one of the highest-paid jobs in the field, the skills required to
master the responsibilities involved are advanced. You must be highly
competent in threat detection, threat analysis, and threat protection. This
is a vital role in preserving the security and integrity of an organization’s
data
W H Y I S T H I S R O L E I M P O R T A N T ?
This is a proactive role, creating contingency plans that the company will
implement in case of a successful attack. Since cyber attackers are
constantly using new tools and strategies, cybersecurity
analysts/engineers must stay informed about the tools and techniques
out there to mount a strong defense.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC401 GSEC ICS410 GICSP SEC450 ICS456 GCIP SEC501 GCED SEC503 GCIA

SEC504 GCIH FOR509 SEC540 GCSA SEC555 GCDA SEC586

@indianserverltd
 Indian servers

OSINT INVESTIGATOR/ANALYST
These resourceful professionals gather requirements from their customers
and then, using open sources and mostly resources on the internet, collect
data relevant to their investigation. They may research domains and IP
addresses, businesses, people, issues, financial transactions, and other
targets in their work. Their goals are to gather, analyze, and report their
objective findings to their clients so that the clients might gain insight on a
topic or issue prior to acting.
W H Y I S T H I S R O L E I M P O R T A N T ?
There is a massive amount of data that is accessible on the internet. The
issue that many people have is that they do not understand how best to
discover and harvest this data. OSINT investigators have the skills and
resources to discover and obtain data from sources around the world.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC487 GOSI SEC537 FOR578 GCTI

TECHNICAL DIRECTOR
This expert defines the technological strategies in conjunction with
development teams, assesses risk, establishes standards and procedures
to measure progress, and participates in the creation and development of
a strong team.
W H Y I S T H I S R O L E I M P O R T A N T ?
With a wide range of technologies in use that require more time and
knowledge to manage, a global shortage of cybersecurity talent, an
unprecedented migration to cloud, and legal and regulatory compliance
often increasing and complicating the matter more, a technical director
plays a key role in successful operations of an organization.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D

MGT516 MGT551 SEC557 SEC566 GCCC

@indianserverltd
 Indian servers

CLOUD SECURITY ANALYST

The cloud security analyst is responsible for cloud security and day-to-
day operations. This role contributes to the design, integration, and testing
of tools for security management, recommends configuration
improvements, assesses the overall cloud security posture of the
organization, and provides technical expertise for organizational decision-
making.
W H Y I S T H I S R O L E I M P O R T A N T ?
With an unprecedented move from traditional on-premise solutions to the
cloud, and a shortage of cloud security experts, this position helps an
organization position itself thoughtfully and securely in a multicloud
environment necessary for today’s business world.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC401 GSEC SEC488 GCLD FOR509 SEC510

SEC541 SEC557 SEC588 GCPN

INTRUSION DETECTION/ (SOC) ANALYST

Security Operations Center (SOC) analysts work alongside security
engineers and SOC managers to implement prevention, detection,
monitoring, and active response. Working closely with incident response
teams, a SOC analyst will address security issues when detected, quickly
and effectively. With an eye for detail and anomalies, these analysts see
things most others miss.
W H Y I S T H I S R O L E I M P O R T A N T ?
SOC analysts help organizations have greater speed in identifying attacks
and remedying them before they cause more damage. They also help
meet regulation requirements that require security monitoring,
vulnerability management, or an incident response function.
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC450 SEC503 GCIA SEC504 GCIH SEC511 GMON

SEC555 GCDA FOR572 GNFA FOR508 GCFA

@indianserverltd
 Indian servers

APPLICATION PEN TESTER

Application penetration testers probe the security integrity of a company’s
applications and defenses by evaluating the attack surface of all in-scope
vulnerable web-based services, client-side applications, servers-side
processes, and more. Mimicking a malicious attacker, app pen testers
work to bypass security barriers in order to gain access to sensitive
information or enter a company’s internal systems through techniques
such as pivoting or lateral movement.
W H Y I S T H I S R O L E I M P O R T A N T ?
Web applications are critical for conducting business operations, both
internally and externally. These applications often use open source plugins
which can put these apps at risk of a security breach
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC522 GWEB SEC542 GWAPT SEC552 SEC560 GPEN

SEC588 GCPN SEC642

DEVSECOPS ENGINEER
As a DevSecOps engineer, you develop automated security capabilities
leveraging best of breed tools and processes to inject security into the
DevOps pipeline. This includes leadership in key DevSecOps areas such as
vulnerability management, monitoring and logging, security operations,
security testing, and application security
W H Y I S T H I S R O L E I M P O R T A N T ?
DevSecOps is a natural and necessary response to the bottleneck effect of
older security models on the modern continuous delivery pipeline. The
goal is to bridge traditional gaps between IT and security while ensuring
fast, safe delivery of applications and business functionality
R E C O M M E N D E D C O U R S E S A S S O C I A T E D
SEC510 SEC522 GWEB SEC534 SEC540 GCSA SEC584

@indianserverltd
 Indian servers

tells us in comments
Which career interests
you the most

WWW.INDIANSERVERS.COM