Messagefirst coursesecond courseJust a message
The Israeli regulation for Cyber Security Professionals by the INCBThe American (NICE) recommandation for Cyber Security Professionals
The Cyber Security Practitioner is responsible for implementing the organization’s cyber protection, and has the specific perspective of the following aspects:
A practitioner may hold International Certification such as CompTIA Security+, or (ISC)2 SSCP.
A Security Operation Center (SOC) is established to monitor, analyze and respond to security incidents as quickly as possible on a 24×7 basis. SOC operator is responsible for complying with Incident Management process and Escalation procedures as well as effective use of specialized IT tools used by SOC.
A SOC-IR specialist is responsible for critical core subjects in operating cyber monitoring centers and primary response teams. The SOC Operator performs the preliminary necessary actions when a cyber event is identified.
The SOC Operator will use various reactive and proactive platforms to monitor all critical and potential hazardous environmental conditions focused on mitigating physical risk and safeguarding people, property, and assets. The SOC Operator will proactively conduct physical security patrols as directed and monitor and report on all security and environmental system conditions and alarms in a 24 x 7 environment and reactively respond to emergency situations as directed. The position further requires identification, notification; escalation and resolution to appropriate internal agencies, and/or escalate technical abnormalities to the appropriate personnel that may arise from time to time that otherwise present a security risk or operational risk.
A person with an academic background, wide-ranging and profound theoretical knowledge, who is in charge of:
The Security Architect may hold International Certification such as CompTIA Security+, or (ISC)2 CISSP.
This is in recognition of understanding of the activities, needs and corporate objectives.
A person with an academic background, who is in charge of:
The Security Methodology Professional must have a comprehensive understanding of the business needs and restraints.
The Security Methodology professional may hold International Certification such as CompTIA Security+, (ISC)2 CISSP or ISACA CISM.
The issue of Cyber Defense Officer or Chief Information Security Officer was examined and announced as a role and not as a profession. Probably, the CISO role will be recognized as a combination of two roles: Cyber Security Technology Professional and Cyber Security Methodology Professional, in addition to other requirements.
The Security Methodology Professional must have a comprehensive understanding of the business needs and restraints. The CISO holds a high level insight of the entire Cyber Security array.
The CISO may hold International Certification such as (ISC)2 CISSP or ISACA CISM.
An Expert with wide and up dated knowledge as well as practical abilities in vulnerabilities detection and penetration testing in cyber systems.
A pentester may hold International Certification such as EC-Council CEH.
An Expert with wide knowledge and abilities to investigate events (forensics).
The forensics expert may hold International Certification such as (ISC)2 CCFP.
A malware analyst works in the field of computer and network security to examine, identify, and understand the nature of cyber-threats such as viruses, worms, bots, rootkits, and Trojan horses. These types of programs represent malicious code that can infect systems and cause them to behave in unexpected ways. Malware can compromise both the hardware and software integrity of a computer or network as well as steal proprietary data such as a company’s financial records.
Because malicious code comes in many different forms, a malware analyst must be thoroughly conversant with both interpreted and compiled programming languages and must possess a keen understanding of both reverse-engineering and software development.
The analyst may be asked to document the specimen’s attack capabilities, understand its propagation characteristics, and define signatures for detecting its presence. A malware analyst is sometimes referred to as a reverse engineer.
The Information Security Auditor performs detailed information technology assessments and internal audit reviews to assess the effectiveness of security controls. This employee also acts as an advisor to information security compliance management regarding the impact of changes to information technology on the internal security controls of the business. This position is responsible for performing audits and internal testing of controls around annual FISMA assessments and ISO 27001 audits, PII audits, SOX-ITGC audits, and other areas as needed.
Among his roles: Establish an enterprise information security auditing separate from annual assessments to include auditing existing computing systems, IT processes, and other areas as required. Use appropriate methods to monitor internal compliance with PII, records management and other policies as assigned.
He also plans, execute and report information technology, privacy, and operational reviews to identify business, privacy, security, compliance, information technology and regulatory risks.