Regulation for Cyber Security Professions - See Security - לימודי סייבר ואבטחת מידע
 

Regulation for Cyber Security Professions

Regulation for Cyber Security Professions

The Israeli regulation for Cyber Security Professionals by the INCB
The American (NICE) recommandation for Cyber Security Professionals

Cyber Security Practitioner

The Cyber Security Practitioner is responsible for implementing the organization’s cyber protection, and has the specific perspective of the following aspects:

  • The installation, operation and maintenance of cyber protection products.
  • The implementation of routine security procedures.
  • First level identification and treatment in cyber events based on types of threats and attacks.

A practitioner may hold International Certification such as CompTIA Security+, or (ISC)2 SSCP.

Required knowledge

  • Basic knowledge in regulation, government decisions, standards in information security.
  • Familiarity with technological environment.
  • Familiarity with a wide range of product and security methods.
  • Profound knowledge with routine security processes.
  • Basic knowledge in ways of dealing cyber events.
  • Professional ethics.

SOC (Security Operation Center) Operator

  • Understanding the organization’s information security architecture
  • Familiarity with various monitoring tools.
  • Basic level investigation and forensics capabilities.

Cyber Security Technology Professional – Cyber Architect

A person with an academic background, wide-ranging and profound theoretical knowledge, who is in charge of:

  • Designing technological solutions for cyber protection in the organization combining technologies and security methods.
  • Adjusting cyber protection products and integrating them in the IT infrastructure, including storage and backup.
  • Accompanying the process of handling security events with a technology standpoint, acknowledging the organization activities, needs and objectives.

The Security Architect may hold International Certification such as CompTIA Security+, or (ISC)2 CISSP.

This is in recognition of understanding of the activities, needs and corporate objectives.

Cyber Security Methodology Professional

A person with an academic background, who is in charge of:

  • Formulate methodologies and concepts to bridge the gaps inside the organization
  • Implementing Israeli and international regulation standards and aspect of protection of privacy.
  • Risk management in cyber protection.
  • Accompanying organizational processes (establishing systems, projects, supply chains and business continuity) along with familiarity and understanding of the activities, needs and corporate objectives.

The Security Methodology Professional must have a comprehensive understanding of the business needs and restraints.

The Security Methodology professional may hold International Certification such as CompTIA Security+, (ISC)2 CISSP or ISACA CISM.

CISO – Chief Information Security Officer

The issue of Cyber Defense Officer or Chief Information Security Officer was examined and announced as a role and not as a profession. Probably, the CISO role will be recognized as a combination of two roles: Cyber Security Technology Professional and Cyber Security Methodology Professional, in addition to other requirements.

The Security Methodology Professional must have a comprehensive understanding of the business needs and restraints.  The CISO holds a high level insight of the entire Cyber Security array.

The CISO may hold International Certification such as (ISC)2 CISSP or ISACA CISM.

Penetration Testing Experts

An Expert with wide and up dated knowledge as well as practical abilities in vulnerabilities detection and penetration testing in cyber systems.

  • Knowledge base as a Cyber Security Practitioner.
  • Attack process, Tools & Technologies, Attack Scenarios: Lockheed Martin Kill process, known tools, APT.
  • Vulnerabilities knowledge (OWASP top 10, system vulnerabilities).
  • Tools for penetration testing.
  • Types of penetration testing (Black box \ white box \ grey box).
  • Infrastructure penetration testing (Windows \ Linux, scripting).
  • Application penetration testing (code review, basic programing skills, PHP, ASP).
  • Report Writing.

A pentester may hold International Certification such as EC-Council CEH.

Cyber Forensics Expert

An Expert with wide knowledge and abilities to investigate events (forensics).

  • Knowledge base as Cyber Security Practitioner.
  • Data restoration (Servers, endpoints, mobile devices).
  • Incident Response (Identification, incident restoration, data analysis, data correlation).
  • Reverse Engineering.
  • Evidence gathering and handling.
  • Real-time Vs. post event investigation.
  • Forensics Tools: restoration tools, duplication tools, monitoring tools, password cracking tools etc.
  • Legal aspects: forensics evidence judgement, precedents.
  • Familiarity with local forensics agencies: Police, Military investigative police, Tax authority, etc.
  • Report Writing.

The forensics expert may hold International Certification such as (ISC)2 CCFP.

Malware Analyst
Information Security Auditor

The Information Security Auditor performs detailed information technology assessments and internal audit reviews to assess the effectiveness of security controls. This employee also acts as an advisor to information security compliance management regarding the impact of changes to information technology on the internal security controls of the business. This position is responsible for performing audits and internal testing of controls around annual FISMA assessments and ISO 27001 audits, PII audits, SOX-ITGC audits, and other areas as needed.

Among his roles: Establish an enterprise information security auditing separate from annual assessments to include auditing existing computing systems, IT processes, and other areas as required. Use appropriate methods to monitor internal compliance with PII, records management and other policies as assigned.

He also plans, execute and report information technology, privacy, and operational reviews to identify business, privacy, security, compliance, information technology and regulatory risks.