What kind of jobs do people with offensive cyber security skills get?
-
What sort of jobs or positions require people to perform offensive security work? I know the NSA has a Computer Network Operations (CNO) unit that infiltrates global networks to gather intelligence. Do other companies perform similar work?
-
Answer:
You've asked two subtlely different questions. The first is about jobs for people with offensive cyber skills, and the second is about jobs that require performing offensive cyber activities. First, many defensive cyber positions (systems administrator, incident responder, network engineer, etc.) can hugely benefit from skills in offensive cyber operations. This is the primary reason why there are so many training courses that claim to make you "think like a hacker." Knowing the tactics and techniques of an adversary can help you turn a critical eye on the system you are defending, without requiring you to actually perform the breaking in yourself. Within the set of jobs that require you to actually perform offensive cyber activities, there are three divisions based on whose assets are under attack: Assets owned by your employer Assets owned by a willing victim Assets owned by an unwilling victim In the first case, the assets under attack are owned by your employer. This type of job is internal network assessment. These teams come in various flavors, depending on the level of cooperation with the network operations and defense teams. Some are: internal penetration testers, blue teams, security auditors, vulnerability assessment teams, and red teams. The second case, assets owned by a willing victim, is the realm of professional penetration testers. These companies, teams, and individuals perform adversarial activities against a network, application, or installation in order to determine what improvements can be made to its security. This is often driven by regulatory compliance, so there is a broad spectrum of competence along which these teams fall. The third case, assets owned by an unwilling victim, is either espionage, sabotage, or crime, depending on the target and the perpetrator. Since these jobs are not generally legal under peacetime laws, I'll assume they don't need further elaboration.
Daniel Miller at Quora Visit the source
Other answers
Let's use broad generalizations. Offensive cyber is pretty much the domain of the government. NSA, CIA, DHS, DoD, etc. There are private companies that are subcontracted to those agencies that also do that work for the government. Regular companies do not do that type of work. For example, Sony is not going to go on the cyber offensive against Microsoft. And they don't attack hackers. Again, these are broad generalizations.
Tom Plummer
Related Q & A:
- What kind of jobs can a 14 year old get?Best solution by Yahoo! Answers
- What kind of jobs can 14 year olds get in CA?Best solution by Yahoo! Answers
- What kind of jobs can you get in marketing with a marketing degree?Best solution by Yahoo! Answers
- What kind of jobs could I get in an office setting with an associates degree?Best solution by Yahoo! Answers
- What kind of jobs would I get with a doctoral in business?Best solution by learn.org
Just Added Q & A:
- How many active mobile subscribers are there in China?Best solution by Quora
- How to find the right vacation?Best solution by bookit.com
- How To Make Your Own Primer?Best solution by thekrazycouponlady.com
- How do you get the domain & range?Best solution by ChaCha
- How do you open pop up blockers?Best solution by Yahoo! Answers
For every problem there is a solution! Proved by Solucija.
-
Got an issue and looking for advice?
-
Ask Solucija to search every corner of the Web for help.
-
Get workable solutions and helpful tips in a moment.
Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.