Types of Cybersecurity Roles: Job Growth and Career Paths

by Nicholas Patterson

Some roles in the cybersecurity field include application and network security, forensics, security architecture and threat intelligence, among many others. Cyber jobs can also be organized into different categories dependent on their functions.

Cybersecurity is a specialty in the world of tech — but the role is wider and encompasses more career options than you might realize.

When it comes to climbing the cybersecurity career ladder with the right skills, credentials and contacts, “the sky is the limit,” according to Dr. Dennis Backherms, an IT professional and an associate dean of cybersecurity at Southern New Hampshire University (SNHU).

This is true, in part, because of technology’s ubiquity in our lives. “Nowadays, everything is done with computers and involves data,” said Rodney Royster, an adjunct faculty member at SNHU with more than three decades of experience in the cybersecurity sphere. “And that means everything is vulnerable to attack from bad actors.”

Cybersecurity is important because it protects vulnerable information from these “bad actors,” including hackers and other cybercriminals trying to access valuable data. The information cybercriminals desire includes intellectual property, government secrets, credit card numbers, account passwords or electronic medical records. Meanwhile, professionals in different cybersecurity roles, from entry-level analysts to top-level executives, protect and defend against these continually evolving threats and attacks.

What Are the Main Categories of Cybersecurity Jobs?

According to the National Initiative for Cybersecurity Careers and Studies (NICCS), there are 5 major kinds of roles in the field. They include:

• Design and Development: This category encompasses cybersecurity architecture, secure software development and other roles focused on planning and building secure platforms and systems, NICCS noted.
• Implementation and Operation: Administrator roles, technical support and network operations are just a few positions that make up the implementation and operation category, according to NICCS.
• Investigation: Investigation roles include cybercrime investigation and digital evidence analysis roles, NICCS said.
• Oversight and Governance: This category includes roles in instruction, executive leadership, systems security management and more, said NICCS.
• Protection and Defense: Protection and defense roles include vulnerability analysis, threat analysis and incident response, NICCS noted.

These categories are based on what part of the cybersecurity ecosystem each role serves, but there are also specializations you might pursue within the field.

What Are Different Specializations in Cybersecurity?

Cybersecurity professionals can benefit from starting as generalists and then specializing in an area of interest or strength, according to Brandon Champion, an adjunct faculty member at SNHU. Some correspond directly with a role, and others may be functions within a broader position. These areas can include:

• Application security
• Data loss prevention
• Network security
• Security architecture
• Vulnerability management

There are also specializations focused on preventing and responding to cybercrime, including:

• Forensics
• Incident response
• Threat intelligence

The specific job responsibilities for any role can depend on the size and resources of the employer. “At a smaller or mid-size firm, you might end up being a ‘jack of all trades,’ while at a larger firm, you’re more likely to have specialists,” said Champion.

What Are 5 Examples of Cybersecurity Jobs?

If working in the cybersecurity field interests you, here are 5 careers to consider.

Computer Network Architects

In the design and development category of cybersecurity roles, computer network architects design and implement data communication networks, including local area networks (LANs), wide area networks (WANs) and intranets, according to the U.S. Bureau of Labor Statistics (BLS). They consider an organization’s specific needs and requirements, including information security, when planning networks.

To enter this role, BLS reported that you’ll typically need a bachelor’s degree in a computer-related field and some relevant experience.

Computer network architects earned a median pay of $130,390 in 2024, and the field is expected to grow 12% through 2034, according to BLS — much faster than the average 3% projected growth rate for all occupations.

Database Architects

Database architects design and build database systems that store and secure a variety of data, from financial information to customer shipping records, BLS reported. Since many databases contain personal, proprietary and financial information, database architects and administrators are responsible for planning the measures to protect that data.

A bachelor’s degree in computer and information technology is typically needed to enter this role, according to BLS, although some employers may prefer a master’s degree in a similar field.

In 2024, the median pay for database architects was $135,980, and the position is expected to grow 9% by 2034, BLS said.

Information Security Analysts

If you’re interested in planning and executing security measures to protect an organization’s computer networks and systems, then this role may be for you. According to BLS, information security analysts are responsible for staying up to date on the latest methods that attackers are using to infiltrate computer systems and need to research new technology to decide the best way to protect their organization.

To break into this field, BLS reported that you’ll typically need at least a bachelor’s degree in computer science, along with related work experience.

The median pay for information security analysts in 2024 was $124,910, with an expected 29% job growth through 2034, according to BLS.

Network and Computer Systems Administrators

Network and computer systems administrators install, configure and maintain organizations’ LANs and WANs, data communication networks, operating systems and servers, BLS reported. This includes maintaining network and computer systems cybersecurity.

For this role, you’ll typically need a bachelor’s degree in a related field, although BLS reported that some employers may only require a postsecondary certificate or associate degree.

In 2024, the median pay for the role was $96,800, according to BLS, with an estimated 14,300 job openings per year through 2034.

Software Developers, Quality Assurance Analysts and Testers

This role can involve creating computer applications to help underlying systems and testing and designing software to identify problems, BLS reported. Software developers need to take many requirements into account, including the security of an application or program.

Usually, a bachelor’s degree in computer or information technology is required, but some employers may prefer to hire developers with a master’s degree, according to BLS.

The field is expected to grow nearly 15% by 2034— much faster than the projected average for all roles — and in 2024, BLS reported the median pay was $131,450.

What Are Some Other Job Titles in Cybersecurity?

Cybersecurity professionals go by many names, but the job titles or descriptions will typically include “information security” or “cybersecurity” or other related terms, according to Backherms. Examples include:

• Cybersecurity technical architects
• Information security, cybersecurity or vulnerability analysts
• Penetration testers
• Security administrators, engineers and technicians

“You’ll often also see the words ‘entry,’ ‘associate’ or ‘senior’ accompanying these titles,” Backherms said. “Once you get to the executive level, cyber roles tend to be categorized by manager, director or officer (for example, CISO) title types.”

While some positions may require a bachelor’s degree or a certain amount of experience, entry and associate level roles are usually achievable through earning an associate degree in cybersecurity.

Meanwhile, on the government side, roles might be designated as “level I,” “level II” or “level III” based on the minimum level of knowledge, experience or certification required, according to Royster.

In other words, you can find career opportunities at all levels — from the day-to-day operations and management to the senior executive level and even on the board.

“Keep in mind, though, that these job titles change,” said Royster. “I was looking at a job posting the other day for a CISO, but it was for a chief innovation security officer.”

What Are Some More Advanced Roles in Cybersecurity?

As you continue to gain experience and expertise during your career, you might set your sights on pursuing cybersecurity positions or opportunities in:

• Consulting: According to Royster, the best consultants have not only the technical chops but also considerable experience with recognized organizations across multiple industries — in addition to the presentation and interpersonal skills needed to engage with IT-savvy clients. “You need to be able to talk the talk. So, find your niche, master those skills, and then see if consulting is the right fit for you,” he said.
  
• Education: Professionals can also explore opportunities for teaching or mentoring, both formally and informally. “Teaching, for me, is a way to give back to the field,” said Champion. “It’s still a fairly small community, and — perhaps selfishly — I want the next generation of people potentially working for me to keep moving our field in the right direction.”
  
• Leadership: Senior- or executive-level roles typically require solving higher-order problems, making strategic decisions and building teams and processes while collaborating across business divisions. “Every day is different for a CISO,” said Evans. “Sometimes it’s a high-stress situation, and everyone looks to you for direction and answers. That means you have to think fast, and your decisions can have significant consequences.”

If you want to build a career in cybersecurity, consider learning more about what a cybersecurity degree is.

Where Can You Work in the Cybersecurity Field?

Alex Petitto ’21 earned a bachelor’s in cybersecurity from SNHU while serving in the U.S. Air Force. At the end of his program, he accepted an offer to move into a cyber role.

“I chose to remain with the Air Force and transfer to a cybersecurity unit, and this degree was a major factor in allowing me to do so,” he said.

Although Petitto’s path from one position to another might not be possible for everyone, cyber professionals work in nearly every sector and industry — public and private, for-profit and nonprofit — and at businesses and organizations large and small, including:

1. Banking and finance
2. Healthcare
3. Insurance
4. Law enforcement and government
5. Technology and telecommunications

“Cybersecurity is an industry-agnostic field,” according to Champion. “But the industry dictates which risks you have to worry about.”

Champion knows this first-hand. In his role as chief information security officer (CISO) within the global power and engineering industry, he might focus his team’s efforts on protecting the company from ransomware, malicious software that locks out the system’s users until a ransom is paid. Meanwhile, in his other role as senior information systems officer for the Army National Guard, he works to prevent security breaches by nation state actors, including foreign governments with political agendas.

“The threat landscape continues to change on a daily basis and requires a more agile workforce to maintain comprehensively protected networks,” according to Backherms.