Home > Articles

  • Print
  • + Share This
This chapter is from the book

Developing Job Roles

Many different job roles fall under the categories “cybersecurity” and “information technology.” Within those generic categories are roles that are responsible for presales, delivery of services, daily operations, and everything in between. Your SOC will have roles that fall under the cybersecurity and information technology categories; however, your SOC roles will require specific skills, knowledge, and experience based on the services your SOC offers. Sometimes skills, knowledge, and/or experience can be acquired on the job, while other times they are prerequisites for an employee to take on the associated responsibilities of a job role. Successful organizations clearly define job roles, compensation ranges, responsibilities, and paths for career growth because these elements are what attract and retain quality people.

In Chapter 1, I introduced the eight core services I find within mature SOCs. Each service has different types of job roles, which some can apply to multiple services while others are very specific to a single service. You will need to recruit and retain the right talent for the services you offer, which continues to be an extremely challenging task in today’s competitive cybersecurity job market. Not only is it hard to find the right talent, but experienced talent will be expensive. You will have to decide when you can groom an internal employee for a role or seek external talent to fill a position.

One major factor that impacts these decisions is available budget for recruiting talent. Leadership will need a general number of what the cost will be to fill a SOC position. The best way to determine a ballpark cost to fill a SOC position will be using publicly available pay scales. The general schedule pay scale is an example of such a resource.

General Schedule Pay Scale

The U.S. federal government uses a scale based on series and grade to categorize and define jobs. The series is a numbered system for grouping similar occupations. For example, a computer engineer is part of the 0854 series, while a nurse is part of the 0610 series. The grade refers to the General Schedule (GS) pay scale representing the pay level for the job. A job role with a higher GS grade will have a higher pay range. Employees with a high school degree and little experience fall under the GS-5 and lower range, while people with work experience can expect to be at least at a GS-7 level. Employees with a master’s degree and special experience will expect a GS-9 or higher job role. People looking to work for the U.S. federal government can use this system to quickly understand the pay range for any available U.S. federal job request. Candidates can also refer to the standardized language of the GS pay scale jobs to ask about how the existing role can advance to higher GS grades as the candidate gains experience in the role.

Formalizing Payscales

The GS pay scale is just one example of a pay scale you can use to standardize how compensation is distributed to each job role in your organization. You want to apply a formal pay scale to your SOC roles to set expectations for the pay range associated with your positions. You also need to be specific regarding what skills and other requirements are involved with each role to ensure potential candidates know what is required to qualify for the role. This also applies to advancements in a role. For example, as a SOC analyst gains experience, her title should change. A SOC analyst could start out as a grade 1 analyst. Once that analyst meets certain time, skill, and experience requirements, the analyst can request to be promoted to a grade 2, which will have a higher pay range. While skills are being obtained, salary increases should be provided that fall within the specific pay range. At some point, the candidate will hit the top of the pay range and must move to another pay range before any further increases in salary can be provided.

Formalizing pay scales enables employees to understand how their compensation will change as they increase in grade scale or switch roles, which will have their own assigned grade scale. Some job series will max out faster than others, encouraging an employee to switch roles if they desire a higher pay scale. An analyst series might max out at the role “analyst grade 5” while the pay for a analyst grade 5 is similar to a “architect grade 2” role. In this example, an analyst would not be able to make the same income as an architect grade 3 or higher, motivating the analyst to switch roles if he wants to be part of a higher pay scale than what an analyst pay scale could offer. Having certain job series max out at lower pay scales than other job series isn’t a bad thing. Developing a job role structure with certain job pay scales maxing out lower than others encourages career development that is driven toward senior job titles. Companies that don’t encourage career growth and just provide standard raises on an annual basis will not encourage employees to invest time into developing their skills or career. As a result, employees will remain unmotivated and a flight risk.

IT Industry Job Roles

Job roles need to be clearly defined to identify a baseline of responsibilities as well as skills and experience expectations. The next section reviews the various types of jobs and their expected associated skills. It is up to your organization to customize and explain how the general skills associated with a job title relate to the specific job role and what additional skills and experience are desired for a potential candidate to be considered.

According to the employment website Indeed (https://www.indeed.com), the following items need to be included in a basic job title. Make sure to elicit responses to each of these categories with any job posting that you publish.

  • Job role: Use targeted language rather than generic titles. Avoid lingo that is internally unique to your organization.

  • Job summary: Sell your job with an attention-grabbing summary. Include the exact job location, including whether remote work is an option.

  • Responsibilities and duties: Outline the core responsibilities. Highlight the day-to-day activities. Specify how the position fits within the organization and SOC.

  • Qualification and skills: Provide a list of hard and soft skills. Keep the list concise.

To better understand job roles, let’s review common job titles and their associated skills.

Common IT Job Roles

Reviewing the common job roles that exist in the IT market space is a good place to start before focusing on the SOC-specific roles you will want in your organization. You can use the following list of IT industry job roles to better understand what type of skills are associated with a common IT title and determine if that role could apply to a SOC role you are looking to fill. Some roles will be tied to generating revenue, known as presales roles, while others will be supporting the organization in various fashions. Some job roles, such as a PCI DSS compliance officer, are tied to specific tasks, while others, such as a network engineer, are more generalized. The range and depth of skills will also vary between roles. A presales engineer might or might not have much hands-on experience with a technology depending on how the candidate utilized the technology in his or her previous role. It is best to qualify any skill during the interview process and validate experience through references.

  • Account manager (AM): An account manager works in the sales and marketing department of a business and is responsible for managing client accounts. This job role requires very little technical knowledge, but it does require mature soft skills and a drive to execute on meeting or exceeding sales goals.

  • Sales engineer (SE): A sales engineer combines technical knowledge with sales skills (a combination of hard and soft skills). Because many account managers lack technology knowledge, they require an engineer to handle technical-related tasks. Those tasks include understanding the customer’s technical needs, explaining the technology or services those needs represent, providing demonstrations of technology, or possibly even installing technology to prove it can accomplish the desired goals so that a sale can be achieved. Sales engineers must be able to translate technical concepts into terms that nontechnical people understand.

  • Marketing engineer: Organizations that sell products or services have teams dedicated to developing how those offerings are marketed to customers. Some marketing teams require creative people with a technical background to explain the value of the solutions being offered as well as validate if the marketing efforts meet their targeted customers’ expectations. The level of technical and soft skills required for the marketing engineer position will depend on the type of products and services being offered as well as how the marketing engineer will be utilized.

  • Installation/post-sales engineer: This role supports presales teams by delivering the products and services that were sold to the customer. Services could be short-term or long-term contracts and have various travel requirements. For example, an installation engineer could travel often to new customer locations for short projects or be part of a long-term deployment that spans across multiple locations.

  • Compliance officer: Many organizations have compliance requirements that they must meet to offer certain types of services as well as to avoid the negative impact (such as fines) from not meeting mandatory compliance. Compliance officers are responsible for monitoring the current state of an organization’s compliance status, obtaining proof that compliance is met, monitoring for changes in compliance, and performing other compliance-related tasks.

  • Manager: Managers are responsible for addressing employees’ needs. Fulfilling those needs can include operational requirements, such as providing tools and support to perform their jobs, or emotional support to encourage a positive working environment. Great managers help people achieve goals as well as mentor employees so they can grow their skills and feel accomplished. When employees experience challenges, managers are responsible for representing their needs. Managers are expected to have strong soft skills and experience managing people.

  • Desktop support: The desktop support group focuses on managing host-related services. This can include support needed for desktops, laptops, mobile devices, and sometimes servers. Desktop support can be responsible for issuing equipment, enforcing security within equipment, and supporting the equipment with updates or software requested by employees. Desktop support can also develop policies for endpoints and support the SOC’s mission of enforcing security policies. Skills can range between operating system types and tools, depending on experience level.

  • Helpdesk: The helpdesk team is responsible for anything related to supporting employees and their equipment. This role is typically the first layer of support for an organization’s internal services. Examples of common helpdesk job duties include resetting passwords, provisioning hardware and software, and responding to security incidents, such as a user reporting that her computer might be infected with a virus. The desktop support role and helpdesk role can be the same role or have responsibilities divided between different teams. A SOC can include a helpdesk service to assist with responding to security incidents and to support SOC team members’ technical requirements.

  • Database/cloud engineer: Organizations create data and need a place to store it. Data can be stored locally on servers or on a cloud storage service provider’s servers. A database or cloud engineer acts as a data custodian ensuring that data is protected and policies created by the data owner are enforced. Technical skills include setting up relational databases, designing queries and reports to access information in the databases, and administering backup and recovery procedures.

  • Network engineer: Network engineers deploy and manage the organization’s networks. Every organization has some form of network services such as LAN, VPN, and wireless. Even organizations that lead with cloud services need a network to enable employees to access the cloud. Network engineer skills range from configuring to monitoring and troubleshooting various types of network equipment.

  • Software engineer: Computer programs are computer code created by software engineers. As IoT and other technology grows in popularity, the need for programmability and applications increases the need for software engineers. Many SOCs leverage customized applications that are built by software engineers or leverage open-source tools that can leverage programmable tools that modify how the tool works or how the data is used by the tool. Software engineers develop information systems by designing, developing, and installing software solutions.

Some of the preceding job roles could apply to SOC work, while others do not but could perform SOC work with some level of training. I also didn’t cover every job role you will find if you search popular job recruiting resources using terms like “cybersecurity” and “information technology” since the list could take up the entire chapter. Many of these jobs are also feeder roles into security-related work, meaning jobs people do before they start working in a SOC or undertaking similar security-related work. Sometimes people find a job in security later in their career because the candidate didn’t initially pursue a career in security after completing their education, found an opportunity in non-security-related work prior to performing SOC work, wasn’t qualified for security-related work, or other reasons.

  • + Share This
  • 🔖 Save To Your Account

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020