Find your next career path.
Browse 42 roadmaps across 7 families. Free guide, no signup required.
All Roadmaps
42 paths, grouped by family.
07 ROADMAPS
Security Operations
Detect, investigate, and respond to threats. SOC analysts, incident responders, threat hunters, threat intelligence.
Sec Ops
Digital Forensics Analyst
The investigator who collects, preserves, and analyzes digital evidence from computers, networks, mobile devices, and cloud environments. R…
Sec Ops
Incident Responder
The specialist called when a confirmed breach is underway. Leads the investigation, directs containment, eradicates the threat, and restore…
Sec Ops
Incident Response Consultant
The specialist who leads technical investigation and remediation of security breaches. Parachutes into compromised organizations, determine…
Sec Ops
Security Engineer
The technical security professional who designs, implements, operates, and automates security controls across the organization's infrastruc…
Sec Ops
SOC Analyst — Tier 1
The frontline defender of a Security Operations Center. Monitors alerts, triages threats, and escalates incidents before they become breach…
Sec Ops
SOC Analyst — Tier 2 / Threat Hunter
The investigator and hunter. Takes escalated incidents from T1 and runs deep investigations, while proactively searching for threats that b…
Sec Ops
Threat Intelligence Analyst
The analyst who studies adversaries — tracking threat actors, analyzing attack campaigns, producing intelligence that helps the organizatio…
06 ROADMAPS
AppSec & Software
Build secure software, review code, find and fix vulnerabilities. AppSec engineers, code reviewers, vulnerability researchers, bug bounty hunters.
AppSec
AppSec / Security Software Engineer
The engineer who embeds security into the software development lifecycle. Performs threat modeling, integrates automated security testing i…
AppSec
Bug Bounty Hunter
The independent or professional security researcher who finds and responsibly discloses vulnerabilities in real production systems through…
AppSec
DevSecOps Engineer
The engineer who embeds security into every stage of the software delivery pipeline, making security continuous, automated, and invisible t…
AppSec
Secure Code Reviewer
The specialist who reads application source code from an attacker's perspective. Identifies security vulnerabilities, business logic flaws,…
AppSec
Security Architect
The senior security professional who designs the organization's security architecture, translating business requirements and threat models…
AppSec
Vulnerability Researcher
The specialist who discovers new vulnerabilities in software, hardware, and protocols through source code analysis, binary reverse engineer…
02 ROADMAPS
Identity & Access
Control who accesses what. IAM engineers, PAM administrators, zero-trust engineers.
Identity
IAM / Identity Engineer
The engineer who designs, implements, and maintains the systems that control who can access what. Builds identity providers, SSO integratio…
Identity
PAM Administrator
The specialist who deploys, configures, operates, and maintains Privileged Access Management platforms. Protects the organization's most se…
05 ROADMAPS
Specialized & Emerging
Cloud security, DevSecOps, AI security, OT/ICS, malware analysis, security architecture — specialized tracks and fast-moving areas.
Specialized
AI Security Engineer
The emerging specialist who secures AI systems, particularly Large Language Model applications, ML pipelines, and agentic AI workflows. Ide…
Specialized
Cloud Security Engineer
The specialist who secures cloud infrastructure. Designs IAM policies, remediates misconfigurations, embeds security into IaC pipelines, pr…
Specialized
Malware Analyst / Reverse Engineer
The specialist who dissects malicious software to understand how it works, what it does, and how to detect and defend against it. Uses stat…
Specialized
OT / ICS Security Engineer
The specialist who secures Operational Technology (OT) and Industrial Control Systems (ICS). Protects SCADA systems, PLCs, RTUs, DCS, and i…
Specialized
Zero Trust Engineer
The specialist who designs, deploys, and operates Zero Trust Architecture. Replaces legacy VPN and network-perimeter access models with ide…
09 ROADMAPS
IT Operations
Keep infrastructure running. Help desk, sysadmins, network admins/engineers, DBAs, SREs, IT managers.
IT Ops
Database Administrator (DBA)
The professional who installs, configures, secures, tunes, and maintains database management systems. Ensures data is available, performant…
IT Ops
Help Desk / IT Support Technician
The first point of contact between users and the IT department. Diagnoses and resolves hardware, software, networking, and account issues,…
IT Ops
IT Manager / Team Lead
The manager who leads a team of IT professionals. Hires, develops, directs, and retains engineers, analysts, and administrators while ownin…
IT Ops
IT Project Manager
The professional who plans, executes, and delivers technology projects on time, within budget, and within scope. Coordinates developers, en…
IT Ops
ITSM / Service Desk Manager
The manager who owns the IT service management function. Leads the service desk team, designs and enforces ITIL-aligned processes for incid…
IT Ops
Network Administrator
The professional who designs, implements, and maintains an organization's network infrastructure. Manages routers, switches, firewalls, wir…
IT Ops
Network Engineer
The senior networking professional who designs, architects, and implements complex network infrastructure. Moves beyond day-to-day administ…
IT Ops
Site Reliability Engineer (SRE)
The engineer who applies software engineering principles to operations problems. Builds the automation, observability, and reliability syst…
IT Ops
System Administrator
The engineer who keeps servers, operating systems, and core infrastructure services running. Manages Windows Server and Linux environments,…
04 ROADMAPS
Data & Analytics
Turn raw data into insight. Data analysts, BI analysts, data engineers, data scientists.
Data
Business Intelligence Analyst
The professional who translates organizational data into strategic insights. Designs and maintains BI platforms, builds enterprise dashboar…
Data
Data Analyst
The professional who collects, cleans, queries, and analyzes data to answer business questions. Turns raw numbers into charts, summaries, a…
Data
Data Engineer
The engineer who designs, builds, and maintains the infrastructure that moves data from sources to destinations. Builds pipelines, data war…
Data
Data Scientist
The professional who frames business questions as data problems, builds statistical models and machine learning systems to answer them, and…
09 ROADMAPS
GRC, Risk & Compliance
Governance, risk, regulatory compliance. GRC analysts, compliance officers, IT auditors, privacy engineers, risk analysts, CISOs.
GRC
CISO / Security Director
The executive who owns the organization's information security strategy, program, and risk posture. Reports to the CEO, board, or CIO; mana…
GRC
Compliance Officer
The professional who owns regulatory compliance for the organization. Translates legal and regulatory requirements into practical policies…
GRC
Cybersecurity Program Manager
The leader who designs, builds, and manages an organization's cybersecurity program. Translates security requirements into actionable initi…
GRC
GRC Analyst
The professional who sits at the intersection of cybersecurity, business strategy, and regulatory compliance. Translates complex requiremen…
GRC
IT Auditor
The professional who independently verifies that IT controls are designed correctly and operating effectively. Tests whether what the organ…
GRC
Privacy Engineer
The technical privacy specialist who translates data protection law into engineering implementations. Builds systems that respect user priv…
GRC
Risk Analyst
The professional who identifies, assesses, quantifies, and communicates risks to information systems and organizational operations. Conduct…
GRC
Security Awareness & Training Manager
The professional who designs, operates, and continuously improves the organization's security awareness and training program. Reduces human…
GRC
Vendor / Third-Party Risk Manager
The specialist who designs, operates, and matures the organization's third-party risk management (TPRM) program. Assesses the security, fin…
Building your own portfolio?
SEE PRICING →