Systems/Application Security Analyst: Evaluates information security systems and applications and suggests enhancements. Relies on extensive knowledge and professional discretion to achieve goals. Usually reports to a department head. Significant ingenuity and flexibility is expected. Requires a bachelor’s degree with at least 5 years of field experience.
Cyber Security Analyst: Performs systems and network analysis of intrusions. Monitors information security alerts to resolve as needed. Reviews security events that may impact overall security. Provides strategic and real time auditing of security-related activities to detect and prioritize threat responses. Performs risk analysis and vulnerability testing. Provides suggested solutions for potential security issues. Requires a bachelor’s degree in area of specialty and 5 years of relevant experience.
Cyber Security Architect: Maintains, configures and troubleshoots cyber security systems. Coordinates cyber security audits and communicates results. Pursues necessary changes of critical tasks identified from audits. Develops, documents and communicates cyber security policies and procedures. Requires a bachelor’s degree in area of specialty and 5 years of relevant experience.
Data Security Analyst: Ensures the safety of information systems assets and protects systems from access or destruction. Recognizes intrusion attempts and compromises through reviews and analysis of relevant event details and summary information. Prepares and documents standard procedures and protocols. Assesses firewall change requests to determine organizational risk. Requires a bachelor’s degree in area of specialty and 3 years of relevant experience.
Governance Risk & Compliance Auditor: Develops and implements audit procedures and recommends IT system or process improvements based on findings. Submits reports on corrections identified and controls in need of improvement. Provides general tracking of issue remediation. Performs risk assessments of existing or new services and technologies to identify and mitigate inherent risks. Requires a bachelor’s degree in area of specialty and 5 years of relevant experience.
Information Security Administrator: Implements network security policies, protects network from unauthorized access, monitors network usage and resolves access issues. Relies on extensive knowledge and professional discretion to achieve goals. Usually reports to a supervisor. May manage others. Significant ingenuity and flexibility is expected. Requires a bachelor’s degree with at least 5 years of field experience.
Information Security Analyst: Instructs computer users on security policies and procedures. Monitors network activity and ensures data is protected from unauthorized users. Identifies, reports and resolves security violations. Relies on knowledge and professional discretion to plan and achieve goals. Works under general supervision and usually reports to a supervisor, though ingenuity and flexibility is required. May require a bachelor’s degree and 0-8 years of relevant experience.
Information Security Supervisor: Supervises the data security team and related activity to protect systems from unauthorized access. Identifies, records and addresses security violations. Relies on knowledge and professional discretion to achieve goals. Usually reports to a department head. Significant ingenuity and flexibility is expected. May require a bachelor’s degree in area of specialty and at least 4 years of field experience.
Information Security Manager: Manages and oversees systems to protect data from unauthorized access. Creates and implements policies and procedures for identifying, recording and addressing security violations. Relies on extensive knowledge and professional discretion to achieve goals. Usually reports to a department head. Significant ingenuity and flexibility is expected. May require a bachelor’s degree in area of specialty and at least 7 years of field experience.
Information Security Director: Responsible for specific information security functions and the goals, budgets, team, policies and procedures within a security department. Manages direct reports to accomplish security initiatives. Reports to a security department VP, CISO or CIO. Promotes information security initiatives and awareness. Requires a bachelor’s degree, security certifications, leadership experience and at least 8 years of information security experience.
Information Security Engineer: Provides expertise of security tools within an environment. Assists in oversight, and ongoing management of the information security programs and technical systems. Plans, deploys and manages network security devices. Typically works under general supervision and usually reports to a supervisor, though some ingenuity and flexibility is required. May require a bachelor’s degree and 0-8 years of relevant experience.
Information Security Risk Analyst: Conducts security risk assessments to identify, manage and mitigate risks to applications, systems and services. Conveys recommendations to management and communicates technical information and guidance to IT teams to mitigate security risks. Requires a bachelor’s degree in area of specialty and 1-3 years of relevant experience.
Information Security Risk Manager: Identifies and analyzes risks to information assets and IT systems. Defines risk management plans. Manages the information security risk assessment process. Remediates areas of non-compliance by implementing automated policy enforcement when possible. Ensures that project goals are accomplished and in line with business objectives. Requires a bachelor’s degree in area of specialty and 8-10 years of relevant experience.
Information Security Vice President: Responsible for specific information security functions and the goals, budgets, team, policies and procedures within a security department. Manages direct reports to accomplish security initiatives. Reports to CISO, CIO and/or board of directors. Promotes information security initiatives and awareness. Requires a bachelor’s degree, security certifications, leadership experience and at least 10 years of information security experience.
Chief Information Security Officer: Acts as the authority for enterprise security standards and policies. Develops information security standards and has ultimate responsibility for the security and functionality of information systems. Relies on extensive knowledge and professional discretion to achieve goals. Usually reports to senior management. Significant ingenuity and flexibility is expected. Requires a bachelor’s degree with at least 12 years of experience in the field.