The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO’s top priority. Cynet’s Ultimate Cybersecurity Job Posting Templates (download here) provide a list of the main responsibilities and skills for typical security positions, built upon research and providing IT and security managers with pre-set template job descriptions so that there is no need to create them from scratch.
Because of the fact that there are many different cybersecurity job titles, with much overlap between job descriptions and responsibilities, the creation of the inclusion criteria for these positions required significant review and consideration. Six positions are included in the following job templates, including all integral aspects of the responsibility cycle in product deployment, integration, and operation, plus management of security personnel.
The positions covered in the templates are:
- Security Architect – this position oversees the design, building, testing and implementation of security systems in the organization’s environment, both for business and customer data. They must have deep knowledge of IT systems and be current on the newest developments in security standards and authentication protocols, plus solutions meeting best practice requirements.
- Security Analyst Tier 1 – tasked with overseeing stage one triage and definition of security events, they provide 24/7/365 support for the SOC. They must follow standard procedures for detection, definition, classification, and reporting of incidents, under the management of the SOC manager and in coordination with Tier 2 SOC Analysts.
- Security Analyst Tier 2 -responsible for all technical issues in regard to response to critical incidents that have been elevated by the Tier 1 Analyst. Their job requires ensuring immediate containment of the threat, investigations, and management of remediation actions that must be taken. They are also responsible for increasing security by utilizing new knowledge they have gained during the response process.
- Security Analyst Tier 3 – responsible for the discovery of undetected threats which have taken advantage of vulnerabilities in the organizational environment, continually monitors for such vulnerabilities and weaknesses. Provides threat hunting based on threat intelligence feed IoCs, ensures real-time visibility and reporting on security posture status with proactive penetration testing.
- SOC Manager – oversees the creation and management of workflows as they pertain to security incident monitoring, management and response. Ensure SLA compliance, following processes and improvisation as needed to reach operational goals.
- Director of Security – manages all security-associated issues in the organization, including compliance with required frameworks, buying, deployment and maintenance of cybersecurity solutions and breach protection processes. Reports to CIO and is the funnel of information for all cyber-related issues in the company.
Each role covered includes two areas:
- Responsibilities – a complete list of all the main tasks the person in this position is responsible for.
- Skills – the knowledge, professional, personal and management skills that are required to successfully perform the job’s responsibilities.
These templates can be adjusted as needed, utilizing the Responsibilities/Skills break down. This makes it easy for the CISO to customize them as their company’s specific needs require. As one example in an organization with a small security team, there might be the need for a person who can do all the following: threat hunting, response process management, and new solution evaluations. As such, this position would include the responsibilities and skills of three different roles – Security Analyst Tier 3, SOC Manager and Security Architect.
So, if you are ready to complete the portfolio of your security personnel, download the cybersecurity job posting templates. Then take the information relevant to your needs and easily post clear, descriptive employee ‘wanted’ ads that will help you find the right people for your team.