Careers in Cybersecurity


The roles and job titles in Cybersecurity can involve overlapping responsibilities, and can be broad or specialized depending on the size and special needs of the organization.

The following are some descriptions of various security job titles and roles employed by the private and public sectors so that the community is well-informed of the different context of roles.

Cybersecurity Roles and Job Titles - Click a Title for a description

Typical job titles are security analyst, security engineer, security administrator, security architect, security specialist, and security consultant.

To better describe the scope of those positions, employers often precede the above titles with qualifying terms like “Cyber”, “Information”, “Computer”, “Network”, “IT”, and “Applications”. This results in fuller job titles such as IT Security Engineer, Information Security Analyst, Network Security Administrator, IT Security Consultant, etc..

Special variations of some of the titles are sometimes preferred, such as Information Assurance Analyst, and Security Software Developer. Also, some security jobs are even more specialized, such as cryptographer, intrusion detection specialist, computer security incident responder, etc.

Additional terms are sometimes used to convey rank, such as Senior IT Security Consultant, and Chief Information Security Officer. Graduates of the new program will normally qualify for such high ranks after several years of on-the-job experience.

Security Analyst:

Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, and/or management of security solutions.

Security Engineer:

Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements.

Security Architect:

Designs a security system or major components of a security system, and may head a security design team building a new security system.

Security Administrator:

Installs and manages organization-wide security systems. May also take on some of the tasks of a security analyst in smaller organizations.

Security Software Developer:

Develops security software, including tools for monitoring, traffic analysis, intrusion detection, virus/spyware/malware detection, anti-virus software, and so on. Also integrates/implements security into applications software.


Uses encryption to secure information or to build security software. Also works as researcher to develop stronger encryption algorithms.


Analyzes encrypted information to break the code/cipher or to determine the purpose of malicious software.

Chief Information Security Officer:

A high-level management position responsible for the entire information security division/staff. The position may include hands-on technical work.

Security Consultant/Specialist:

Broad titles that encompass any one or all of the other roles/titles, tasked with protecting computers, networks, software, data, and/or information systems against viruses, worms, spyware, malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever increasing list of attacks by hackers acting as individuals or as part of organized crime or foreign governments.

Very Specialized Roles:

Intrusion Detection Specialist:

Monitors networks, computers, and applications in large organizations, looking for events and traffic indicators that signal intrusion. Determines the damage caused by detected intrusions, identifies how an intrusion occurred, and recommends safeguards against similar intrusions. Also does penetration testing to identify vulnerabilities and recommend safeguards as preemptive measures.

Computer Security Incident Responder:

As a team member usually, prepares for and mounts rapid response to security threats and attacks such as viruses and denial-of-service attacks.

Source Code Auditor:

Reviews software source code to identify potential security issues and vulnerabilities that could be exploited by hackers to gain unauthorized access to data and system resources.

Virus Technician:

Analyzes newly discovered computer viruses, and designs and develops software to defend against them.

Penetration Tester (also known as Ethical Hacker or Assurance Validator):

Scans for and identifies vulnerabilities, and exploits them to provide hard evidence that they are vulnerabilities. When penetration-testing large infrastructures such as power grids, utility systems, and nuclear facilities, large teams of penetration testers, called Red Teams, are employed.

Vulnerability Assessor:

Scans for, identifies and assesses vulnerabilities in IT systems including computers, networks, software systems, information systems, and applications software.

Typical Places of Employment of Cybersecurity Graduates:

Technology and Internet companies
Security software companies
Defense companies
Many government departments and defense/intelligence agencies
Many IT companies, and IT divisions of companies in many industry sectors
The E-Commerce sector
Banks, financial firms, credit card companies

For more information regarding the Cybersecurity Career Studies Certificate, contact Prof. Henry Coffman  at 


LFCC provides a positive, caring and dynamic learning environment that
inspires student success, values diversity and promotes community vitality.