In the past, I’ve talked about the different career paths within Cybersecutity and all the options there are. It is a very broad field and one that can accommodate various interests.

For example, here here I wrote about 4 different roles and how they align in the cybersecurity field. You can think of Blue Team and Red Team as fields of their own. Within these two there are numerous roles that cover a wide array of responsibilities.

Here, I wanted to write about the Blue Team and dive deeper into what this field entails. This is the “defense” of Cybersecurity, those who defend and protect data and digital resources. Job families within the Blue Team are: Incident Response, Detection and Response, Threat Intel, Threat Hunting, AppSec, Compliance.

This is not an exhaustive list (In case you see slightly different ones), however it covers the main job families that others are derived from. As an example, Malware Analysis can be derived from Incident Response or DFIR as it is referred to. Security Architecture can be derived from AppSec, and so forth.

In reality, each of these job families could have a post of their own as there are a lot of factors that could influence a role. I plan on doing a deep dive on each of these to shed more light on what it could look like on the inside.