Three jobs in cybersecurity you’ve probably never heard of

Outside the field of cybersecurity, not many people actually know what a pen tester is; nor an ethical hacker, or a security researcher. But there are many even more obscure jobs in cybersecurity – roles that you never hear about unless you come into contact with them in the industry. 

There’s a widely reported skills shortage in cybersecurity, with an estimated 4 million professionals needed worldwide to fill the gap, according to a 2024 report by CrowdStrike. Many people simply aren’t aware that the cybersecurity sector offers a diverse range of potential job roles that require equally diverse skill sets and experience.

For those among our readers who are considering a career in cyber, here are three jobs in cybersecurity that you’ve probably never heard of.

1. Automotive Security Engineer

Self-drive cars and semi-automated vehicles are increasingly prevalent on our roads, and their systems are constantly becoming more connected. This is driving an urgent need for cybersecurity experts who focus on automotive security, to protect vehicles, their drivers, and other-road users from potential threats.

An Automotive Security Engineer has to: 

• Develop robust security measures and practices for in-vehicle infotainment systems.
• Ensure that engine control units are impenetrable by malicious actors.
• Monitor and protect advanced driver-assistance systems (ADAS).
• Secure transmissions to and from vehicle-to-everything (V2X) communications systems.

They need a strong foundation in wider cybersecurity principles and practices, along with a deep understanding of automotive technology and the security challenges it presents – so they can secure current and future vehicles against exploitation. 

2. IIoT (Industrial Internet of Things) Security Specialist 

The Internet of Things is everywhere – and as Industry 4.0 continues to expand and smart manufacturing solutions become more widespread, the Industrial Internet of Things (IIoT) is becoming an ever-more complex system of endpoints. 

That’s why IIoT Security Specialists now play a critical role in securing industries; protecting industrial control systems, and securing data transmissions between connected devices in manufacturing and critical infrastructure use cases. 

An IIoT Security Specialist has to: 

• Secure industrial actuators, sensors, and other IoT devices.
• Protect Supervisory Control and Data Acquisition (SCADA) systems.
• Make that industrial data is protected and authentic, without manipulation by threat actors.
• Develop and implement security systems for smart factories and distribution networks. 

This work requires a blend of in-depth technical skills and a comprehensive knowledge of industrial processes and networks – to avoid missing high-risk vulnerabilities that could offer an entry-point for attackers. 

3. Malware Analyst 

A Malware Analyst specialises in understanding and mitigating constantly evolving cyber threats – and they play a critical role in enabling organisations to stay ahead of the curve. New forms of malware, and variants of existing strains, are created by threat actors all the time; and in order to combat them quickly and effectively, it’s essential that we understand how they work. 

So a Malware Analyst has to: 

• Analyse new and emerging malware.
• Reverse-engineer malicious code to understand what it does, where it comes from, and what it’s designed to achieve.
• Develop strategies to detect malware and prevent it from executing.
• Deliver insights to other teams, including incident response. 

Diverse roles in cybersecurity 

These are just three of many specialised roles in cybersecurity – and we’re sharing them with you to highlight the diverse opportunities in this space. Technology continues to advance at a rapid pace, and as it does so, more cybersecurity specialisms will emerge to protect technologies and networks (and by extension, organisations and people) from attack.

Join us at Black Hat MEA 2024 and discover how to improve your organisation’s cyber resilience.