cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
JKWiniger
Community Champion

Job descriptions and tasks help

As I am currently in the market for a new position I am faced with how bad IT and security job descriptions are. A director level position that is required to code! That's not right! I am just going to put this out there and see if others support the idea and if enough people to maybe ISC2 will consider it.

 

I would be interest to see ISC2 come out with a list of job descriptions and the tasks that should be expected of those positions. This can also be a tier list, which would be a good thing, if your company it this size this applies, but as you get bigger move to this model. Some level of standardization on titles and duties I feel would help greatly with the hiring confusion that exists.

 

On the very basic structure.. wait what, the CISO reports to the CIO or CFO... and the problems begin!

 

I think having kind of a basic org chart and task chart that can be referenced would go a long way.

 

Is it just me or do others feel my pain?

 

John-

10 Replies
emb021
Advocate I

Am surprised no one mentioned NIST's NICE framework (NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION) which combines an integrated ecosystem of cybersecurity education, training, and workforce development.

 

You can read it all here:  https://www.nist.gov/itl/applied-cybersecurity/nice

 

It contains job descriptions and what the skillset and education is for each one.


---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow