7 Cyber Security Jobs in Australia You Must Consider Now

As cyber security jobs in Australia continues to be in demand, there is an ongoing debate around the industry’s skills shortage.

Experts debate whether hiring should be awarded for certification versus ability, interview proficiency versus case study experience, along with the up-take in cross-training and reskilling from other disciplines.

In May 2019, StartupDaily reported that the cyber skills shortage will require Australia to secure around 18,000 more cyber security professionals by 2026 if the industry wants to offer more cyber security jobs in Australia and expand globally.

Currently, there is a gap in Australia of 27,192, “between the number of skilled professionals that organisations need to protect their critical assets and the actual capacity available to take on this work.” It seems, though, that reporting on the cyber security skills shortage, as it relates to job types, includes only the traditional roles, such as penetration testers, cyber security analysts, security consultants etc. The latest Cybersecurity Workforce Study, 2020 published did not include any of the peripheral cyber security industry jobs that are requisite in order for the operational efficacy and successful growth of cyber security.

As the cyber security industry in Australia continues to forge its own true identity as an independent business function, rather than a subset of Information Technology or Risk, we will see awareness of some of the lesser-known cyber security roles increase.

Cyber security has a growing number of roles that don’t simply fit into the traditional Offensive, Defensive, and Advisory cyber security peg holes. 

These roles support, guide, inspire, lead, protect, advocate for and bring together the cyber security industry, and most importantly the cyber community.

In this article, we will walk through my journey in the cyber security industry. We’ll go through examples and recommendations of the types of teams, leadership roles and responsibilities involved and how to leverage your transferrable skills to grab hold of cyber security jobs in Australia.

We’ve gathered insights into cyber security jobs in Australia that you might not have thought about. Some of these are roles suitable for mature candidates, career changers, cross-skilling professionals and even new students. Others demonstrate a stepping stone and what a little bit of dedication in the industry could lead to. 

Consider these jobs if you are looking to play an integral part in Australia’s cyber security industry, with flexibility, support and options to pivot around the industry or your organisation.

1. People & Culture

Every workplace establishes a culture. Workplace culture is founded on the people. The environment a workplace culture fosters can be positive, empowering, diverse and successful- depending on the people who are a part of it. Once you’ve landed a few cyber security jobs in Australia, you will realise it has its own culture. The number of people joining from any number of resources, institutions and organisations is what makes it increasingly diverse. Working in cyber security jobs in Australia for the People and Culture department will mean you are charged with creating significant connections across colleague-to-colleague, colleague-to-management, inter-department functionality right through to social, legal and human resource management tasks.

Examples of responsibilities:

• HR duties – hiring, employee retention, performance management, reporting and compliance, interviewing and assessing candidates
• Strategy and growth – supporting business growth goals, right-sizing of teams, departments or business units, new team/role initiatives
• Culture and benefits – source, drive and maintain employee benefits from on-site amenities to rewards programs, social activities, positive and inclusive culture initiatives, maintain a diversity or inclusion program
• Administration – candidate management, reporting, compliance and legal paperwork, documentation, records management, stakeholder liaison, professional written and verbal communication

Key skill area

A general understanding of cyber security jobs in Australia, their role types, respective responsibilities and their necessary skills are essential. You will likely deal with staff across the organisation that have managerial roles. Non-cyber responsibilities will require experience in managing expectations. Staying on top of cyber industry trends, technologies, qualifications, events and industry practices will be necessary to be effective in this role.

Transferrable skills

HR or People and Culture experience are required, as that will lend well to the cyber industry. Recruitment experience feeds well into People and Culture, but so does marketing and communications experience. It promotes an intuition to the company’s sense of identity, enabling an effective expression of culture both publicly and internally. Keen administrative skills place well, as does planning and directing social and cultural extracurricular initiatives. 

2. Pre-Sales / Solution Design

Working in cyber security pre-sales typically involves working in a technical capacity to design and deliver solutions. Then, provide guidance to the sales team, clients and stakeholders on cyber security solutions. The role acts as a middle liaison between the client and the sales team. The duties involved can include dealing with escalations, scoping pain points and solutions with clients, developing integrations with vendors and security engineers.

Examples of responsibilities:

• Work with the sales team – Meet and scope with clients, technical presentations of solutions, FAQs, responding to Request for Information (RFIs), Request for Proposal (RFPs) or quotes
• Innovate and engineer – Develop solutions to anticipate client needs and also meet them, develop integration and service delivery plans and processes, identify new opportunities in technology solutions for clients and for your organisation to onboard or provide the managed services
• Training and consulting – Undertake industry certifications and training in order to understand client problems and programs, whilst having the insight into the ideal solutions, train clients on integrating, utilising and maximising technical solutions, engineering deployments for best use purposes
• Account Management and admin – maintain ongoing communication and relationships with clients, continue a build-out of solutions in liaison with the sales team, provide an iterative link between your organisation and the client, the administrative duties of keeping client records, solutions, licensing, patching and any other managed services up to date and on-going

Key skill area

A strong technical cyber security knowledge and experience is usually required in combination with sales or client relationship management experiences. Security engineering skills can contribute to fulfilling the duties required, so can IT system administration and cyber security or IT sales experience.

Transferrable skills

Sales consulting experience, client relationship development and management. Qualifications and education in cyber security, software development, computer science engineering, data sciences can all contribute to the technical skills set expected in these roles. Top candidates want to bring experienced soft skills in professional verbal and written communication along with intuitive interpersonal skills.

3. Teaching / Training Cyber Security

These are the roles that help create, nurture and inspire the continued growth of the cyber workforce and candidates in the cyber security industry. Teaching and training play a vital role in the advocacy, progression and expansion of cyber security jobs in Australia, along with the goals of cyber security within organisations. These roles can be broad in cyber security coverage, through to more niche, specialist teachings. There is also training at a high level for organisations that need cyber awareness training, community groups or company’s selling training consulting services.

Examples of responsibilities

• Teaching – planning lessons, understanding and developing curriculum, facilitating tutoring, lecturing, administration of lab work, exams, tests, coordinating with faculty bodies, industry experts and maintaining ongoing education of cyber security and associated technologies
• Training – higher-level awareness or process training delivery, advising boards, executives, department heads, training in awareness for community groups, NFPs or government sectors where cyber security advocacy and awareness are required
• Support and coaching – support students learning cyber security, interactive workshops, online channels, connecting students to the industry through networking and introductions, mentoring
• Innovation or research – teaching in new and innovative ways online, via virtual conference software, content creation for social media and government training/growth bodies, researching cyber security academically or commercially

Key skill area

A comprehensive and broad cyber security knowledge and experience is required. Though depending on the role that you choose, there may be niches to focus on. An entry-level position, for those wishing to pursue an academic cyber career, may only require foundational knowledge to start training people in security awareness, social engineering, phishing and the likes.

Transferrable skills

Teaching, coaching or mentoring experience is very valuable. Leadership experience, team management, consulting, sales, communication, and many other high-level soft skills all can contribute to relative experience and skills to contribute to successful teaching.

4. Recruiting for Cyber Security Jobs in Australia

The cyber security jobs market in Australia require solid recruiters. It requires a deep knowledge of the job offerings out in the market as well as the fast-paced development of organisations and new job functions that arise. Recruitment for cyber security could fall into a department of a larger recruitment company doing multiple industry verticals, a specialist IT recruitment company or most specifically a niche cyber recruitment company/consultancy.

Examples of responsibilities

• Recruitment – candidate management, sales of your services to clients (hiring organisations), candidate development, head-hunting, advertising, networking, interviewing, coaching, building a position in the industry, lots of administration
• Industry focus – be present at conferences, contribute to the cyber security community through organisational involvement, events, online social media presence, face-to-face client engagements, staying abreast of remuneration and employee benefits within the evolving marketplace
• Communication – staying in iterative contact with clients-candidates-community, reading resumes, writing emails, reviewing applications, hosting webinars or information sessions, career advice, drafting job position descriptions
• Cyber industry awareness – Constant upskill in cyber industry best practices, the roles and responsibilities that organisations have within cyber and the skills that candidates require. A solid understanding of the certifications and qualifications required or preferred.

Key skill area

General cyber security knowledge is important along with excellent client and candidate communication. The ability to network is integral to effective recruitment as building a base of qualified and capable candidates you can grow your business with helps propel success.

Transferrable skills

Prior recruitment, human resources or people and culture experience. Cyber security qualifications, training, experience in the industry or cyber security consulting can be transferred when it comes to recruiting for cyber security jobs in Australia. The industry knowledge gives an understanding of questions to ask, what to look for, and what clients expect. A high capability to network, connect to the community, create an online personality or presence and effective professional communication are highly transferrable skills.

5. Product Management

Cyber security product roles can come with varied duties depending on the company and specific role, such as Product Manager, Product Specialist, Product Evangelist etc. Working in this field will likely see you with duties in the product development and lifecycle space, working with teams like Pre-Sales and Sales and the Development team as new products are created. These roles usually sit within a technology or solutions offering business rather than a consultancy or an organisation with an information security / cyber team. 

Examples of responsibilities

• Innovation and development – generating new product ideas, innovations and collaborating with various teams, clients and stakeholders to conceptualise product offerings or changes to existing solutions
• Assist and guide teams – provide support to various teams in sales, pre-sales, service delivery and engineering to help with technical delivery and developments. Assist clients to understand products and their capabilities and iterate the development of these to greater meet the needs of clients, handle complaints, escalations and issues from clients
• Administration and inventory – manage an inventory of stock, of products in the market, client uptake and licensing, provide specifications, pricing, technical background and information, report on pipelines and timelines for new-to-market products
• Strategy – consult with C-level and stakeholders on strategic product development and support, work with marketing and communications teams to campaign and promote products, understand consumer trends and competitors’ offerings

Key skill area

General cyber security knowledge along with a technical capability is vital to sitting in these roles. At an entry-level or pivot from entry-level it is possible that a technical solutions company will provide specific training and induction to the product and assist in a growth pathway.

Transferrable skills

Previous product management skills, ability to interpret high-level conceptual, technical and practical business inputs for effective driving of feasible solutions. Strong stakeholder engagement, high-level administrative keeping, attention to detail, client relationship management, data and business analyst skills, marketing experience.

6. Leadership expertise for Cyber Security Jobs in Australia

Every organisation needs leaders. This is not a typical starting point for someone landing a cyber security job in Australia. Unless it’s at a strategic level, it’s often an after-thought or unrealised possibility for those in the industry. As cyber security business functions and teams grow, and as more cyber technology and consulting firms emerge, there is a need for more leaders who are effective in delivering great workplaces, business results and consumer satisfaction. Leadership in cyber security still lacks the structures and typicality of other business functions in many ways. Whether cyber is a delegation to the Chief Information Officer (CIO) versus a Chief Information Security Officer (CISO) or perhaps just an Information Security Manager is just one of the examples of this, let alone organisations that have no dedicated cyber security leadership at all.

Examples of responsibilities

• Strategy – developing on-going cyber security programs, maturity and uplift development. Delegating resources, hiring and securing essential personnel, reviewing and approving fit-for-purpose technologies and solutions, aligning cyber security functions with greater risk management practices and other business enablers
• Growth – raising successive, capable personnel to maintain and expand business capabilities. Mentoring, coaching and training to raise skill levels and opportunities, ensuring personnel job satisfaction, motivation and delivery. Creating accountability and ownership
• Informing and updating – relaying progress, security updates, maturity, risks and threats to stakeholders and various teams. Keeping up-to-date with leading industry practices, planning and developments
• Management – ensuring the delivery of cyber security projects and results, delivering. Setting up teams/divisions/taskforces/departments for cyber security delivery

Key skill area

Deep cyber security domains knowledge and experience will be required for these roles. Often requirements include qualifications like CISSP or CISM with proven experience and skills across multiple cyber security faculties. Additionally, leadership skills like effective communication, influencing, project and change management, networking, and consulting are required.

Transferrable skills

Previous leadership, management and higher-duties experience all play well on this pathway. Training and teaching experience as well as consulting and client management. Business analytics, operations and HR experience could all be transferrable also.

7. Defence Force

Cyber security has numerous occupations within the various Defence Force fields. Whether the Army, Air Force, Navy or a branch of Intelligence there are plenty of cyber security roles and often these provide great entry-level opportunities with full and comprehensive training programs, career development and a host of additional skills. Typically, Defence Force jobs offer a unique lifestyle, travel or relocation opportunities, and plenty of room for progression.

Examples of responsibilities

• Cyber technical – technical cyber security jobs in Australia involve responsibilities like those of a cyber security officer, engineer, security architect, network security specialist or cyber security analyst
• Cyber consultative – Subject Matter Expert in cyber warfare, cyber security strategy and advice consulting, training and awareness, project development and management, policy implementations, cyber operations management
• Intelligence – cryptography and cipher suite duties, multi-language security communications, communications technology security, forensics analysis
• Programming – learning and writing code, developing scripts, programs and solutions for cyber warfare and operations, doing software analysis, network traffic analysis, secure code review and DevSecOps

Key skill area

Technical and functional cyber security knowledge is key in many of the Defence Force roles but in many instances if approaching as an entry candidate training and specialisation is provided in a clear pathway.

Transferrable skills

Attention to detail, discipline, computer engineering, software engineering or development, network security, IT systems administration, communications and a number of soft skills such as professional communication, logical thinking, problem-solving, situational and cultural awareness, adaptability.

One of the greatest opportunities that come from being in the cyber security industry is flexibility and the unique pathways to move across differing job roles. The cyber security industry is currently benefiting from an influx of career changers and graduates who are able to identify and apply transferrable skills or soft skills to meet many of the challenges cyber roles invite. Fortunately, whether you are a highly technical cyber minded individual or a less technical one, there is a vocation in cyber security for you, with a career path to grow into.

Undertaking the Institute of Data’s Cyber Security Program is a way to gain the essential, foundational cyber-job-ready practical skills for propelling your cyber security journey and gaining industry insights that help reveal what cyber security role is for you. 

---

Industry contributor: Ez Yiap | Cyber Security Commercial Support Executive | Triskele Labs