Welcome to our second installment of FirstMonday. ISSA International has done a great job of creating levels within the CyberSecurity Career Lifecycle (CSCL) that are very easy to understand. Below are the levels as explained by ISSA International:
Pre-Professional: any individual who has not yet (and never has) obtained a position working in the cybersecurity field. This may include anyone who has interest in working in this area with or without formal training and education in the field. Examples of individuals and or situations who may be part of this phase are: individuals who are switching careers (former military, IT, retail, law enforcement, etc.) and students (high school or university).
Entry Level: An individual who has yet to master general cybersecurity methodologies/principles. Individuals in this phase of the lifecycle may have job titles such as; associate cybersecurity analyst, associate network security analyst, and cybersecurity risk analyst for example.
Mid-Career: An individual who has mastered general of security methodologies/principles and have determined their area of focus or specialty. Individuals in this phase of the lifecycle may have job titles such as; network security analyst, cybersecurity forensics analyst, application security engineer, network security engineer. Individuals who are nearing the “senior level”, may begin to hold job titles such as senior network security engineer, senior cybersecurity analyst for example.
Senior Level: An individual who has extensive experience in cybersecurity and has been in the profession for 10+ years. These individuals have job titles such as senior cybersecurity risk analysis, principal application security engineer, director of cybersecurity, etc.
Security Leader: An individual who has extensive security experience, ability to direct and integrate security into an organization. These individuals have job titles such as Chief Information Security Officer, Chief Cybersecurity Architect, etc. After extensive periods of leadership – some become recognized industry leaders.
Now, what does this mean to us in Las Vegas? First off, Pre-Professional and Entry Level often overlap. Many have gotten that first job while still in school. Another thing to consider is the fact that a person may have to move to many different companies throughout their CSCL. Once a person reaches a certain level, there are only so many C-suite jobs within any given company. In addition, Cybersecurity is not a static world. The people that work at each of these levels must continue to educate themselves. This is where local chapters really help. No matter what level you are at, you can always learn something.
Next month, we will dive into more of what a Pre-Professional looks like. As we go into each of the levels, there will be more real world examples of what that level actually looks like. Thank you.