// cyber tracks

A twin for every
cybersecurity role.

Eleven specialist tracks, each with a Career Twin tuned to the knowledge, tooling, and hiring pattern of that discipline. Pick yours — your readiness score is calibrated to it.

SOC · Featured

SOC Analyst L1

Detect, triage, and respond to security incidents in real time.

SIEMAlert triageMITRE ATT&CK
Explore track
SOC

SOC Analyst L2

Hunt threats, tune detections, own the alerts L1 can't close.

EDRThreat hunting
SOC

Detection Engineer

Turn attacker behaviour into high-signal, low-noise detections.

SigmaKQL/SPL
GRC · Featured

GRC Analyst

Translate frameworks into evidence and controls that audit clean.

ISO 27001NIST CSFSOC 2
Explore track
Risk

Risk Analyst

Quantify cyber risk in language the business actually uses.

FAIRRisk treatment
Governance

Compliance Officer

Keep the company on the right side of regulators and customers.

GDPRDORA
Offensive · Featured

Penetration Tester

Break things on purpose, then document exactly how you did it.

OWASP Top 10AD attacksBloodHound
Explore track
Offensive

Red Team Operator

Emulate a real adversary end-to-end, quietly.

C2 frameworksOPSEC
AppSec

Application Security Engineer

Shift left without slowing developers down.

Secure SDLCThreat modelling
AppSec · Featured

DevSecOps Engineer

Wire security guardrails into the pipeline, not the standup.

CI/CD securitySupply chain (SLSA)IaC scanning
Explore track
Cloud

Cloud Security Engineer

Design guardrails so the rest of the company can ship safely.

IAMKMS
Identity

IAM Analyst

Own the identity lifecycle from joiner to leaver, cleanly.

SAML/OIDCSCIM
Architecture · Featured

Security Architect

Design secure systems before they're built, not after they leak.

Zero TrustThreat modellingPatterns
Explore track
IR

Incident Response Analyst

Run toward the breach with a clear head and a tested playbook.

NIST 800-61Forensics
Intel

Threat Intelligence Analyst

Turn raw signals into decisions the rest of security can act on.

Diamond ModelKill chain
VulnMgmt · Featured

Vulnerability Management

Scan less, prioritise harder, ship the fix.

CVSS / EPSSTenable / QualysPatch ops
Explore track
OT/ICS

OT Security Analyst

Protect physical processes where uptime beats patch cadence.

Purdue modelIEC 62443
Leadership

Security Engineering Manager

Build the team that builds the controls.

RoadmappingHiring
Leadership · Featured

CISO (Interview Prep)

Run security like a business function the board can sponsor.

Cyber strategyBoard commsQuantified risk
Explore track
governance-risk-compliance

Privacy Officer

Operationalise GDPR, DPIAs and data subject rights across the business.

governance-risk-compliance

Data Protection Officer

Statutory DPO accountable to the regulator for the organisation's data protection programme.

governance-risk-compliance · Featured

Third-Party Risk Analyst

Assess supplier risk, run security due diligence and continuously monitor critical vendors.

Explore track
governance-risk-compliance

Information Security Audit Manager

Lead internal and external infosec audits across ISO 27001, SOC 2 and regulatory frameworks.

governance-risk-compliance

Security Policy & Standards Manager

Own the policy library, standards uplift and exception process for the security programme.

governance-risk-compliance · Featured

Business Continuity & Resilience Manager

Lead BCM, DR planning and operational resilience testing under DORA-style regulation.

Explore track
governance-risk-compliance

ISO 27001 Implementer / Consultant

Implement ISMS programmes, run gap assessments and prepare clients for certification.

governance-risk-compliance

SOC 2 Consultant

Design SOC 2 control environments and shepherd SaaS companies through Type I and II audits.

governance-risk-compliance · Featured

Cyber Controls Tester

Test design and operating effectiveness of cybersecurity controls for assurance teams.

Explore track
security-operations

SOC Analyst — Tier 3 / Senior

Lead complex incident triage, mentor analysts and drive detection and process improvement.

security-operations

SOC Manager

Run the 24x7 SOC: shift coverage, KPIs, vendor relationships and incident escalations.

security-operations · Featured

MSSP Security Analyst

Monitor and triage across multiple MSSP customers with strict SLA-driven runbooks.

Explore track
security-operations

Security Monitoring Engineer

Engineer logging pipelines, telemetry coverage and visibility across hybrid estates.

security-operations

Brand Protection / External Threat Analyst

Hunt phishing kits, impersonation domains and brand abuse across surface and dark web.

threat-intelligence · Featured

Cyber Threat Intelligence Analyst

Produce strategic, operational and tactical CTI for SOC, IR and leadership consumption.

Explore track
threat-intelligence

Threat Hunter

Run hypothesis-driven hunts mapped to MITRE ATT&CK across EDR, network and cloud telemetry.

threat-intelligence

Malware Analyst

Triage suspected malware, extract IOCs and brief detection engineers on coverage gaps.

threat-intelligence · Featured

OSINT Analyst

Collect open-source intelligence on threat actors, exposures and executive risk.

Explore track
threat-intelligence

Dark Web / Underground Analyst

Monitor underground forums and marketplaces for breached data and emerging threats.

incident-response-dfir

DFIR Consultant

Lead client-facing incident investigations end-to-end, from triage to executive readout.

incident-response-dfir · Featured

Digital Forensics Analyst

Acquire and analyse host, mobile and cloud artefacts to forensically sound standards.

Explore track
incident-response-dfir

Malware Reverse Engineer

Statically and dynamically reverse engineer malware to drive detection and attribution.

incident-response-dfir

Incident Response Manager

Own the IR programme: playbooks, retainer relationships, tabletop exercises and lessons learned.

incident-response-dfir · Featured

Ransomware Negotiator / Communications Lead

Lead threat actor communications and crisis comms during ransomware events.

Explore track
offensive-security

Web Application Penetration Tester

Find and exploit vulnerabilities in modern web apps and APIs, then write client-ready reports.

offensive-security

Mobile Application Penetration Tester

Assess iOS and Android apps including reverse engineering and runtime instrumentation.

offensive-security · Featured

Network / Infrastructure Penetration Tester

Conduct internal, external and AD-focused infrastructure penetration tests at scale.

Explore track
offensive-security

Exploit Developer

Research vulnerabilities and develop reliable exploits for offensive R&D teams.

offensive-security

Purple Team Engineer

Continuously emulate adversaries and tune detections side-by-side with blue team.

offensive-security · Featured

Social Engineering Specialist

Run phishing, vishing and physical social engineering engagements with strong reporting.

Explore track
application-security

Secure Code Reviewer

Perform deep manual and tool-assisted code reviews across multiple languages and stacks.

application-security

Product Security Engineer

Embed in product squads to drive threat modelling, secure design and AppSec controls.

application-security · Featured

API Security Engineer

Secure API gateways, design auth and rate limiting and triage API-specific vulnerabilities.

Explore track
application-security

Bug Bounty Hunter / Researcher

Hunt vulnerabilities across public programmes and build a credible disclosure portfolio.

cloud-security

AWS Security Engineer

Harden AWS estates: IAM, GuardDuty, Security Hub, KMS and landing zone guardrails.

cloud-security · Featured

Azure Security Engineer

Secure Azure environments using Defender for Cloud, Entra ID, Sentinel and policy as code.

Explore track
cloud-security

GCP Security Engineer

Implement GCP security: Org Policies, SCC, IAM, Cloud Armor and workload identity.

cloud-security

CSPM Engineer

Operate cloud security posture management tooling and drive remediation campaigns.

cloud-security · Featured

Kubernetes Security Engineer

Secure Kubernetes clusters: admission control, runtime defence and supply chain.

Explore track
identity-access-management

IAM Engineer

Build and operate IAM platforms across joiners, movers, leavers and access reviews.

identity-access-management

IAM Architect

Design enterprise identity architectures spanning workforce, customer and machine identity.

identity-access-management · Featured

Privileged Access Management Engineer

Operate PAM platforms (CyberArk, BeyondTrust, Delinea) and onboard privileged accounts.

Explore track
identity-access-management

SSO / Federation Engineer

Integrate SaaS and internal apps with SAML, OIDC and SCIM through the identity platform.

identity-access-management

Customer IAM (CIAM) Engineer

Build customer login, passwordless and fraud-aware auth on platforms like Auth0 or Okta CIC.

security-engineering · Featured

Security Engineer

Generalist security engineer building tooling, integrations and platform controls.

Explore track
security-engineering

Security Automation Engineer

Automate detection, response and security operations using SOAR, Python and APIs.

security-engineering

SIEM Engineer

Engineer SIEM platforms (Splunk, Sentinel, Chronicle), parsers, content packs and dashboards.

security-engineering · Featured

SOAR Engineer

Design and build SOAR playbooks that compress response time and analyst toil.

Explore track
security-engineering

EDR / XDR Engineer

Deploy and tune endpoint detection platforms and lead policy and exclusion governance.

security-engineering

Data Loss Prevention Engineer

Build and tune DLP rules across endpoint, email and SaaS for measurable risk reduction.

security-architecture · Featured

Enterprise Security Architect

Set the enterprise security target architecture and govern domain reference architectures.

Explore track
security-architecture

Cloud Security Architect

Design secure multi-cloud architectures, landing zones and platform security patterns.

security-architecture

Zero Trust Architect

Lead zero trust strategy: identity, device, network and workload segmentation.

security-architecture · Featured

Data Security Architect

Design data classification, encryption, tokenisation and key management at enterprise scale.

Explore track
devsecops

DevSecOps Engineer

Embed security testing and guardrails into CI/CD and platform engineering workflows.

devsecops

CI/CD Pipeline Security Engineer

Secure build systems, secrets handling, SBOM generation and supply chain attestations.

devsecops · Featured

Container Security Engineer

Harden container images, registries and runtime; lead Kubernetes admission policy.

Explore track
devsecops

Infrastructure-as-Code Security Engineer

Build policy-as-code (OPA, Checkov, Sentinel) for Terraform and IaC governance.

network-security

Network Security Engineer

Design, operate and harden enterprise network security across LAN, WAN and cloud edges.

network-security · Featured

Firewall Engineer

Operate next-gen firewall estates (Palo Alto, Fortinet, Check Point) and rule lifecycle.

Explore track
network-security

SD-WAN Security Engineer

Secure SD-WAN fabrics and integrate with cloud-delivered security stacks.

network-security

SASE / SSE Engineer

Operate SASE platforms (Zscaler, Netskope, Cato) covering SWG, CASB, ZTNA and DLP.

network-security · Featured

Network Detection & Response Analyst

Hunt across NDR telemetry (Darktrace, ExtraHop, Vectra) and tune behavioural detections.

Explore track
ot-ics-security

ICS Security Engineer

Secure industrial control systems and Purdue-model networks across critical infrastructure.

ot-ics-security

SCADA Security Analyst

Monitor SCADA and DCS environments using OT-native tools like Dragos, Claroty and Nozomi.

ot-ics-security · Featured

IoT / Connected Device Security Engineer

Threat model and harden connected products, firmware and device-cloud trust models.

Explore track
security-consulting

Cybersecurity Consultant

Advise clients across strategy, controls and transformation programmes.

security-consulting

Virtual CISO (vCISO)

Provide fractional CISO services to scaleups: strategy, board reporting, programme leadership.

security-consulting · Featured

Security Awareness & Training Lead

Design and deliver behaviour change programmes that measurably reduce human risk.

Explore track
security-consulting

Security Researcher

Publish original research on vulnerabilities, threats and defensive techniques.

security-consulting

Security Technical Account Manager

Own technical success for strategic customers of security vendors.

security-management · Featured

Security Programme Manager

Run multi-year security transformation programmes against measurable outcomes.

Explore track
security-management

Security Operations Manager

Manage SecOps teams, vendors and budget; own detection, IR and vulnerability KPIs.

security-management

Security Product Manager

Define and ship internal or external security products and platforms.

security-management · Featured

Cybersecurity PMO Lead

Run portfolio governance, reporting and resource planning for the security function.

Explore track
executive-leadership

Deputy CISO

Second-in-command security executive — operational ownership across the CISO portfolio.

executive-leadership

Head of Security

Senior security leader for a business unit, region or fast-growth scaleup.

executive-leadership · Featured

Head of GRC

Lead the GRC function: policy, risk, compliance, audit and assurance.

Explore track
executive-leadership

Head of SOC

Lead 24x7 SOC and IR functions and the detection engineering roadmap.

executive-leadership

Board / Non-Executive Cyber Advisor

Advise boards and audit committees on cyber risk, regulation and executive decisions.

emerging-cybersecurity · Featured

AI Security Engineer

Secure AI systems end-to-end: data, model, pipeline, inference and supply chain.

Explore track
emerging-cybersecurity

ML Security Engineer

Defend ML training and inference against adversarial, poisoning and extraction attacks.

emerging-cybersecurity

LLM Red Teamer

Red team LLM-powered products: prompt injection, jailbreaks, agent abuse and data leakage.

emerging-cybersecurity · Featured

Quantum / Post-Quantum Security Analyst

Plan crypto-agility and PQC migration strategies for long-lived systems and data.

Explore track
emerging-cybersecurity

Blockchain / Web3 Security Engineer

Audit smart contracts and secure custody, bridges and on-chain infrastructure.

emerging-cybersecurity

Privacy Engineer

Engineer privacy-by-design: de-identification, consent platforms and DSAR automation.

emerging-cybersecurity · Featured

Security Data Scientist

Apply data science and ML to detection engineering, fraud and security analytics.

Explore track

Don't see your specific role?

Our catalog grows weekly. Start a general track today or request a custom prep module.

Start Free

Showing 106 of 106 verified tracks

// activate your career twin

One twin. One score.
Your next career move.

Activate your Career Twin in under a minute. Free to start. Cancel anytime.