● 22 entries
Roles & Careers
- AI Red TeamerA specialist who probes AI systems — LLMs, agents, multimodal models — for harmful behaviors, jailbreaks, safety failures, and security vulnerabilities, blending traditional offensive security with ML-specific adversarial techniques.
- Application Security EngineerAn engineer who owns the security of an organization's software — threat modeling, secure design reviews, SAST/DAST/SCA tooling, secrets and dependency hygiene, security training, and partnership with development teams to fix what's found.
- Bug Bounty HunterAn independent security researcher who finds and reports vulnerabilities to vendors through bug-bounty or coordinated-disclosure programs, in exchange for monetary rewards and recognition.
- Chief Information Security Officer (CISO)The senior executive accountable for an organization's information-security strategy, risk posture, and incident-response capability, typically reporting to the CIO, COO, or CEO.
- Cloud Security EngineerAn engineer who owns the security of an organization's cloud footprint — IAM design, IaC guardrails, CSPM/CNAPP tuning, control-plane hardening, container and Kubernetes security, and partnership with platform teams.
- Cyber Threat Intelligence (CTI) AnalystA specialist who collects, structures, and disseminates intelligence about threat actors, campaigns, and TTPs — at strategic, operational, and tactical tiers — to inform defenders, IR teams, and executive decision-makers.
- Data Protection Officer (DPO)A statutorily-recognized role under GDPR Articles 37–39 (and several other privacy laws) that oversees an organization's data-protection compliance, advises on DPIAs, and acts as the contact point for regulators and data subjects.
- DFIR AnalystA digital-forensics and incident-response specialist who investigates intrusions end-to-end — preserving evidence, building timelines from endpoint, cloud, and network telemetry, identifying TTPs, and supporting eradication and legal proceedings.
- Field CISOA vendor-side role — usually housed at a security platform vendor — that pairs senior CISO-grade experience with go-to-market work, advising customer CISOs, shaping product roadmaps, and presenting at industry events.
- GRC AnalystA Governance, Risk, and Compliance specialist who maintains an organization's security control framework, runs internal and third-party assessments, prepares for audits (SOC 2, ISO 27001, PCI), and translates technical reality into policy and risk language.
- Incident ResponderA specialist who leads or supports the technical response to confirmed security incidents, performing containment, eradication, forensic analysis, and recovery while coordinating with legal, communications, and executives.
- Malware AnalystA specialist who reverse-engineers malicious binaries — static and dynamic — to extract indicators, characterize capabilities, attribute to threat groups, and produce detection content for SIEM/EDR coverage.
- Network Security EngineerAn engineer who designs and operates an organization's network defenses — firewalls, NGFWs, segmentation, VPN/ZTNA, NDR, secure web/email gateways, DNS hygiene — and pairs network telemetry with detection content.
- Penetration TesterAn authorized offensive-security professional who simulates real-world attacks against systems, applications, or people to find exploitable weaknesses before adversaries do.
- Privacy EngineerA technical specialist who builds and enforces privacy properties into systems — data inventories, deletion pipelines, differential privacy, k-anonymity, consent infrastructure — alongside but distinct from a legal-focused DPO.
- Security Analyst (Tier 1/2/3 SOC)A Security Operations Center professional who monitors alerts, investigates incidents, and escalates threats, with seniority commonly tiered from Tier 1 triage to Tier 3 advanced investigation.
- Security ArchitectA senior technologist responsible for designing secure-by-design enterprise, cloud, and product architectures, translating risk and compliance requirements into concrete technical patterns and controls.
- Security Awareness TrainerA specialist responsible for designing, delivering, and measuring the security-awareness program that helps employees recognize and resist phishing, social engineering, and other human-layer threats.
- Security EngineerAn engineer who designs, builds, and operates the controls, automation, and tooling that keep systems secure across infrastructure, applications, identity, and detection pipelines.
- SOC AnalystA security operations role responsible for triaging alerts, monitoring SIEM/EDR/XDR queues, investigating suspicious events, and escalating confirmed incidents to IR — typically tiered (T1 triage, T2 investigation, T3 hunt/engineering).
- Threat HunterA senior defender who proactively searches enterprise telemetry for adversary activity that has bypassed existing detections, using hypothesis-driven queries, threat intelligence, and behavioral analytics.
- Virtual CISO (vCISO)An experienced security leader engaged on a fractional or contract basis to deliver CISO-level strategy, governance, and risk oversight to organizations without a full-time CISO.