Hexworth Prime/ House of the Shield/ Careers
House of the Shield, Dorothy Denning

Careers in Defensive Security and GRC

Shield trains the people who stand between systems and the threats that target them. This page lists the roles graduates pursue, the certifications that gate them, the salary bands you can expect in 2026 USD, and what a day on the job actually looks like.

12 representative roles, entry through executive. Salaries reflect United States markets, mid-2026 ranges.

Entry tier, zero to two years

Front line monitoring, control implementation, and compliance support. These roles teach you the operational rhythm of a real security team.

SOC Analyst, Tier 1
Entry$55K to $75K

First responder to security alerts. You watch the SIEM, triage events, and escalate suspicious activity to senior analysts. The front line of organizational defense.

Key certifications
Security+ SY0-701CySA+ CS0-003SC-200Splunk Core Certified User
Core skills
SIEM operationLog analysisTicketingTCP/IP basicsWindows and Linux fundamentals
A day in the life

Review overnight alerts, triage incoming events, update tickets, escalate suspicious patterns to Tier 2, document findings, hand off active investigations at shift change.

GRC Analyst
Entry$55K to $80K

Support compliance assessments, maintain policy documentation, track remediation, and prepare evidence packages for audits.

Key certifications
Security+ SY0-701SC-900ISO 27001 Lead Implementer
Core skills
Policy writingRisk registersControl mapping (NIST 800-53, ISO 27001)Documentation discipline
A day in the life

Update the compliance tracker, review draft policies, gather audit evidence, sit in on a vendor risk review, schedule remediation follow-ups with system owners.

Security Engineer, Junior
Entry$70K to $95K

Implement security controls, configure security tools, and maintain the infrastructure the rest of the team depends on.

Key certifications
Security+ SY0-701SC-200GSEC
Core skills
Firewall and IDS/IPS configurationEndpoint deploymentSIEM integrationScripting (Python, PowerShell)
A day in the life

Push a firewall ruleset change through review, troubleshoot an EDR agent that stopped reporting, write a small Python script to normalize a vendor's log format, attend an architecture review.

Mid tier, two to five years

Specialization phase. You move from following runbooks to writing them, from triaging alerts to tuning the systems that generate them.

SOC Analyst, Tier 2 and Tier 3
Mid$80K to $115K

Deep investigation of escalated incidents, threat hunting across endpoint and network telemetry, and tuning detections to cut false positives.

Key certifications
CySA+ CS0-003SC-200GCIAGCIH
Core skills
Threat huntingPacket analysisMalware triageDetection engineeringMITRE ATT&CK mapping
A day in the life

Investigate an escalated alert chain, write a new Sigma rule to catch a noisy beacon pattern, run a hunt against last week's DNS data, mentor a Tier 1 through a tricky ticket, contribute to an incident postmortem.

Vulnerability Management Engineer
Mid$95K to $130K

Own the scanner footprint and the patch pipeline. Translate raw findings into actionable work for IT and engineering teams.

Key certifications
CySA+ CS0-003Security+ SY0-701GCIA
Core skills
Tenable, Qualys, or Rapid7 operationCVSS and EPSS scoringPatch program ownershipRisk-based prioritization
A day in the life

Review the week's new findings, file remediation tickets weighted by exposure and exploitability, meet with the patch crew on a stubborn legacy stack, brief leadership on SLA trends.

GRC Manager
Mid$100K to $135K

Manage compliance programs, lead risk assessments, coordinate with external auditors, and own third-party risk reviews.

Key certifications
CISACRISCCISMISO 27001 Lead Implementer
Core skills
Risk managementAudit coordinationFramework mapping (NIST CSF, SOC 2, HIPAA)Vendor risk
A day in the life

Lead a risk workshop with a business unit, coordinate auditor evidence requests, review third-party SOC 2 reports, present quarterly risk metrics to leadership.

Information Systems Security Officer (ISSO)
Mid$95K to $135K

Federal and federally regulated systems role. Own the security posture and authorization package (RMF, FedRAMP) for an assigned system or boundary.

Key certifications
Security+ SY0-701CISSPCAP
Core skills
NIST RMF (800-37, 800-53)FedRAMPeMASS or Xacta toolingPOA&M management
A day in the life

Update the system security plan, work POA&Ms with the engineering team, prepare an authorization package review, coordinate continuous monitoring deliverables.

Risk Analyst
Mid$80K to $115K

Quantify cyber risk, run risk assessments against the organization's controls, and translate threat scenarios into business language.

Key certifications
CRISCCISAOpen FAIR
Core skills
Quantitative risk (FAIR)Threat modelingRisk register ownershipExecutive reporting
A day in the life

Run a FAIR analysis on a proposed system change, refresh the top-ten risk register, brief a business owner on residual risk, contribute to the annual risk appetite refresh.

Senior tier, five to ten years

Leadership of a team, an architecture domain, or a program. Decisions you make ripple across the organization.

Security Operations Manager
Senior$120K to $160K

Lead the SOC, set operational metrics, manage on-call rotations, and represent the team to executives.

Key certifications
CISSPCISMGSOM
Core skills
Team leadershipMetrics and KPIsRunbook governanceVendor managementBudget ownership
A day in the life

Review SOC dashboards, run team standups, brief leadership on threat trends, coordinate with the IR function on a live incident, plan next quarter's tabletop exercise.

Security Consultant, Defensive
Senior$120K to $180K

Client-facing role at a consultancy. Assess client security postures, design programs, and guide remediation across diverse environments.

Key certifications
CISSPCISMCRISCISO 27001 Lead Implementer
Core skills
Client communicationMaturity assessments (NIST CSF, C2M2)Program designWorkshop facilitation
A day in the life

Run a CSF maturity workshop at a client, draft a roadmap deliverable, present findings to a CIO, support a proposal for the next engagement.

Compliance Officer
Senior$130K to $175K

Senior compliance program owner. Set policy, manage external regulators, and ensure the organization meets its legal and contractual obligations.

Key certifications
CISACISMCRISC
Core skills
Regulatory engagementPolicy governanceAudit defenseCross-functional coordination (legal, privacy, security)
A day in the life

Review a new regulatory notice, meet with legal on contract terms, brief executives on audit readiness, sign off on annual policy updates.

Security Architect
Senior$140K to $190K

Design enterprise security architecture, set technical standards, and guide the organization through significant technology shifts.

Key certifications
CISSP-ISSAPCASP+ CAS-005SABSATOGAF
Core skills
Enterprise architectureThreat modelingZero trust designTechnology evaluation
A day in the life

Review a proposed cloud migration design, lead an architecture review board, threat model a new product, evaluate a candidate identity platform, mentor a junior architect.

Executive tier, ten plus years

Board-facing roles. You own the security mission for the whole organization.

Director of Security Operations
Executive$170K to $230K

Strategic oversight of all monitoring and detection capability. Owns the budget, the partner ecosystem, and the organizational defense posture.

Key certifications
CISSPCISMCRISC
Core skills
Strategic planningBudget managementExecutive communicationProgram development
A day in the life

Executive briefing on quarterly threat landscape, budget review with finance, vendor evaluation for a managed detection partner, risk committee, cross-functional defense planning.

CISO, Chief Information Security Officer
Executive$210K to $400K and up

The top security executive. Set the vision, manage risk at the enterprise level, and report to the board. Increasingly named in regulatory filings.

Key certifications
CISSPCISMCRISCCGEITNACD Cyber-Risk Oversight
Core skills
Board-level communicationEnterprise risk managementRegulatory navigationOrganizational leadershipCrisis management
A day in the life

Board presentation, regulator engagement, M&A security review, crisis response posture review, strategic planning with the executive team, analyst and media briefings.

Certification ladder, defensive track

Practical sequencing for a Shield-aligned career. Pass each in roughly the order shown, with cloud and ISACA branches added based on your direction.

Foundation
Entry

Two certifications that prove you know the vocabulary and the day-one operational concepts.

CompTIA Security+ SY0-701Microsoft SC-900
Analyst track
Mid

For SOC, incident response, and detection engineering paths.

CompTIA CySA+ CS0-003Microsoft SC-200GCIAGCIH
Architecture track
Senior

For engineering and architect paths. CASP+ is a strong DoD 8570 ladder rung.

CompTIA CASP+ CAS-005CISSPCISSP-ISSAP
GRC and leadership track
Senior

For audit, compliance, risk, and executive paths. ISACA dominates this branch.

ISACA CISAISACA CISMISACA CRISCISO 27001 Lead Implementer
Deeper exploration The interactive Career Explorer adds path diagrams, the NICE workforce framework mapping, and a certification matrix across all eight security domains.
Open the interactive explorer
Back to House of the Shield All cybersecurity career resources