National Occupational Classification (NOC) 2021 Version 1.0


Statistics Canada's Trust Centre: Learn how Statistics Canada keeps your data safe and protects your privacy.

21220 - Cybersecurity specialists

Cybersecurity specialists develop, plan, recommend, implement, improve and monitor security measures to protect an organization's computer networks, connected devices and information to prevent unauthorized access, use, disclosure, disruption, modification, or destruction of the information or of the systems on which the information resides. They are employed in information technology consulting firms and in information technology units throughout the public and private sectors.

  • Illustrative example(s)

    • cybersecurity analyst
    • informatics security analyst
    • informatics security consultant
    • information technology (IT) security specialist
    • systems security analyst

    All examples

  • Exclusion(s)

    • Business systems specialists (See 21221 Business systems specialists)
    • Computer and information systems managers (See 20012 Computer and information systems managers)
    • Computer engineers (except software engineers and designers) (See 21311 Computer engineers (except software engineers and designers))
    • Computer systems developers and programmers (See 21230 Computer systems developers and programmers)
    • Database analysts and data administrators (See 21223 Database analysts and data administrators)
    • Information systems specialists (See 21222 Information systems specialists)
    • Software developers and programmers (See 21232 Software developers and programmers)
    • Software engineers and designers (See 21231 Software engineers and designers)
    • Web designers (See 21233 Web designers)
    • Web developers and programmers (See 21234 Web developers and programmers)
  • Main duties

    This group performs some or all of the following duties:

    • Confer with clients to identify and document requirements, assess physical and technical security risks to data, software and hardware
    • Apply encryption protocols, and manage keys to ensure security of data is maintained while at rest and in transit
    • Monitor access and credentials for information and systems
    • Install, test and operate security software and tools such as anti-virus and automated threat detection/prevent systems to ensure security measures are in place and working as intended
    • Monitor for cyber attacks, intrusions and unusual, unauthorised or illegal activity
    • Plan and carry out security measures in response to cybersecurity events and incidents in accordance with an organization's incident response plan to protect information, data and systems
    • Document computer security and emergency measures policies, procedures, and tests.
  • Employment requirements

    • A bachelor's degree in computer science, computer security, computer systems engineering, information systems or completion of a college program in information technology, network administration or other computer science related program is usually required.
    • Certification or training provided by software vendors may be required by some employers.
Date modified: