A logo for cyber with a circle and the word cyber
E2 CYBER DOMAINS EXPLAINED
e2 Team • Apr 26, 2023

READ THE SNAPSHOT: 

  • e2 breaks down the cyber industry so our team of cyber passionate recruitment warriors can help you identify the best talent within the domain you need, or to support you in your next career move and truly understand what you’ll do, need and want. 
  • The Cyber industry has exploded and as such, each domain is now large enough to be separated from each of the other areas. 
  • Gaining an understanding of which domain you need to hire from, or want a role in, will increase your speed to an outcome, ensuring you get the best person or role with knowledgeable and detailed assistance from e2. 

In the 21-22 financial year, Australia saw an increase in cyber crime to over 76,000 incidents. This was a 13% increase from the previous year and is expected to continue trending in this direction for years to come (Ref:1). Due to the rapid growth of cyber crimes, the industry has been working to keep up with the ever-growing risk and need to improve. With these changes, e2 has seen the industry expand to a size where we believe breaking cyber security roles into domains is a must, not a want. This blog outlines how e2 define the domains and why it is important to understand them when hiring or looking for your next career move. 


Entry Level Cyber   


This is the start of the “yellow brick road”. “Entry” level roles is a term often used very loosely and no doubt you have seen a meme associated with an entry level role requiring 5 years of experience. To e2, an entry level role is a position for someone who has not had, or who holds very limited professional exposure to the industry, may have completed a basic or fundamental training course and is pursuing a career in cyber. Normally, entry positions are offered in a SOC or GRC space pending the study or knowledge of the individual. At e2 Cyber, entry means entry. No experience, limited skills BUT a desire and attitude to be in cyber. 


Architecture 


The backbone to safe and minimal risk technology outcomes. Architecture is a unique domain as it typically requires a person to be both technical and also very savvy to the industry required frameworks, legislation, requirements and technology best practices. A cyber sec architect will typically come from a technology background, have strong stakeholder and communication skills and be passionate about improving the technical security decisions for an organisation or product. We find the best architects as “hands on” or at least run a lab to try and test ideas and solutions and are also typically certified in both GRC and technology areas. 

 

Engineering


The “doers”. The engineering space is technical, “hands on”, love implementing solutions and are driven to harden the environment with the best tech products in the market. People in this field often start in entry level ICT based roles and work their way through the ranks. They skill up in their chosen technologies and areas to engineer in such as Windows OS, then progress into software that works to protect and defend Windows based environments.


GRC (Governance, Risk and Compliance)


The GRC space is unique as it seems people come from all walks of life into cyber GRC focused work. GRC is critical to the success of any technical decision and implementation. GRC professionals conduct reports, assessments and audits which typically are shared to the Board, C-suite and senior leaders to make decisions based on their risk appetite. These professionals are typically degree/university certified and have further studied in the GRC realms through industry recognised training. They have an interest in technology and may even be technical themselves, which is usually very desirable. 


Network 


Have you ever tried to connect to wifi or a “network” and then tried to trouble shoot it yourself? It’s pretty complicated at the basic break fix level which is where highly skilled network engineers come into play. You have to go through a network to connect to the internet and every website on the internet has a network that it travels back and forth on. These skills are critical to any technology system working and being able to “connect” with the digital world. People in this field are certified and skilled with networking and have a deep understanding of network specific products such as CISCO or similar products. Most technical engineers have some exposure to networking, but a network engineer is a specialist, they can perform basic trouble shooting all the way through to creating designs and building networks that can be either physical or virtual.


Offensive Security


The “cool” cyber guy from the movie. When most people think of cyber security they usually think about a guy in a black hoodie, “hacking” his way into a mega rich company’s bank account and taking all the money. Partially this is correct, but in our industry, they are the ones doing the right things with their skills (ethical hackers). Offensive specialists are brought in to “attack” a network, application, infrastructure, socially or physically, to test the defence in place and provide an assessment to the organisation to make new defensive cyber decisions. People who work in this space are either self-taught, certified and trained or both. There are a number of well-respected certificates in this space, and usually are very difficult to obtain. This space is very small, typically the best people all know each other and due to the nature of the work, difficult to disclose their exact personal achievements in detail.


Cyber Leadership


The leader of all cyber. The CISO, CSO, Head of, Director, ITSA, Security Lead, SOC Manager, the list goes on. In a role where you lead a team, outcome, project or division, these roles carry immense pressure to get it right as a wrong decision can cause damage that cant be predicted, for example Optus and Medibank. To land a role like this, you typically carry years of experience and war stories in addition to the skills so you can mentor, guide and build the next wave of industry experts. These days, most leaders are certified but because the industry has only recently started pushing the certification requirement, some exceptional leaders have none but could pass and achieve majority with little to no issues. A cyber leader is normally motivated by the challenge of improving an organisations cyber posture, team and outcomes and care about the cause deeply.


Over time we expect each of these domains will grow. Potentially, we might even see the industry add in new roles as the risk against us continues to become more complex and sophisticated. Time will tell but until then, this is how e2 Cyber categories our cyber domains to support our client’s security and our candidate’s careers.



 

Ready to secure the skills to protect and defend your business? Or looking for your next exciting cyber role? Whether it's for long or short-term contracts or a permanent role, we are Australia's top Cyber Security recruitment agency, committed to providing the best talent and expertise to meet your needs. 





REFERENCES: 

  1. https://www.cyber.gov.au/about-us/reports-and-statistics/acsc-annual-cyber-threat-report-july-2021-june-2022  
Let's Chat
Female GRC cyber professional holding a laptop, showing her male GRC colleague the screen

GRC CYBER PROFESSIONALS: THE BIGGEST STRUGGLES & HOW TO OVERCOME THEM

By Ben Rogalsky 02 Sep, 2024
BIGGEST STRUGGLES FOR GRC PROFESSIONALS & HOW TO OVERCOME THEM, BEN ROGALSKY
3 members of a cyber team looking at a computer screen

HOW TO BUILD AN EFFECTIVE CYBER TEAM

By e2 Cyber 05 Aug, 2024
OUR RECIPE TO BUILDING AN EFFECTIVE AND SUCCESSFUL CYBER TEAM, E2 CYBER
Man looking at multiple computer screens

LEVEL UP: HOW TO TRANSITION INTO A SENIOR CYBER SECURITY ROLE

By Tom Bull 01 Jul, 2024
HOW TO MAKE THE TRANSITION INTO THAT COVETED SENIOR CYBER SECURITY ROLE, TOM BULL
More Posts
Share by: