As the security threat landscape evolves, so do the roles that security professionals play. Chief security officers (CSOs) and chief information security officers (CISOs) are seeing the scope of their responsibilities expand. Other professionals, such as security analysts and engineers, are finding they need to know more about working with other groups within their organizations. Newer roles such as malware analyst and security incident responder are emerging to better combat threats.
The effectiveness of any security-focused job depends on clear definitions of roles and strong communication up and down the line as to the tasks and responsibilities for which each player is responsible. Job hunters will also want to see a well-defined job description. Crafting a good job description is a big challenge, because each company has different needs and has its own expectations for each role on the security team.
Having a common baseline for each security role provides a good starting point for companies as they assign duties and responsibilities. It also helps anyone looking for a job in security to identify the roles for which they are best suited. To that end, CSO has produced a series of articles that help management build job descriptions for key security roles.
It’s also important to understand the skills and experience that a particular security role requires. CSO has interviewed top practitioners in a range of security roles to provide a first-hand narrative of the path they took to the jobs and what’s required of them.
The articles below also provide information on salaries and certifications typically required for each role. They also discuss requirements that are specific to certain industries such as healthcare and finance.
Job descriptions
How to write a CISO job description
The chief information security officer has a big, mission critical job. Make sure you spell out the CISO's duties and expectations for the role.
How to write an information security analyst job description
A thorough, clear job description will ensure that security analysts stay on the same page with management expectations.
How to write an information security architect job description
A good information security architect straddles the business and technical worlds. Writing a solid, clear job description ensures that both sides understand the role.
How to write an IT security engineer job description
The IT security engineer is on the front line of protecting a company's assets from threats. The job requires strong technical, organizational and communication skills.
Security role profiles
What it takes to become a chief information security officer (CISO)
A CISO typically has a technical information security or IT risk background, but the path that leads to the role can vary greatly. Here’s how one CISO landed his first job in the position.
What it takes to be a malware analyst
The proliferation of ransomware and other attacks has increased demand for experts who can analyze how the software works and devise a response.
What it takes to be a security architect
While the path to security architect varies, anyone considering the role should have a passion for IT infrastructure and protecting data.
What it takes to become an IT security engineer
The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set now.
What it takes to be a security consultant
The move to security consultant can be rewarding and challenging (in a good way), but be prepared to market and sell yourself and your services.
What it takes to be a security incident responder
A wide range of technical skills and curiosity about the mechanics and goals of an attack are key for effective incidence response.
What it takes to be a security software developer
Developers with a security focus will be in strong demand, especially for financial, cloud and Internet of Things applications.
What it takes to become an IT security engineer
The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set
What it takes to become a security systems administrator
There are many more openings for security systems administrators than qualified applicants. That creates opportunities for IT professionals willing to get the training and certification.
What it takes to become an information assurance analyst
This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his sights are set now.
What it takes to become a data security strategist
Data security strategist is a fast-growing career, and one that will get even hotter as data from AI and IoT initiatives pours into enterprises.
No comments:
Post a Comment
Thanks for sharing your views