What does this mean for mid-career roles in this segment? And what are the broader opportunities in this market?
Praveen Yeleswarapu, Head-Product Marketing & Engagements, BluSapphire, says that a lot of mid-career roles are shaping up in cyber security — for example, in sales operations and consulting.
“In sales, there seems to be a tremendous amount of demand in the market around cybersecurity. So, for people who have done enterprise or mid-market sales before, especially in core networking profiles, or some level of inside sales around basic cyber security, there is substantial scope for a mid-career switch horizontally,” he says .
The second emerging field, according to Yeleswarapu, is pre-sales, given that quite a few organisations are looking to have stronger cyber resilience programmes.
« Back to recommendation stories
Pre-sales plays a significant role in shaping the overall cyber resilience programme because these professionals have to think from a tech aspect and support sales to close business. In a way, pre-sale professionals can be considered as architects; they need to understand the overall organisation, how it works and how it doesn’t work, and then bring in the technological expertise to fill the gap, while understanding the customer requirements in depth and supporting the sales team to go ahead and close the business. “The third mid-career switch that I see is that of a cybersecurity architect who is sitting on the other side of the table, that is, from a client’s perspective, to shape up the cyber resilience programme. The fourth one that I see is more in cybersecurity operations. There is scope for senior cybersecurity analysts, threat-hunting resources, and end-product support specialists as well, from a cyber security tool management point of view,” he says. Further, according to him, a significant number of roles are also emerging in the product industry, which is essentially about building products for cybersecurity. Think of product management roles, architect roles and developers. Likewise, product marketing is also going to be important in the cybersecurity world. So, people in marketing or product management can cross-skill themselves in the cybersecurity realm and then get into the space.
Highlighting the broader market opportunities, Shreya Suri, Partner, IndusLaw, says that the Indian economy has opened itself up to offer attractive careers in cyber security. The government is focussed on meeting global standards to ensure that best practices for cyber security are implemented across multiple sectors amid data breach incidents and such.
Some of these opportunities did exist. However, the proposed new regulations in this sector have broadened the scope. The persistence on meeting minimum standards for data security and integrity measures across multiple sectors has given rise to several sophisticated cybersecurity firms and standalone specialised practice areas for law firms.
“We will also, in the future, see new government and regulatory agencies with investigation arms (similar to the DG and the CCI) being set up, with legislation on data protection and information technology in the works. This will entail several career opportunities in this sector alone, along with an increased requirement for setting up of data farms and servers,” she says.
The data privacy and security practice in several sophisticated legal firms is now able to support three broad client categories: individual clients, incorporated/registered organisations and government/regulatory agencies, says Suri.
Following are the areas Suri sees approaching law firms for help:
- Individual clients: fundamental privacy and information rights
- Incorporated/registered organisations: establishing robust internal data governance frameworks, internal and external data collection practices, consent mechanisms, privacy policies, guidance on incorporating privacy by design into their applications and websites, structuring and negotiating data sharing and processing arrangements assistance in reporting of cyber incidents and implementation of the data breach response, making representations before regulatory and judicial bodies on both contentious and non-contentious matters, among many other services
- Government and regulatory agencies: policy and litigation. Cyber security firms, as well, with reinforced minimum standards for security practices across various industry sectors, are able to provide services like security architecture implementation, certification, audit, vulnerability testing, ethical hacking, tracing sources of leaks and breaches, among others.
“There is also a lot of synergy of legal firms with cyber security firms wherein both are able to cross-refer clients and jointly (offer) support on multiple problem statements,” she adds.