Originally I answered this question back in 2018 on “Quora” thought it will be a better addition to my blog. I will try to answer this question as simple as possible. Its totally depends on what technology and what level he is working on.
- His main responsibilities will be protecting his clients will be a part of 24/7 monitoring team will monitor Security Incidents and Potential Security Breaches.
- Work on Potential Security Breach gather evidence how it happened what exactly happened.
- also his main responsibilities would be configuring and maintaining Cyber security tools on which they are working (IDS, IPS, Firewall, Proxy, SIEM)
Application Security Expert
- Here main responsibilities would be conduct end to end security assessment or Penetration testing on given application (Web, Mobile, IOT, Servers) for potential security bugs.
- Security Assessment or Penetration testing would be manual and automated.
- Eliminate False positive, Prepare POC, generate Final report and share with concern team and help the same to fix the findings
Auditor (RISK and Compliance)
- Here main responsibilities will be help organization to achieve and maintain certain cyber security standard like ISO27001, SOC2, PCI DSS
- Identify scope, maintain necessary documents, look for all IT and NON-IT controls, gather evidence help external auditor with audits.
- Here main responsibilities would be work on suspicious files and emails that are identified in wild.
- identify behavior of malware get to know its IOCs help Anti malware team to build particular solution.
Cyber Security/Pre-Sales Consultant
- This is very senior roles (pre-sales guy) who would have worked on Multiple cyber security Domain or Platform
- Main responsibilities would be Responding to RFPs, Build the solution for customers.
Apart from this there are multiple BIGGER roles are there like Security Architect, CISO, Security Officers which requires Patience, Hugh Knowledge and Experience.