State of South Carolina InfoSec and Privacy Career Path Model

Similar documents
Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Security Transcends Technology

CompTIA CASP Pre-approved Training for CompTIA CASP Continuing Education Units (CEUs)

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

DoD Directive (DoDD) 8570 & GIAC Certification

Certification and Training

Social Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com

Information Security Principles and Practices

Guide to information security certifications. SearchSecurity.com's guide to vendor-neutral security certifications

All about CPEs. David Gittens CISA CISM CISSP CRISC HISP

Access FedVTE online at: fedvte.usalearning.gov

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP

Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages

SANS CyberTalent VetSuccess Immersion Academy. VetSuccess

CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs)

ISACA ON-SITE TRAINING DELIVERS EXPERT INSTRUCTION AT YOUR WORKPLACE

Understanding the Federal IT Security Professional (FITSP) Certification

GIAC Program Overview 2015 Q4 Version

ISACA S CYBERSECURITY NEXUS (CSX) October 2015

Terms of Reference for an IT Audit of

How To Become A Security Professional

Tom VAN DEN EYNDE CISSP, CISA, CISM

Field of Study Area of Expertise Certification Vendor Course

MASTER S DEGREES & GRADUATE CERTIFICATES REGIONAL ACCREDITATION FUNDING OPTIONS

Hackers are here. Where are you?

So Why on Earth Would You WANT To be a CISO?

The enemies ashore Vulnerabilities & hackers: A relationship that works

Career Analysis into Cyber Security: New & Evolving Occupations

CompTIA Certification Renewal Policy and Continuing Education (CE) Program. Kyle Gingrich Senior Director, Product Management

Information Security Specialist Training on the Basis of ISO/IEC 27002

InfoSec Academy Application & Secure Code Track

TOPSECRETPROTECTION.COM (TSP)

How to use the National Cybersecurity Workforce Framework. Your Implementation Guide

InfoSec Academy Forensics Track

CYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA

Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.

Renewing CompTIA Certifications With Achieving Other Vendor Certifications

Director, IT Security District Office Kern Community College District JOB DESCRIPTION

Information Security Engineering

GIAC Certification. Enterprise Solution

Cyber Defense Operations Graduate Certificate

The Next Generation of Security Leaders

The fast track to top skills and top jobs in cyber. Guaranteed.

SECURE POWER SYSTEMS PROFESSIONALS (SPSP) PROJECT PHASE 3, FINAL REPORT: RECRUITING, SELECTING, AND DEVELOPING SECURE POWER SYSTEMS PROFESSIONALS

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Course Descriptions November 2014

Peregrine Technical Solutions, LLC

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

SECURING PAYMENTS IN THE CYBER WORLD

Information Security Training & Awareness

Wyoming Community College Commission Request for New, Pilot or Revised Degree or Certificate Program

Career Opportunities and Development for Asia Information Security Professional with the

Cyber Insurance: How to Investigate the Right Coverage for Your Company

EC-Council Certified Security Analyst (ECSA)

Why CISM? Who Earns CISM Certification? CISA, CISM and CGEIT Program Accreditation Renewed Under ISO/IEC 17024:2003

InfoSec Academy Pen Testing & Hacking Track

KEY TRENDS AND DRIVERS OF SECURITY

FedVTE Course Library

North Texas ISSA CISO Roundtable

CYBERSECURITY & ANALYTICS. How Both Will Change Your Career in e-discovery

Information Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) Summary of Duties. Minimum Qualifications

Job Market Intelligence: Cybersecurity Jobs, Burning Glass Technologies

Chayuth Singtongthumrongkul

HOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE

Hackers are here. Where are you?

MANAGEMENT DEVELOPMENT COURSES

Forensic Certifications

FedVTE Course Library

EVOLUTION OF THE CISO

Securing your Corporate Infrastructure What is really needed to keep your assets protected

Re: Experience with the Framework for Improving Critical Infrastructure Cybersecurity ( Framework )

Designing & Building an Information Security Program. To protect our critical assets

CYBERSECURITY: ISSUES AND ISACA S RESPONSE

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

OVERVIEW DEGREES & CERTIFICATES

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Hands-On Ethical Hacking and Network Defense - Second Edition Chapter 1. After reading this chapter and completing the exercises, you will be able to:

BMS Consulting Cyber Security and IT Technology Team

Secure360. Measuring the Maturity of your Information Security Program Impossible? Presented by: Mark Carney, VP of Strategic Services

Understanding the Federal Cyber Security Professional (FCSP) Certifications

Mission Critical CyberSecurity Functions

Transcription:

State of South Carolina InfoSec and Privacy Career Path Model Start

Introduction This Career Path Model for the State of South Carolina (State) is designed to help define the various career options available to the State s Information Security (InfoSec) and Privacy workforce. This model can be used by HR and Agency leadership for InfoSec and Privacy workforce development planning, evaluating personnel strengths and areas for improvement, and informing conversations between supervisors and employees. End users can also use the model to view possible career moves within the InfoSec and Privacy workforce. Within the model, you will find: An overview of the InfoSec and Privacy Career Model that includes both Technical Expert and Management career paths An outline of the Technical Expert and Management career paths and possible moves between them An overview of suggested competencies and trainings associated with each InfoSec and Privacy role Guidelines The Career Path Model does not provide an exhaustive list of possible career moves, but rather represents a snapshot of possible career moves within the InfoSec and Privacy workforce When using the Career Path Model, InfoSec and Privacy personnel should plan for career advancement in the context of long-term career goals, beyond the next immediate assignment or position Career movement is based on a combination of individual career aspiration, demonstrated proficiency of expected competencies, and organization needs necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the PDP Manager on an annual basis Continue to InfoSec and Privacy Career Model

InfoSec and Privacy Career Path Model The Career Path Model is composed of four components which help standardize and formalize the InfoSec and Privacy workforce. Additionally, this model supports personnel in their professional development by highlighting career paths available to the State s InfoSec and Privacy workforce. Defines the knowledge and skills required for successful performance within specific InfoSec and Privacy focus areas Competencies Position Descriptions Articulates expected requirements, activities, and duties to be performed within each position Suggests career pathways to move vertically, laterally, or diagonally by selecting the development opportunities that build the skills needed Career Paths InfoSec and Privacy Career Path Model Provides development opportunities to increase skills proficiency through: Formal learning (e.g., certifications) Experiences (e.g., onthe-job) Working with others (e.g., mentors) Continue to InfoSec and Privacy Career Model Overview

Hybrid* Core InfoSec and Privacy Career Path Model Overview The InfoSec and Privacy Career Path Model offers multidirectional career paths, enabling InfoSec and Privacy personnel to progress along both technical and management career paths. Click on the links below to explore the career paths. Career Progression InfoSec and Privacy Position InfoSec InfoSec Analyst InfoSec Architect InfoSec Engineer Privacy Privacy Analyst Cross-Division InfoSec & Privacy Auditor Management Career Path Responsible for governance and oversight of people, projects, and programs Inclusive of following positions: InfoSec Manager / Chief Information Security Officer (CISO) Privacy Manager / Agency Privacy Officer (APO) Governance, Risk, and Compliance (GRC) Manager Information Technology Director Network Administrator Program Manager Privacy Program Manager Security Technical Expert Career Path Subject Matter Experts (SMEs) in area of functional expertise May have management responsibilities related to projects and programs *Career level determination in hybrid to core position transfers will be handled on a case-by-case basis with consideration to experience, training, competency-level, and current Agency s needs. Many agencies may not have a need for InfoSec or Privacy roles beyond the hybrid position, therefore progression from hybrid to core may necessitate transfers between agencies, if approved Progression Transfer Continue to InfoSec and Privacy Management Career Path Continue to InfoSec Technical Expert Career Path

Privacy InfoSec InfoSec and Privacy Management Career Path The InfoSec and Privacy Management career path produces managers responsible for oversight of InfoSec or Privacy personnel, programs, and projects. Click on the following roles to explore further opportunities. Career Progression Staff Management Senior Leadership InfoSec Analyst I - III InfoSec Architect I InfoSec Manager I - II InfoSec Manager III / CISO* InfoSec Engineer I II InfoSec & Privacy Auditor I - III GRC Manager I - II GRC Manager III Privacy Analyst I - III Privacy Manager I - II Privacy Manager III / APO* *There are limited CISO and APO positions in the State. InfoSec and Privacy Managers will generally fill these roles within State Agencies. Please contact the InfoSec & Privacy PDP Manager or your HR Consultant for more information **Career level determination in lateral transfers will be handled on a case-by-case basis with consideration to experience, training, and competency-level Progression Transfer**

InfoSec InfoSec Technical Expert Career Path The InfoSec Technical Expert career path produces subject matter experts (SMEs) in their area of InfoSec functional expertise*. Resources may have management responsibilities related to certain projects or programs but will not oversee personnel. Click on the following roles to explore further opportunities. Career Progression Staff Expert** InfoSec Architect I Architect II - III InfoSec Analyst I - III InfoSec Engineer I - II Engineer III *Technical Expert career path opportunities apply only to the InfoSec workforce based on technical knowledge, skills, and abilities; Privacy workforce progress in the management career path **For further opportunities beyond Expert, please contact the InfoSec & Privacy PDP Manager or your HR Consultant ***Career level determination in lateral transfers will be handled on a case-by-case basis with consideration to experience, training, and competency-level Progression Transfer***

InfoSec and Privacy Position Description: InfoSec Analyst necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the InfoSec & Privacy PDP SANS SEC301: Intro to Information Security GISF x x x SANS SEC401: Security Essentials Bootcamp Style GSEC x x x ISACA: Certified Information Security Manager (CISM) CISM x ISACA: Certified in Risk and Information Systems Control (CRISC) CRISC x x ISC2: Certified Information Systems Security Professional (CISSP) CISSP x x CompTIA: Network+ N10-006 Network+ x x x CompTIA: Security+ SYO-401 Security+ x x x EC Council: Certified Ethical Hacker (CEH) CEH x Go back to InfoSec Technical Expert Career Path

InfoSec and Privacy Position Description: GRC Manager necessary by DIS, EPO, and DSHR. It is established that these certifications and courses are reviewed by the PDP SANS SEC401: Security Essentials Bootcamp Style GSEC x x x ISACA: Certified in Risk and Information Systems Control (CRISC) CRISC x ISACA: Certified Information Security Manager (CISM) CISM x x ISACA: Certified Information Systems Auditor (CISA) CISA x x ISACA: Certified in the Governance of Enterprise IT (CGEIT) CGEIT x InfoSec Institute: Certified in the Governance of Enterprise IT (CGEIT) CGEIT x

InfoSec and Privacy Position Description: Privacy Analyst necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the InfoSec & Privacy PDP IAPP: Foundation * N/A x x x IAPP: Certified Information Privacy Professional / U.S. Private-Sector (CIPP/US) IAPP: Certified Information Privacy Professional / U.S. Government (CIPP/G) CIPP/US x x CIPP/G x x IAPP: Certified Information Privacy Technologist (CIPT) CIPT x ISACA: An Introduction to Privacy and Data Protection N/A x x x * This course will be retired on July 1st, 2015

InfoSec and Privacy Position Description: Privacy Manager I - II and Privacy Manager III / APO necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the InfoSec & Privacy PDP IAPP: Foundation * N/A x x x IAPP: Certified Information Privacy Professional / U.S. Private-Sector (CIPP/US) IAPP: Certified Information Privacy Professional / U.S. Government (CIPP/G) CIPP/US x x x CIPP/G x x x IAPP: Certified Information Privacy Technologist (CIPT) CIPT x x x IAPP: Certified Information Privacy Manager (CIPM) CIPM x x Privacy Professor Privacy Impact Assessment Tool Kit N/A x x x * This course will be retired on July 1st, 2015

InfoSec and Privacy Position Description: InfoSec and Privacy Auditor necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the InfoSec & Privacy PDP SANS SEC401: Security Essentials Bootcamp Style GSEC x x x SANS SEC566: Implementing and Auditing the Critical Security Controls - In- Depth N/A x x SANS LEG523: Law of Data Security and Investigations GLEG x x x IAPP: Certified Information Privacy Professional / U.S. Private-Sector (CIPP/US) IAPP: Certified Information Privacy Professional / U.S. Government (CIPP/G) CIPP/US x x x CIPP/G x x x IAPP: Certified Information Privacy Technologist (CIPT) CIPT x x ISACA: Certified Information Systems Auditor (CISA) CISA x x

InfoSec and Privacy Position Description: InfoSec Architect necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the InfoSec & Privacy PDP SANS - MGT305: Technical Communication and Presentation Skills for Security Professionals SANS SEC504: Hacker Techniques, Exploits & Incident Handling (GCIH) N/A x x x GCIH x x ISACA: Certified Information Security Manager (CISM) CISM x ISC2: Certified Information Systems Security Professional (CISSP) CISSP x x ISC2: Information Systems Security Architecture Professional (ISSAP) ISSAP x x x InfoSec Institute: Enterprise Security Architecture and Design Online (ONL-212) N/A x x x InfoSec Institute: Intrusion Prevention Online (SEC 204) N/A x x EC Council: Certified Network Defense Architect (CNDA) CNDA x x Go back to InfoSec Technical Expert Career Path

InfoSec and Privacy Position Description: InfoSec Engineer necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the InfoSec & Privacy PDP SANS SEC566: Implementing and Auditing the Critical Security Controls - In- Depth GCCC x x x SANS SEC504: Hacker Techniques, Exploits & Incident Handling GCIH x x ISACA: Certified Information Security Manager (CISM) CISM x x ISC2: Certified Information Systems Security Professional (CISSP) CISSP x x ISC2: Information Systems Security Engineering Professional (ISSEP) ISSEP x x x Defense Cyber Investigation Academy: Introduction to Log Analysis N/A x EC Council: Licensed Penetration Tester (LPT) LPT x x EC Council: Certified Security Analyst (ECSA) ECSA x x x Global Knowledge: Cybersecurity Investigations and Network Forensics Analysis: Practical Techniques for Analyzing Suspicious Network Traffic N/A x x Go back to InfoSec Technical Expert Career Path

InfoSec and Privacy Position Description: InfoSec Manager I - II and InfoSec Manager III / CISO necessary by DIS, EPO, and DSHR. These certifications and courses will be reviewed by the InfoSec & Privacy PDP SANS MGT512: Security Leadership Essentials for Manager with Knowledge Compression GSLC x x x SANS MGT514: IT Security Strategic Planning, Policy and Leadership N/A x x x SANS MGT305: Technical Communication and Presentation Skills for Security Professionals N/A x x x SANS SEC504: Hacker Techniques, Exploits & Incident Handling GCIGH x x ISACA: Certified Information Security Manager (CISM) CISM x x x ISACA: Certified in Risk and Information Systems Control (CRISC) CRISC x x ISACA: Certified in the Governance of Enterprise IT (CGEIT) CGEIT x x ISC2: Certified Information Systems Security Professional (CISSP) CISSP x x x

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information