Drodzy Członkowie CSO Council!
Przedstawiamy Wam projekt Badania Płac w obszarze Information Security, który organizujemy wspólnie z ISSA Polska.
Jeśli jako uczestnik ankiety otrzymałeś od nas wiadomość powitalną wraz z dodatkowymi informacjami. Zapoznaj się z nimi.
Nie otrzymałeś maila powitalnego lub maila z hasłem, ale zgłaszałeś chęć udziału w badaniu? → Odezwij się do nas na adres karolina.lichanska@evention.pl, naprawimy problem.
Masz pytania? Zapoznaj się proszę z sekcją FAQ → <link>
Pozdrawiamy i dziękujemy za udział w projekcie,
ISSA Polska & CSO Council
Lista stanowisk w języku angielskim
Roles listing:
Name | Job type |
SOC Analyst | Alerts and incident handling within Security Operations Center |
Digital Forensics Analyst / Threat Hunter / Malware Analyst | Analysis of potential and actual data breaches |
Pentester / Red Team / Offensive Security | Finding and reporting system weaknesses |
Security Analyst / Engineer | Planning, implementing and maintaining IT security controls |
Industrial Control Systems (ICS) Security Analyst / Engineer | Planning, implementing and maintaining ICS security controls |
Governance, Risk, Compliance Analyst / Auditor | Risk assessment, policy and standards building, maintenance and auditing |
Cloud Security Engineer / Architect | Planning, implementing and maintaining Cloud security controls |
Security Officer | SME for supported business, projects &/or incidents handling/oversight |
Security Manager | Managing team of experts, escalation point, liaison between staff and upper management |
CISO | Owning security strategy, ensuring its alignment to business goals, responding to the board |
Director | Program &/or function management, cross-country scope, relationship with the business |
Examples of activities, qualifications and experience. They are not exhaustive and may vary substantially depending on company scale, industry, country of origin, etc.
SOC Analyst Job type: Alerts and incident handling within Security Operations Center |
|||
Junior (Level 1) | Middle (Level 2) | Senior (Level 3) | |
Typical experience in role | 0-2 years | 3-5 years | 5+ years |
Main activities |
|
|
|
Qualification required |
|
Similar to Tier 1 analyst but with more experience including incident response. Advanced forensics, malware assessment, threat intelligence. White-hat hacker certification or training is a major advantage. | Similar to Tier 2 analyst but with even more experience including high-level incidents. Experience with penetration testing tools and cross-organization data visualization. Malware reverse engineering, experience identifying and developing responses to new threats and attack patterns. |
Digital Forensics Analyst / Threat Hunter / Malware Analyst Job type: Analysis of potential and actual data breaches |
|||
Junior | Middle | Senior | |
Typical experience in role | 0-2 years | 3-5 years | 5+ years |
Main activities |
|
|
|
Qualification required |
|
|
|
Pentester / Red Team / Offensive Security Job type: Finding and reporting system weaknesses |
|||
Junior | Middle | Senior | |
Typical experience in role | 0-2 years | 3-5 years | 5+ years |
Main activities |
|
|
|
Qualification required |
|
In addition:
|
In addition:
|
Security Analyst / Security Engineer Job type: Planning, implementing and maintaining (mainly) IT security controls |
|||
Junior | Middle | Senior | |
Typical experience in role | 0-2 years | 3-5 years | 5+ years |
Main activities |
|
|
|
Qualification required |
|
In addition:
|
In addition:
|
Industrial Control Systems (ICS) Security Analyst / Engineer Job type: planning, implementing and maintaining ICS security controls |
|||
Junior | Middle | Senior | |
Typical experience in role | 0-2 years | 3-5 years | 5+ years |
Main activities | Participation in the development of IT and OT infrastructure (ongoing maintenance of networks and servers as well as management of peripheral devices: e.g. PLC, HMI, operator panels, tablets)Performing security reviews and assessments of systems, networks, and processes/procedures in ICS environments. | Management of MES / MOM systems (systems of implementation, monitoring and reporting of production: ongoing maintenance and user support)Supervision of the production data reporting system (MS SQL, Reporting Services: access management, failure removal)Supporting on the development of strategies and plans to mitigate emerging cyber threats | Coordination of IT and OT/ICS systems integration at technical and process levelSecurity lifecycle management for multiple assets in the organization from acquisition and procurement to maintenance and decommissioning Setting up security policies and procedures development (e.g., exceptions, exemptions, requirements) Acting as subject matter expert in Industrial Automation and Control Systems security |
Qualification required | Basic understanding of the general Networking and Security Fundamentals on the plant floor as well of all the base practices. Understanding of Industrial Networks and AutomationKnowledge of OT network protocols: Modbus, Profibus, OPCUA, FieldbusKnowledge of IT network protocols:DNS, DHCP, TCP/IP, UD Knowledge of the security concepts, such as network segmentation, defense in depth, | In addition: Wireless security (e.g., Wi-Fi, wireless sensors, wireless gateways, controllers) Ability to review configurations of ICS (e.g. HMIs, engineering software, PLCs, etc.), identify best practices for backup and recovery of ICS, and understand industrial protocols.Good general technical knowledge: Applications technologies, networks, protocols, databases, operating systems (Windows/Linux)Experience in implementing security controls, hardening, and technologies in automation systems and networks.Good knowledge of Microsoft SQL and other database technologies | In addition: Strong technical ICS experience and risk management (+ 5 years) Cybersecurity certifications (e.g.: CISSP, SSCP, CySa+)ICS Security Certifications (e.g SANS GICSP, ISA/IEC 62443)Good knowledge of global security standards, practices, and regulations (e.g. IEC/ISA 62443, NIST 800-82, ISO 27000) and Specialist |
Governance, Risk, Compliance Analyst / Auditor Job type: Risk assessment, policy and standards building, maintenance and auditing |
|||
Junior | Middle | Senior | |
Typical experience in role | 0-2 years | 3-5 years | 5+ years |
Main activities |
|
|
|
Qualification required |
|
In addition:
|
In addition:
|
Cloud Security Engineer / Architect Job type: Planning, implementing and maintaining Cloud security controls |
|||
Junior | Middle | Senior | |
Typical experience in role | 0-2 years | 3-5 years | 5+ years |
Main activities |
|
|
|
Qualification required |
|
|
|
Security Officer Job type: SME for supported business, projects &/or incidents handling/oversight |
Security Manager Job type: Managing team of experts, escalation point, liaison between staff and upper management |
Main activities
Qualification required
Typical experience in role 0-5 years |
Main activities
Qualification required
Typical experience in role |
Director Job type: Program &/or function management, cross-country scope, relationship with the business |
CISO Job type: Owning security strategy, ensuring its alignment to business goals, responding to the board |
Main activities Information security strategy and drive governance and program execution across the organization, including security operations, cyber threat intelligence, risk mitigation, security architecture, and program management. They will be the primary liaison and change agent for all security matters associated with information technology. The Director will oversee and develop a collaborative team and supporting processesQualification required Technical knowledge of different types of hardware and software; Regulatory compliance knowledge, including HIPAA, SOX, PCI, NIST and GLBA; Understanding of laws concerning data acquisition, protection and transmission; Information Technology Infrastructure Library (ITIL), COBIT, ISO and other applicable IT management methods and toolsets; Standard enterprise and personal operating systems, such as Windows, Linux, Mac OS and UNIX; Familiarity with multiple software types at the application and enterprise levels; Protection systems against malware, hacking and other threats; Policies and procedures for secure computing; Risk assessment experience; Typical experience in role |
Main activities A CISO is the executive-level manager who directs strategy, operations and the budget for the protection of the enterprise information assets and manages that program. The scope of responsibility will encompass communications, applications and infrastructure, including the policies and procedures which apply.Qualification required Successful CISO’s will bring strong leadership and people management abilities. In their executive role, they must use strategic thinking to identify risks and trends and stay ahead of the threats to the environment they protect. To do this they must be able to understand multiple complex systems and technology at a detail level in a constantly changing threat environment. Plans and ad hoc responses must dovetail with the company strategy and budget. Excellent communication, documentation and presentation skills will speed acceptance and support for their recommendations and plans. Typical experience in role |
Base job description framework taken from:
and then amended for the needs of this research from multiple reputable job board sources.