top of page

How to best find your specialty in your cybersecurity career

Updated: Dec 1, 2022

When people come to me, it’s usually to ask,

“Where do I start?”.


“What’s the best way to get into cybersecurity?”

My answer is always the same because I realized very early: the benefit of a plan.

Back in 2014, there wasn’t much coverage on cybersecurity. Unlike now (you’ll notice I say this often because I believe this can work to your advantage.) There weren’t many reviews on job duties and people giving their experience.

For me, there was one article that always stuck out. “The dark side of digital forensics.” I can’t remember who the author was, but this was the only resource I could find detailing an “honest” perspective of the field. And it wasn’t created to deter but to inform.

I always advise people to investigate the different areas of cybersecurity. Hopefully, you know the old saying,

“A failure to plan is a plan to fail.”

Well, this is no different. Having a “North star” is better than wandering around aimlessly.

Research the various positions.

There are a few teams that makeup cybersecurity (or Info Security). Peep the infographic below.

It’s up to you to determine which of these is most suitable. But, to add more guidance, here’s an easy way to look at the different teams.

Red team

Offensive Security (The Breakers)

Brief Description:

Behave like threat actors who want to attack and breach their target network.

Some Duties (for example)

  • Ethical hacking

  • Penetration Testing

  • Exploiting vulnerabilities.

Blue Team

Defensive Security (The Defenders)

Brief Description:

This team is responsible for defending its resources against attackers. This team is typically passive, so most of their work remediates (resolving) whatever actions were taken.

Some Duties (for example)

  • Digital Forensics

  • Threat Hunter

  • SOC Analyst

Purple Team

Integrating Defense tactics with offensive results.

Brief Description:

Combines red and blue teams by actively defending resources and continuously attacking them. This team is essential as knowing the opponents’ capabilities allows for better security.

Some Duties (for example)

  • Improve defense capabilities and implement better detections.

  • Improve attack performance and find ways to outmaneuver defenses.

  • Repeat.

Yellow team

Software coders.

Brief Description:

Responsible for developing software securely. (*cough cough* Stares at 90’s coders )

Some Duties (for example)

  • Software Developer

  • Application developers

  • Software engineers

Green team

Automation and Design.

Brief Description:

Improve code and design-based defense capabilities.

Orange Team

Facilitate interaction and education

Brief Description:

Increase security awareness by providing education that benefits the yellow team’s code and design implementation.

Disclaimer: If you want more information, I HIGHLY recommend Hackernoon’s article, which was among the first to publish these descriptions. Source: Hackernoon <-- Click here

Of course, there are more specific job positions. But those also fall in the color spectrum.

Before you can get into the “nitty gritty,” you must determine which of those teams is most interesting.

This is a consistent learning field. So, be sure that whatever you pursue, it’s something you wouldn’t mind doing for years to come. Shit, decades even.

This is, of course, assuming you are stuck in the same role. This should never happen, but I think in the “Prepare for the worst, hope for the best” mindset.

You don’t need to analyze each area in-depth to find your niche. Simplify this process by identifying the specialty, looking further into that sector, and picking the most interesting one.

Once you determine which of these sounds most like you, go research job duties and mediums. By mediums, I mean specific technologies or preferences. For example,

I’ve always had my sights on digital forensics, and because of this, I’ve read various digital forensic books. Now, in digital forensics, there are a few sub-sectors. Computer forensics, mobile forensics, IoT forensics, and network forensics. to name a few. As a college student, my access was limited. I didn’t have IoT devices, and their presence wasn’t around to begin learning with them anyway.

The two mediums I focused on most were computer and mobile forensics. Mainly Apple, as I had an iPhone and could practice with that. At that time, I used an out-of-date book because that was free to me, and I wanted some understanding of the field. Afterwards,defen I redirected my focus to computer forensics, introducing me to the Registry. I found this INCREDIBLY interesting as I am an information gatherer and learning a computer’s underworkings was intriguing.

But, enough about me. This is about you.

Following this advice gave me a North Star. Having this is incredibly beneficial to you as an aspiring professional. This shows some of your ambition.

When I had interviews, I didn’t have any work experience. Still, because I had a passion, employers (and other students) were able to recognize this. This North Star also helped on interviews because I could pull from labs when they asked those pesky “Name a time when…..” questions.

These labs weren’t a part of my coursework; these were different labs that I used from passion.

Creating a passion for this field undoubtedly helped my journey. But, that is another blog for another week………


Recent Posts

See All


bottom of page