This post gives a succinct overview of in-demand job roles in IT and cybersecurity. Key job responsibilities, skills, and certifications for the following IT and cybersecurity roles are covered: System Administrator, Network Administrator, Incident Responder, Penetration Tester, Cloud Engineer, Cybersecurity Manager, and Privacy Analyst.
You may also be interested in IT career paths – everything you need to know.
Job roles in IT and cybersecurity
Job role | Job responsibilities | Skills | Certs |
System Administrator “The server people” | Automation Patch management and endpoint security Server health/server set up, configuration, optimization, troubleshooting, and maintenance Backup/DR: system backup and restoration in disaster recovery App compatibility: ensuring system-wide software and hardware compatibility and interoperability System hardening, including removing processes and services not needed Creating users and groups Windows Defender configuration | Networking Patch management Backups and recovery OS – Linux, Windows, Mac Scripting and automation PowerShell and Command line (CLI) Virtualization (VMWare) Cloud computing – containers, Kubernetes, AWS, Azure Network monitoring, intrusion detection, intrusion prevention, firewalls | Azure Administrator Associate Network+ Linux+ Security+ VMWare Certified Professional RHCSA (Red Hat Certified System Administrator) |
Network Administrator Do day-to-day configuration, maintenance, and troubleshooting of different network devices and the network itself. | Hardware: setting up, configuring, and maintaining network hardware/devices – routers, switches, firewalls, and different types of security appliances like IDS/IPS Software/hardware installation Network topology: mapping out the network topology Troubleshooting (possibly 80% of the work) Network infrastructure design and optimization (equipment, budget, as well as from a data standpoint) Wireshark | Windows Active Directory – create/remove /manage user accounts OS – Linux Cisco/PAN (Palo Alto) Equipment Servers -on-prem and cloud based Virtualization like VMWare Troubleshooting | CCNA Network+ Azure Network Engineer Associate AWS Certified Solutions Architect – Associate |
Incident Responder Digital Forensics and Incident Response (DFIR) | Monitor systems/networks Security auditing Forensic investigations Risk analysis Intrusion detection Training staff and stakeholders Documentation PCAP analysis with Wireshark | Networking OS – Linux, Windows, Mac Packet analysis SIEM tools Scripting automation (Python) Packet capturing tools (Wireshark) Backup process Forensic tools | Security+ GSEC (GIAC Security Essentials) GCIH (GIAC Certified Incident Handler) ECIH (EC-Council Certified Incident Handler) CHFI (Computer Hacking Forensic Investigator) CEH |
Penetration Tester | Identify/exploit vulnerabilities (internal or external) Network, application, mobile, Wi-Fi (testing) Scoping OSINT Social engineering Exploit Persist Reporting Password cracking (Hydra, John the Ripper, Cain and Abel) Nmap | Networking OS – Linux Documentation OSINT Scripting (Python, Bash) and programming languages (C) Tools (modifying code; or writing your own tools) CVEs CLI (Command Line Interface) | OSCP (Offensive Security Certified Professional) CEH eJPT (eLearnSecurity Junior Penetration Tester) GPEN (GIAC Penetration Tester) Pentest+ LPT (Licensed Penetration Tester – EC-Council) |
Cloud Engineer | Maintain cloud infrastructure Serverless infrastructure architecture IAM Automation Cost optimization Performance optimization Storage | Networking OS – Linux, Windows Scripting and programming languages Database IAM Troubleshooting | AWS Advanced Networking Specialty Azure Network Engineer Associate CCSK (Certificate of Cloud Security Knowledge) CCSP (Certified Cloud Security Professional) Cloud+ |
Cybersecurity Manager | Operations Infrastructure Oversee assessments and audits Ambassador Compliance Policies Business continuity planning/DR | Negotiation Time management Incident response Regulations and standards Auditing Policies and processes | CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CRISC (Certified in Risk and Information Systems Control) CISA (Certified Information Systems Auditor) SC-100: Microsoft Cybersecurity Architect |
Privacy Analyst (Data Privacy Engineer, Data Privacy Architect, Data Privacy Specialist, Platform Privacy Specialist, Privacy Compliance Specialist, Privacy Compliance Analyst, and Privacy and Risk Engineer.) | Assessing the business policies, procedures, and operations to ensure that the organization is meeting its privacy requirements Making sure that the business is compliant with regulations or industry standards or laws that they have to follow to protect critical information Risk management: help manage legal or operational risk Research and analysis of sensitive data and figuring out how to comply with relevant rules Training: developing policies and procedures and then training the organization on those policies and procedures | Critical thinking Privacy laws and regulations Data life cycle management Researching – identifying relevant laws, regulations, and standards Communication skills Gap analysis | CIPP (Certified Information Privacy Professional) GRC Professional CDPSE (Certified Data Privacy Solutions Engineer) CISA (Certified Information Systems Auditor) |
This table (Job roles in IT and cybersecurity) is based on the free Cybrary course Introduction to IT & Cybersecurity (1h 41m | CEU/CPE credits: 2), which is part of a Career Path: Information Security Fundamentals.
Related content
Compliance frameworks and industry standards
How to break into information security
Information security definition
Professional ethical hacking body of knowledge
The GRC approach to managing cybersecurity
The penetration testing process
The Security Operations Center (SOC) career path
Back to DTI Courses