Back to Navigator

Cyber Career Navigator

Philosophy & Design Document

Version 1.0 December 2024 Cyber Point Advisory

Executive Summary

The Cyber Career Navigator is a career discovery tool that helps aspiring cybersecurity professionals identify which of the five major security domains best aligns with their natural inclinations. Rather than asking "what do you know?" it asks "who are you?"

"The best career is where passion, skill, market need, and purpose intersect."

This Japanese concept of IKIGAI (meaning "reason for being") provides the philosophical foundation. Instead of chasing the highest-paying role or the most prestigious certification, participants discover where they'll find sustainable fulfillment.

Why IKIGAI for Cybersecurity?

Cybersecurity has a burnout problem:

  • 65% of security professionals report high stress levels
  • Average tenure in security roles is only 2-3 years
  • Many leave the field entirely despite high compensation

The root cause: misalignment. People pursue roles based on salary or perceived prestige rather than fit. The Career Navigator addresses this by helping people find their authentic path.

The IKIGAI Framework

Origins and Meaning

IKIGAI is a Japanese concept combining IKI (life) and GAI (value, worth). It represents finding purpose through the intersection of four elements.

IKIGAI Framework Diagram - Four overlapping circles representing What you love, Your strengths, What the world needs, and What you can be paid for, with intersections labeled passion, mission, profession, vocation, and IKIGAI at the center

The Four Circles Applied to Cybersecurity

PASSION
What activities energize you? Building or breaking? Strategy or tactics? Crisis or steady-state?
SKILLS
What comes naturally? Communication or deep tech? Systems thinking or details? People or technology?
🌎
MARKET
Where is demand? Talent shortages? Regulatory drivers? Emerging threats?
💰
PURPOSE
What provides sustainable income? Clear progression? Work-life balance? Long-term trajectory?

The Intersections

Intersection Circles Combined Result Risk
Passion Love + Good At Enjoyment without income Hobby, not career
Mission Love + World Needs Purpose without mastery Burnout from inadequacy
Profession Good At + Paid For Competence without passion Emptiness despite success
Vocation Needs + Paid For Utility without joy Feeling replaceable
IKIGAI All Four Sustainable fulfillment None

The 5 Cybersecurity Domains

We mapped the cybersecurity landscape to five domains that cover the full spectrum of security work, have distinct personality/skill profiles, offer clear entry points, and align with the NICE Cybersecurity Workforce Framework.

📋
Governance, Risk & Compliance (GRC)

Developing policies, managing risk, and ensuring regulatory compliance. Strategic thinkers who see the big picture.

Strategic Documentation Business-minded Patient
🏗
Security Architecture

Designing secure systems and infrastructure from the ground up. Systems thinkers who love complexity.

Systems thinking Technical depth Long-term planning Creative
🔍
Threat & Vulnerability Management

Finding weaknesses and understanding adversaries before they strike. Curious minds who love puzzles.

Curious Unconventional Detail-oriented Competitive
🛡
Security Operations (SecOps)

Monitoring, detecting, and responding to threats in real-time. Quick decision-makers who thrive under pressure.

Pressure-resistant Quick decisions Team-oriented Pattern recognition
OT/ICS Security

Protecting industrial control systems and critical infrastructure. Safety-conscious with physical-digital mindset.

Physical-digital Safety-conscious Patient with legacy Hands-on

Assessment Design Methodology

Question Distribution

12 questions total organized into 4 IKIGAI sections:

  • PASSION (What You Love) — 3 questions
  • SKILLS (What You're Good At) — 3 questions
  • MARKET (What World Needs) — 3 questions
  • PURPOSE (What Pays) — 3 questions

Why 12 Questions?

  • Minimum for validity — Covers 4 sections × 5 domains adequately
  • Maximum for engagement — 5 minutes is the attention threshold
  • Balanced coverage — 3 per section prevents single-question bias
  • Mobile-friendly — Completeable on phone during workshop breaks

Question Design Principles

  1. Scenario-based, not abstract — Concrete situations, not personality labels
  2. 5 options per question — Maps directly to 5 domains
  3. No "wrong" answers — All options are legitimate preferences
  4. Equal social desirability — No option is clearly "better"
  5. Mutually exclusive — Options don't overlap significantly

Question Structure & Intent

Section 1: PASSION (What You Love)

These questions identify what energizes participants—activities they'd do even without external rewards.

Question Intent
"Which type of work excites you most?" Identifies core work preference at fundamental level
"What do you enjoy doing in your free time?" Reveals intrinsic interests outside work context
"Which scenario sounds most appealing?" Tests reaction to high-stakes scenarios per domain

Section 2: SKILLS (What You're Good At)

These questions identify natural talents and developed abilities where participants excel with less effort.

Question Intent
"Which skill comes most naturally to you?" Identifies innate strengths to leverage
"What best describes your communication style?" Communication is universal; reveals domain-aligned style
"How would colleagues describe your strength?" External perception often reveals undervalued strengths

Section 3: MARKET (What the World Needs)

These questions align participants with industry demand and emerging needs.

Section 4: PURPOSE (What You Can Be Paid For)

These questions ensure alignment with practical career considerations—passion without sustainability leads to burnout.

Scoring & Weighting Logic

Weight Values

Each option assigns weights to all 5 domains on a 1-5 scale:

  • 5 = Strong alignment (primary domain for this option)
  • 3 = Moderate alignment (secondary relevance)
  • 2 = Weak alignment (tangential relevance)
  • 1 = Minimal alignment (not relevant)

Score Calculation

For each domain, the score is calculated as the sum of weights from all 12 answered questions, then normalized to a percentage (max possible = 60 points per domain).

Why Top 2 Results?

  • Primary match — Strongest alignment, most likely fit
  • Secondary match — Alternative path, often complementary
  • Presenting only 1 feels limiting
  • Presenting all 5 creates decision paralysis

Results Interpretation

Score Bands

80-100% Strong alignment — natural fit
60-79% Good alignment — viable path with development
40-59% Moderate alignment — requires significant adaptation
Below 40% Low alignment — likely not a good fit

Result Patterns

One Dominant Domain (80%+, others below 50%)

  • Clear direction, focused career path
  • May miss cross-domain opportunities

Two Strong Domains (both 70%+)

  • Complementary strengths, consider hybrid roles
  • Example: GRC + Architecture = Security Program Manager

Flat Profile (all domains 50-60%)

  • Generalist orientation
  • Consider consulting or management paths

Career Path Mapping

Entry Points by Domain

GRC Career Path
GRC Analyst Compliance Manager Risk Manager CISO
$70K → $95K → $130K → $200K+
Security Architecture Path
Security Engineer Cloud Security Engineer Security Architect Principal Architect
$90K → $150K → $200K → $300K+
Threat & Vulnerability Path
Vuln Analyst Penetration Tester Red Team Lead Threat Intel Director
$75K → $120K → $170K → $250K+
Security Operations Path
SOC Analyst T1 SOC Analyst T2/T3 IR Lead SOC Manager
$55K → $100K → $140K → $200K+
OT/ICS Security Path
OT Security Analyst ICS Security Engineer OT Security Architect OT Security Director
$80K → $130K → $180K → $280K+