1. Set your goal / ideal position to apply for
Like we already know, there are lot of different occupation in cyber security, forensic analyst, malware analyst, threat&risk report / monitoring team (like CERT) etc. Before applying a job, decide a field you are interested in/ want to work in.
1) Specific types of Information/Cyber Security Workforce
Based on NIST(National institute of Science and Technology), there are seven categories for cyber security workforce.
1) SECURELY PROVISION : specialized in/work for conceptualizing, designing, and building secure IT system.
KEYWORDS : Planing, Designing, Architecture, Compliance, Evaluation..
(eg. DRP/BCP planne or project manager, Security Evaluation /Penetration Planer/Tester.. etc)
2) OPERATE AND MAINTAIN : specialized in/work for providing support, administration, and maintenance to secure IT system, including its performance.
KEYWORDS : Administration, Maintenance, Support
(eg. System Admin, Network Manager, Operator, Data Admin/ Analyst, Customer Service Team, IT Support Team.. etc)
3) PROTECT AND DEFEND : specialized in/work for identification, analysis, and mitigation of threats to internal IT systems or networks.
KEYWORDS : Identification, Analysis
(eg. (CERT&CIRT) Cyber Incident Response Team, Vulnerability Management Team, Vulnerability Analyst Team/ Test Team.
4) INVESTIGATE : specialized in/ work for investigation of cyber events or crimes of IT system, network and digital evidence.
KEYWORDS : Investigation, Analysis, Forensic
(eg. (CERT&CIRT) Cyber Incident Response Team, Vulnerability / Malicious code Analyst, Forensic Analyst, Auditing)
5) COLLECT AND OPERATE : specialized in/ work for denial and deception operations and collection of cyber security information that may be used to develop intelligence.
KEYWORDS : Intelligence, integration, Collect
(eg. Source Collection Manager, Integration Planner/ Project Manager)
6) ANALYZE : specialized in/ work for review and evaluation of incoming cyber security information to determine its usefulness for intelligence.
KEYWORDS : Analyze, Review, Evaluation
(eg. Threat Analyst, Exploitation Analyst, Vulnerability Analyst, Source/ Language Analysis, Encryption Analyst)
7) OVERSIGHT AND DEVELOPMENT : specialized in/ work for providing leadership, management, direction, and /or development and advocacy so that individuals and organizations may effectively conduct cyber security work.
KEYWORDS : Governance, Compliance, Management, Planning, Strategy, Planning, Advising
(eg. Security Policy/Awareness(education program) Planner, CISO, IT Audit, Cyber Security Manager/ Project Manager)
2) Which Company?
ㅁSecurity Platform & Software Vendor >
A Security company which provides secure platform to others like Websense, Symantec, Mcfree etc, might have more detailed-oriented /separated team focused on its solution like Solution Development Team, Quality Assurance Team, Customer Service Team, Technical Marketing/ Consultant, Vulnerability&Patch Analyst(eg Anti-virus solution). Getting a job in security solution/ specialized corporate is helpful to learn how to develop/program security solutions, how to consult/ support customer’s environments or analyze malware to update a patch or secure policy.
ㅁNon security companies >
A company which buys security solutions to protect its own data(assets) like medical or insurance or educational etc.. may only have an one IT team or Security team to do all cyber security related task. It would be difficult to learn details of security software, but you get to know the corporate infrastructures as a big picture. Some place like government cyber security department such as NSA or ICS(Industrial Control System) industry, tends to have a strong cyber security team with professional team like CERT/CSIRT(Cyber Security Incident Response Team), which means you will get to learn A lot of things from here.
Reference : NIST , Seven categories in cyber security workforce