Sei sulla pagina 1di 1

InfoSec Skills

UK - Information Security Career Paths


This career path illustrates the potential career progression you can make in information security. It recognises the importance of UK awarding body professional certificates and your experience over time,
Custom Courses Online or Onsite and provides a high level alignment with BCS membership grades, the SFIA framework, the IISP framework and the CESG framework. As you can see the various frameworks overlap each other mainly because
these frameworks have either 3, 4 or 7 levels. This view allows you to map certificates to job roles and see what development needs should be followed to advance in seniority and even transition to a new career.

Framework Typical Job Roles Sample Professional Certificates Development Needs


Level Experience
Set strategy / inspire

Public Sector Private Sector


7 15+ years
Fellow

Business management experience


Strategic planning
Lead Practitioner
Initiate / Influence

6 Chief Information Security Officer


Level 4 (Expert)

10+ years Lead Security & Information Risk Advisor Managing Consultant/Director/Partner BCS: Fellow (FBCS) membership
Lead Security Architect Chief Security Architect
Lead Accreditor Head of Specialism
Lead IA Auditor Lead Risk Management Practitioner
Lead IT Security Officer Lead Information Security Officer Preparation for significant information security
Lead Communcations Security Officer Lead Penetration Tester
IISP/BCS/APMG - CESG Certification for IA Professionals (Lead) management role
Chartered Professional

Lead Penetration Tester Lead Security Architect


Principal Consultant/Senior Manager
Ensure / Advise

Senior Consultant/Manager
Information Security Officer
5 6-10 years Senior Security Architect Information Risk Manager
Business Continuity Manager IISP/BCS/APMG - CESG Certification for IA Professionals (Senior)
CREST - Certified
CREST Registered &
BCS: Chartered (CITP) IT Professional
Senior Security & Information Risk Advisor
Senior Accreditor Senior Security Architect CESG Certified IA Specialist (CCIAS) Further practioner courses and industry certifications
Senior IA Auditor Senior Penetration Tester BCS - Certificate in Security Architecture (ISC) 2 CISSP - ISSAP
Senior IT Security Officer Incident Manager BCS - Certificate in Security and Information Risk Seek higher level security roles and prepare to:
Senior Communcations Security Officer Service Delivery Manager BCS - Certificate in Information Assurance Compliance . take full organisational responsibility
Senior Penetration Tester Senior Secure Software Programmer BCS - Certificate in Information Assurance Auditing . operate with higher level stakeholders
Level 3 (Skilful Application)

Your Career Progression


Senior Digital Forensic Analyst BCS - Certificate in Information Sys. Security Mangt. (ISC) 2 CISSP - ISSMP
Senior Practitioner

Further practioner courses and industry certifications


4 Security & Information Risk Advisor
Enable

4-7 years Consultant CESG Listed Adviser (CLAS Consultant) to gain breadth and depth
Security Architect Governance Manager IISP/BCS/APMG - CESG Certification for IA Professionals
Accreditor Risk Management Practitioner
IA Auditor BCS PCiIRM - Information Risk Management Seek higher level security roles and prepare to:
Penetration Tester BCS PCiDP - Data Protection GIAC GPEN / GWAPT . widen remit
IT Security Officer Service Delivery Practitioner
Communcations Security Officer ISACA CISA - Certified Information Security Auditor ISO - 27001 Lead Auditor Certificate . increase authority
Security Architect ISACA CISM - Certified Information Security Manager (ISC) CISSP - Certified Info. Sys. Sec. Professional
2 . manage teams
Penetration Tester Business Continuity Architect . specialise further
GIAC GCFA
Professional

BCS PCiBCM - Business Continuity Management


Digital Forensic Analyst (ISC) 2 CSSLP - Certified Secure Software Lifecycle Prof.
Secure Software Programmer IISP: Full (M.Inst.ISP) membership
(ISC) 2 Full membership
Practitioner
Apply

3 Consulting Analyst/Associate
Level 2 (Basic Application)

3-4 years BCS: Full (MBCS) membership


Governance Analyst Practioner courses and industry certifications
Risk Management Analyst BCS PCiSA - Practitioner Certificate in Security Architecture
Service Delivery Analyst ISACA CISA- Certified Information Security Auditor ISO - 27001 Internal Auditor Certificate to gain breadth and depth
Security Designer ISACA CISM - Certified Information Security Manager
IISP - Infosec Training Paths and Competencies Seek higher level security roles for:
Digital Forensic Examiner GIAC GCFE . other security areas
Intrusion Analyst . increased responsibility and authority
Network Security Engineer
Security Sysems Analyst (ISC) 2 SSCP - Systems Security Certified Practitioner IISP: Associate (A.Inst.ISP) membership
Security Administrator GIAC GSEC BCS: Associate (AMBCS) membership
BCS CISMP - Information Security Management Principles CompTIA Security+ (ISC) 2 Associate membership
Trainee Service Delivery Analyst
InfoSec Career CompTIA Server+
2
Assist

starting point Network Administrator IISP: Affiliate membership


CompTIA Network+
System Administrator BCS membership provides services and
Level 1 (Awareness)

CompTIA Linux+
1-2 years Network Engineer GIAC GISF benefits to support your career development
Web Administrator CompTIA A+
Associate

IT Technician Level 4 Higher Apprenticeship


IT Technical Support
IT Customer Service Review SFIAplus for guidance on
developing your career ahead of
taking specific certifications
Follow

1 Create an IT professional
profile and explore
Level 3 Apprenticeship Cyber Security
Learning Pathways
CESG:
SFIA:

SFIA:
BCS:

IISP:

Produced and maintained by: InfoSec Skills Limited, Atlantic House, Imperial Way, Reading RG2 0TD Telephone: +44 (0)20 8144 2303 Email: info@infosecskills.com Web: www.infosecskills.com © 2013 InfoSec Skills Ltd. All rights reserved.

Potrebbero piacerti anche