The coolest jobs in information security

I just stumbled across the SANS list of The 20 Coolest Jobs in Information Security. Here's their list:

  1. Information Security Crime Investigator/Forensics Expert
  2. System, Network, and/or Web Penetration Tester
  3. Forensic Analyst
  4. Incident Responder
  5. Security Architect
  6. Malware Analyst
  7. Network Security Engineer
  8. Security Analyst
  9. Computer Crime Investigator
  10. CISO/ISO or Director of Security
  11. Application Penetration Tester
  12. Security Operations Center Analyst
  13. Prosecutor Specializing in Information Security Crime
  14. Technical Director and Deputy CISO
  15. Intrusion Analyst
  16. Vulnerability Researcher/ Exploit Developer
  17. Security Auditor
  18. Security-savvy Software Developer
  19. Security Maven in an Application Developer Organization
  20. Disaster Recovery/Business Continuity Analyst/Manager

The first thing that I noticed is that there seems to be a considerable overlap between the jobs on that list and the courses and certifications that SANS offers, but let's suppose that that's just a coincidence.

It turns out that I've actually done lots of those as a consultant and I'll admit that lots of them can be very interesting, but I also found that lots of them really weren't the sort of thing that I'd like to do for a long time. But that's probably true of most jobs. It would probably be fun to drive a forklift for a day or two, for example, but I probably wouldn't to do it for much more than that. On the other hand, there are also some of these jobs that I wouldn't want to do today unless I was getting paid way more than the positions usually get.

So I suppose that this probably poinnts out the biggest benefit of working as a consultant – you get to try lots of interesting things but you don't necessarily have to do any one of them for too long.

Leave a Reply

Your email address will not be published. Required fields are marked *