Inclusive Cyber: Unlocking Innovation in Cybersecurity

No Tech Skills? No Problem! Top 5 Cybersecurity Roles for Everyone

Danny Magallanes Season 1 Episode 25

Share episode

Today, we're taking a refreshing detour from the usual tech-heavy entry job roles. Have you ever thought about jumping into cybersecurity but felt intimidated by the technical skills required? Well, guess what? You don't need to be a tech wizard to make a significant impact in this field!

In this video, we're unveiling five unique, entry-level cybersecurity positions that require absolutely zero technical skills. From shaping policies to ensuring compliance, these roles are the unsung heroes of the cybersecurity world. We'll dive into what each job entails, the key skills you'll need, and why these positions are just as crucial as the traditional threat management roles.

It's time to broaden our horizons and recognize the vital contributions of non-technical professionals in keeping our digital spaces secure. So, if you're ready to explore a whole new side of cybersecurity, stick around! Your perfect career path might just be a click away. Let's get started!

Support the show

Support the Channel - Click the bell to have notifications, like & subscribe!
Buy Me Coffee - https://shorturl.at/jKMSX
Social Media – Follow us on:
TikTok
Facebook - https://www.facebook.com/profile.php?id=61554884934328
Instagram - https://www.instagram.com/inclusivecyberpodcast/
Audio:
Spotify - https://open.spotify.com/show/6HNQQVKvsCRo2J095Kyc8G
Apple - https://podcasts.apple.com/us/podcast/inclusive-cyber-unlocking-dei-in-cybersecurity/id1686041111
Website - https://www.buzzsprout.com/2183707
Amazon - https://music.amazon.com/podcasts/594cca7a-726d-43fe-b94e-36291566e9d8/inclusive-cyber-unlocking-dei-in-cybersecurityMusic: Music by Cryptochronica and Worlds Apart featuring Vtizzel; Song: Gunz Blazin' Music: Used with permission: Artist: Thunderwolf X Words Apart, Song: Cybernetix...


Introduction
---

[00:00:00] Danny: Hey, everyone. Welcome back to the show. In this episode, I'm going to be talking about five entry level positions that don't require any technical experience for cybersecurity. I know what you're saying, though. It's like, okay, here's another video talking about the same thing that has been talked about ad nauseam. But there are some differences that I want to point out. The first one is during my research, I went back roughly about five years, it's circular reporting. And what I mean by that it's one video starts off talking about this particular topic and everybody starts adding on because for whatever reason, it really blew up in social media. So now there's different flavors or different perspectives, which is, you know, a good thing. It's always good to get other people's experiences on the same content, but it seems to be the same job roles over and over and over. 

The second point I want to make is, All of them are technically focused or require some type of, building your own lab or doing all this additional work to show your expertise on said positions. One thing that Cyber security has a problem with, is we keep on telling everybody to get a job in cyber security, you need to have this technical mindset and you need to know how to hack. You need to know how to code. But that is doing a disservice to our profession. And I don't know where it came from. Maybe it was The transition from IT.

folks back in the day 20, 30 years ago, You know, wearing dual hats and now they become security professionals. But that being the case, I just want to use an analogy. If you want to go into the medical profession, it's like asking everybody, well, to get in here, you need to know how to do open heart surgery. And of course that sounds ridiculous when somebody says that there's so many roles in the medical profession that don't require cutting somebody up. And doing an operation is very similar to cybersecurity. So the five jobs that I'll be talking about, entry level positions that require no technical experience. I think one is known to the majority of folks out there, but four, I would argue are brand new that nobody's thought of. That in all the different places that I've worked at, they have been an intricate part in a good cybersecurity program. So let's get started.


Number 1 - GRC Analyst
---

[00:02:41] Danny: So the first role is governance, risk and compliance analyst. So what do DRC analysts do? So essentially, they help the organization ensure that the cyber security practices comply with regulation and standards. This role involves assessing risks, reviewing controls and monitoring compliance to mitigate potential security threats. So what are some of the skills that you need to get into this position?

So basic understanding of regulatory requirements in industry standards. So if you're in Europe GDPR, understanding that When it comes to privacy. Here in the u. S., HIPAA, which is Health Care Privacy regulation, or PCI, which deals with credit card, compliance. The other one is analytical and problem solving abilities, attention to detail and strong organizational skills, and excellent written and verbal communications. 


Number 2 - Training, Education, and Awareness Analyst
---

[00:03:48] Danny: The second one is training, education, and awareness analyst. So what do these analysts do? What a training and education awareness program analyst is essentially responsible for maintaining a cyber security training program to educate employees about security policies, procedures and best practices. This role involves assessing the training needs. Creating engaging content and measuring the effectiveness of a training program. So this isn't where you're going to build up a training and awareness and education program at company x, Y and Z. There's one already built and all you're going to be doing is maintaining that and working with probably primarily with your cyber threat Intel team to understand any new emerging threats that we need to incorporate and start notifying everybody within the business. So some key traits or basic skills required for this position would be strong communication and presentation skills. Basic knowledge of cyber security principles and practices. Familiarity with content creation. And lastly, the ability to assess and evaluate training effectiveness.


Number 3 - Cyber Threat Intelligence Analyst
---

[00:05:10] Danny: So the third one is Cyber Threat Intelligence Analysts, which is my speciality and what I'm extremely passionate about. So what do CTI analysts do? They collect, they analyze, they disseminate information about the current and emerging threats, and they provide informed decision making to every single level of the organization. Because at the end of the day, it's providing information so people can take certain action based on that information. So if we know that there is an impending attack from a cyber threat actor targeting our network, Then obviously the CISO in conjunction with the CEO and all C suite will take appropriate action to defend its networks. I wish it was that easy that we would get, information that way, but I know it doesn't work that way. So some of the basic requirements for a CTI analyst, analytical skills and interpret and correlate data. Analytical and problem solving skills, attention to detail and strong organizational skills, excellent written and verbal communication and strong research and reporting and writing skills.


Number 4 - Cyber Operations Planning Analyst
---

[00:06:25] Danny: Number four. Cyber Operations Planning Analyst. Cyber Operations Planning Analyst perform in depth joint and cybersecurity planning processes. This role involves gathering information and developing a detailed operational plan and orders and supporting requirements, it conducts strategic and operational level planning across a full range of operations for integrated information and cyberspace operations.

So basically what they do, they help put on tabletop exercises. So you are the program manager to get with your red team, purple team, if they're, if you're doing it internally, you're getting with your incident response, all the security teams that we're going to do a tabletop exercise, okay?

Is it going to be a technically focused, more at the analyst level, or is it going to be an executive tabletop exercise? So they know what to do. So this operations program analysts, all they're doing is. You know, getting everybody into the right location with the right information for them to know what type of exercise there is.

Now if it's a third party tabletop exercise, then they're going to collect all the requirements from the internal teams and then share that and be a liaison, if you will, with the third party company to make sure that they're meeting all the specific requirements for this particular tabletop exercise.

So it's just making sure everything is running smoothly. Basic knowledge of technical, um, expertise. If you know it great, if you don't, again, you're just that liaison between third party and, internal teams. So some of the skill sets that you require planning and organizational skills, knowledge of cybersecurity operations and threat management, and that's just basic knowledge, analytical and critical thinking ability.

And then attention to detail and strong organizational skills. You're gonna have a lot of people that you're gonna have to get together to make, a tabletop exercise successful. And then again, excellent written and verbal communication.


Number 5 - Knowledge Analyst
---

[00:08:43] Danny: And the last one, number five, is the knowledge manager or slash analyst and don't let the manager aspect fool you. It's not a managing position, essentially they're responsible for managing and organizing the organization's cybersecurity knowledge and information. Think of them as the master librarian within any organization that knows all the different third party vendors, and obviously this is probably for a smaller business because if you're multi, Multinational corporation.

Third party vendors. Risk management is going to be extremely hard. Not one person, but maybe a team. I know it, but this role involves creating and maintaining a knowledge base. facilitating information sharing and ensuring that relevant data is accessible to team members. So it could be updating internal SharePoint sites.

If your company uses Microsoft products, just internal intranet websites with the latest information. And to use an example for the operations and planning, making sure all the phone numbers and contact information is relevant and up to date, in each of the team's websites, getting with each team and making sure of there's any personnel changes, any change in mission and or scope.

That's all captured in this knowledge space. So if somebody who is providing or facilitating all this knowledge that is going everywhere and just, maintaining this repository or several repositories of data within the organization. The skill sets very similar to what we've already discussed.

Attention to detail and strong organizational skills. Basic understanding of knowledge management system and tools. Each company is going to have their own unique set of tools. So you don't have to master all the different management platforms out there. understand how to navigate, which is pretty simple. Excellent communication and collaboration abilities and ability to curate and document technical information clarity, and potentially analytical and problem solving ability.


Conclusion
---

[00:10:58] Danny: So those are the five entry level positions that do not require any technical skills in cybersecurity. Just one caveat though, as I said in the previous video, the job market is extremely hard. I'm not guaranteeing any of this, but you need to start looking for some of these roles instead of the typical technical roles. Each company is going to have their own variations of titles of these specific roles.

So, it gives you a holistic view of potential jobs out there. Again, that do not require the technical skills that we so often push in our industry. Hopefully you liked this video. If you do, please like share and comment. And for those looking for the regularly scheduled program of interviewing amazing guests, we'll start that up next week, but with that, enjoy the rest of your day, night, and we'll chat soon.