Framework Abstract
The CIISec Skills Framework has not, until now, been set against a selection of security roles. This document aims to show how the skills framework (version 2.4) and other frameworks, such as the NIST National Initiative for Cybersecurity Education (NICE), can be combined to enable the high-level identification of the required skills and experience when organisations are looking to recruit into a role. It has been updated to now include the recently introduced CIISec Security Discipline G – Data Protection, Privacy and Identity Management.
The roles included in this edition are;
- CISO
- Head of Cyber/Information Security
- Information Security Risk Manager
- Information Security Risk Officer
- System Security Manager
- ComSec Manager
- Senior Security Architect
- Technical Security Architect
- Pen tester
- Threat Analyst
- Vulnerability analyst