menu iconmenu

Cyber-security / computer forensics chat #1: Jobs and work

technology robot icon

Our panel of experts include... 

James O’Gorman - Anti-Malware Analyst, Microsoft

Tony Davitt - Senior Systems Engineer, Cisco

Tom Leonard - Recruitment Consultant, CPL

Gary Fortune - IT Account Manager, SAP

There are a large number of different roles in IT security and and you can always find something you enjoy doing.


What does it mean to work in cybersecurity and computer forensics, what is the job of an anti-malware analyst and what is malware? - M.A Kent, Wicklow

James O’Gorman: Cybersecurity is the general term given to the practice and knowledge of protecting computer systems.

There are a large number of more specific practices within cybersecurity industry such as computer forensics, anti-malware, penetration testing, systems auditing, data protection, disaster recovery, etc. I work specifically as a reverse engineer and anti-malware engineer.

Malware is the umbrella term for malicious computer applications such as viruses, trojans, network worms, etc. My role is to reverse engineer these computer applications to ascertain what the intent is so that we can protect against these threats.

What is involved in the life of working with cybersecurity on a daily basis? What would you consider the most demanding, challenging and rewarding aspects of the job, and how did you get started in the field? - Patrick, Co. Mayo

Tony Davitt: The biggest part of working in cybersecurity is dealing with my customers and listening to their concerns and requirements and trying to analyse what the biggest risks for them are and how to mitigate them.

The most challenging is also the most rewarding which is the fast pace of change within this field and trying to keep up with it. However, because of this it means no two days are the same – and hence interesting.

I got started in this field as my background is in data communications and as this became more widespread, shared and mainstream so security becomes a must have and hence I ended up working in it.

James O’Gorman: There is no typical cybersecurity role, so describing the daily efforts would be difficult. From my perspective every day is different and my challenges change all the time, I’ve certainly never been bored!

I liaise with people from all over the industry, and like most security professionals I need to spend a lot of time keeping abreast of industry news, emerging threats and the security landscape in general.

The cybersecurity industry is ever evolving to counter the ever evolving threats that are posed to modern computing. From time to time this requires international travel, conferences and training.

I am interested in a career in IT and I’m wondering if the security sector of the profession is interesting and fulfilling? Also, could you share some examples of the tasks your daily jobs include? - Daria, Cork

Tom Leonard: I can answer this from the perspective of if you do decide to pursue IT security, as to whether there are positions and career opportunities available in Dublin and the answer is yes, very much so. All companies will have some form of IT security function.

The larger the company, the more likely they will have a variety of IT security positions. Companies with very sensitive information such as banks, insurers etc will have large IT security teams working at all levels and therefore will have very strong career opportunities.

How would one go about becoming a penetration tester? - Patrick, Dublin

James O’Gorman: A penetration tester (or ethical hacker) tests the security of software and hardware systems by finding weaknesses known as “vulnerabilities” and exploiting them. This is usually a role performed by a third-party security consultant whose services are employed by the company wishing to have their systems tested.

The goal of the penetration tester is to provide the client with a comprehensive report that details the system vulnerabilities and provides advice on how to remediate those vulnerabilities.

A computing related degree or cybersecurity related postgraduate degree will be a good entry point for this type of role. Typically junior roles are filled with good calibre graduate students who are then trained specifically in penetration testing.

Tom Leonard: Penetration testers are normally network engineers who specialise in finding vulnerabilities or weak spots within company networks and try and “break” them in order to find more secure solutions. They are essentially network hackers.

Often penetration testers will come from a network engineering or systems engineering background and may have been involved with infrastructure supporting Cisco or Juniper based networks for example.

Potentially they could be systems engineers or operational engineers who have strong experience of monitoring systems and securing networks and online infrastructures.

Penetration testing is a career path in itself and carries its own qualifications, such as Certified Penetration Tester and Certified Expert Penetration Tester plus closely related qualification such as Certified Ethical Hacker.

Typically, though, prospective penetration testers often start in an IT discipline such as systems or network engineering and then go on to progress more into security.

Look for Computer Science degree courses or diplomas that have a strong networking element (connecting devices, servers, storage, protocols etc) as these will often have elements devoted to their security.

What are the opportunities to progress in a company in this kind of job – what is the highest level you can get to? - Anon

Gary Fortune: Yes it’s possible to progress within the organisation. Our area is broken up into many different functions and it’s possible to develop your career in the direction that you wish to go in.

The level you achieve can really depend on the specialist area you are working within. For example if you take the management route, some day you may aspire to be the CIO! However on the technical side you can grow to a service owner or architect on a local, regional or global level.

James O’Gorman: The growth of a career in cybersecurity is only limited by the individual, not the role.

The opportunities within Microsoft are near infinite but you are responsible for driving your own career. There are a number of very senior people within Microsoft whose backgrounds are in cybersecurity.

Tom Leonard: There are a large number of different roles in IT security and it depends on what you enjoy doing. If you are more into web technologies and online systems then roles such as Internet Security Specialist or Engineer or Incident Handler could be your path. Companies such as Facebook, Google, Amazon, AOL and banks and insurers would all employ such positions.

If you are more interested in the underlying IT infrastructure of a company such as their network and systems (servers, desktops, storage) then roles within infrastructure security or vulnerability assessment or penetration tester maybe more suitable.

Others progress down the Security Auditing and Compliance route defining security processes and procedures for companies. The levels in Security can progress to as high as Information Security Director, Chief Security Officer, Chief Information Officer, Lead Auditors or Audit managers or more technical positions such as IT Security Architects. There are positions almost for all levels.

To read the next Cyber-security / computer forensics chat click here.