This year we are going to dive into the CyberSecurity Career Lifecycle (CSCL). This initiative was put forth by ISSA International a couple years. Let’s start with the goals of ISSA International and then we’ll dive into how this can help our local membership grow in their own careers throughout the year. First the goals of the CSCL:
International, standardized definitions and acceptance of cybersecurity roles
Reduced costs & issues associated with hiring for the wrong role vs. what is really needed by the business
Resources for companies that alleviate them from having to develop job descriptions and other materials
Understanding of the skills & knowledge necessary for success in cybersecurity jobs, as well as clear definitions of what responsibilities are necessary to meet expectations
The first goal is pretty standard. Let us create cybersecurity roles that are accepted internationally and consistent. A cybersecurity analyst in Chicago should be doing roughly the same job as an analyst in France. This helps us all speak the same language.
If we can do this, we tackle the second goal. By having standardized roles, we can reduce the time and effort it takes a company to hire the right people for the business needs. Standardized roles also help us tackle the third goal.
Imagine a company is looking for a Security Auditor, that company could essentially “copy/paste” the ISSA job description. Then that company could just tweak the job description to fit its own needs based on what compliance policies it must follow.
Personally, I feel the fourth goal is the most important, and I really appreciate the language they used. As a Pre-Professional (more on that in another post), I passed a number of certification tests. I had the knowledge, but not the skills to be successful in a cybersecurity job. As a chapter we need to help with both skills and knowledge. Here in the Las Vegas Chapter we are tackling the knowledge part by offering a CISSP Review Course. We have also been discussing a mentorship program that will give the participants the opportunity to learn the skills from a number of different people within the cybersecurity industry.
This is a quick overview of the goals of the CSCL. Next month, we will dive into some the jobs that are available in the cybersecurity field. That will be fun because there are a bunch that I bet many of us hadn’t thought of before.