• CISO
Summary statement
Manages an organisation’s cybersecurity strategy and its implementation to ensure that digital systems, services and assets are adequately secure and protected.

Mission
Defines, maintains and communicates the cybersecurity vision, strategy, policies and procedures. Manages the implementation of the cybersecurity policy across the organisation. Assures information exchange with external authorities and professional bodies.

Main task/s
• Define, implement, communicate and maintain cybersecurity goals, requirements, strategies, policies, aligned with the business strategy to support the organisational objectives
• Prepare and present cybersecurity vision, strategies and policies for approval by the senior management of the organisation and ensure their execution
• Supervise the application and improvement of the Information Security Management System (ISMS)
• Educate senior management about cybersecurity risks, threats and their impact to the organisation
• Ensure the senior management approves the cybersecurity risks of the organisation
• Develop cybersecurity plans
• Develop relationships with cybersecurity-related authorities and communities
• Report cybersecurity incidents, risks, findings to the senior management
• Monitor advancement in cybersecurity
• Secure resources to implement the cybersecurity strategy
• Negotiate the cybersecurity budget with the senior management
• Ensure the organisation’s resiliency to cyber incidents
• Manage continuous capacity building within the organisation
• Review, plan and allocate appropriate cybersecurity resources

• Cyber Incident Responder
Summary statement
Monitor the organisation’s cybersecurity state, handle incidents during cyber-attacks and assure the continued operations of ICT systems.

Mission
Monitors and assesses systems’ cybersecurity state. Analyses, evaluates and mitigates the impact of cybersecurity incidents. Identifies cyber incidents root causes and malicious actors. According to the organisation’s Incident Response Plan, restores systems’ and processes’ functionalities to an operational state, collecting evidences and documenting actions taken.

Main task/s
• Contribute to the development, maintenance and assessment of the Incident Response Plan
• Develop, implement and assess procedures related to incident handling
• Identify, analyse, mitigate and communicate cybersecurity incidents
• Assess and manage technical vulnerabilities
• Measure cybersecurity incidents detection and response effectiveness
• Evaluate the resilience of the cybersecurity controls and mitigation actions taken after a cybersecurity or data breach incident
• Adopt and develop incident handling testing techniques
• Establish procedures for incident results analysis and incident handling reporting
• Document incident results analysis and incident handling actions
• Cooperate with Secure Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs)
• Cooperate with key personnel for reporting of security incidents according to applicable legal framework

• Cyber Legal & Compliance Officer
Summary statement
Manages compliance with cybersecurity-related standards, legal and regulatory frameworks based on the organisation’s strategy and legal requirements.

Mission
Oversees and assures compliance with cybersecurity- and data-related legal, regulatory frameworks and policies in line with the organisation’s strategy and legal requirements. Contributes to the organisation’s data protection related actions. Provides legal advice in the development of the organisation’s cybersecurity governance processes and recommended remediation strategies/solutions to ensure compliance.

Main task/s
• Ensure compliance with and provide legal advice and guidance on data privacy and data protection standards, laws and regulations
• Identify and document compliance gaps
• Conduct privacy impact assessments and develop, maintain, communicate and train upon the privacy policies, procedures
• Enforce and advocate organisation’s data privacy and protection program
• Ensure that data owners, holders, controllers, processors, subjects, internal or external partners and entities are informed about their data protection rights, obligations and responsibilities
• Act as a key contact point to handle queries and complaints regarding data processing
• Assist in designing, implementing, auditing and compliance testing activities in order to ensure cybersecurity and privacy compliance
• Monitor audits and data protection related training activities
• Cooperate and share information with authorities and professional groups
• Contribute to the development of the organisation’s cybersecurity strategy, policy and procedures
• Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization
• Manage legal aspects of information security responsibilities and third-party relations

• Cyber Threat Intelligence Specialist
Summary statement
Collect, process, analyse data and information to produce actionable intelligence reports and disseminate them to target stakeholders.

Mission
Manages cyber threat intelligence life cycle including cyber threat information collection, analysis and production of actionable intelligence and dissemination to security stakeholders and the CTI community, at a tactical, operational and strategic level. Identifies and monitors the Tactics, Techniques and Procedures (TTPs) used by cyber threat actors and their trends, track threat actors’ activities and observe how non-cyber events can influence cyber-related actions.

Main task/s
• Develop, implement and manage the organisation's cyber threat intelligence strategy
• Develop plans and procedures to manage threat intelligence
• Translate business requirements into Intelligence Requirements
• Implement threat intelligence collection, analysis and production of actionable intelligence and dissemination to security stakeholders
• Identify and assess cyber threat actors targeting the organisation
• Produce actionable reports based on threat intelligence data
• Elaborate and advise on mitigation plans at the tactical, operational and strategic level
• Coordinate with stakeholders to share and consume intelligence on relevant cyber threats
• Leverage intelligence data to support and assist with threat modelling, recommendations for Risk Mitigation and cyber threat hunting
• Articulate and communicate intelligence openly and publicly at all levels
• Convey the proper security severity by explaining the risk exposure and its consequences to non-technical stakeholders

• Cybersecurity Architect
Summary statement
Plans and designs security-by-design solutions (infrastructures, systems, assets, software, hardware and services) and cybersecurity controls.

Mission
Designs solutions based on security-by-design and privacy-by-design principles. Creates and continuously improves architectural models and develops appropriate architectural documentation and specifications. Coordinate secure development, integration and maintenance of cybersecurity components in line with standards and other related requirements.

Main task/s
• Design and propose a secure architecture to implement the organisation’s strategy
• Develop organisation’s cybersecurity architecture to address security and privacy requirements
• Produce architectural documentation and specifications
• Present high-level security architecture design to stakeholders
• Establish a secure environment during the development lifecycle of systems, services and products
• Coordinate the development, integration and maintenance of cybersecurity components ensuring the cybersecurity specifications
• Analyse and evaluate the cybersecurity of the organisation’s architecture
• Assure the security of the solution architectures through security reviews and certification
• Collaborate with other teams and colleagues
• Evaluate the impact of cybersecurity solutions on the design and performance of the organisation’s architecture
• Adapt the organisation’s architecture to emerging threats
• Assess the implemented architecture to maintain an appropriate level of security

• Cybersecurity Auditor
Summary statement
Perform cybersecurity audits on the organisation’s ecosystem. Ensuring compliance with statutory, regulatory, policy information, security requirements, industry standards and best practices.

Mission
Conducts independent reviews to assess the effectiveness of processes and controls and the overall compliance with the organisation's legal and regulatory frameworks policies. Evaluates, tests and verifies cybersecurity-related products (systems, hardware, software and services), functions and policies ensuring, compliance with guidelines, standards and regulations.

Main task/s
• Develop the organisation's auditing policy, procedures, standards and guidelines
• Establish the methodologies and practices used for systems auditing
• Establish the target environment and manage auditing activities
• Define audit scope, objectives and criteria to audit against
• Develop an audit plan describing the frameworks, standards, methodology, procedures and auditing tests
• Review target of evaluation, security objectives and requirements based on the risk profile
• Audit compliance with cybersecurity-related applicable laws and regulations
• Audit conformity with cybersecurity-related applicable standards
• Execute the audit plan and collect evidence and measurements
• Maintain and protect the integrity of audit records
• Develop and communicate conformity assessment, assurance, audit, certification and maintenance reports
• Monitor risk remediation activities

• Cybersecurity Educator
Summary statement
Improves cybersecurity knowledge, skills and competencies of humans.

Mission
Designs, develops and conducts awareness, training and educational programmes in cybersecurity and data protection-related topics. Uses appropriate teaching and training methods, techniques and instruments to communicate and enhance the cybersecurity culture, capabilities, knowledge and skills of human resources. Promotes the importance of cybersecurity and consolidates it into the organisation.

Main task/s
• Develop, update and deliver cybersecurity and data protection curricula and educational material for training and awareness based on content, method, tools, trainees need
• Organise, design and deliver cybersecurity and data protection awareness-raising activities, seminars, courses, practical training
• Monitor, evaluate and report training effectiveness
• Evaluate and report trainee’s performance
• Finding new approaches for education, training and awareness-raising
• Design, develop and deliver cybersecurity simulations, virtual labs or cyber range environments
• Provide guidance on cybersecurity certification programs for individuals
• Continuously maintain and enhance expertise; encourage and empower continuous enhancement of cybersecurity capacities and capabilities building

• Cybersecurity Implementer
Summary statement
Develop, deploy and operate cybersecurity solutions (systems, assets, software, controls and services) on infrastructures and products.

Mission
Provides cybersecurity-related technical development, integration, testing, implementation, operation, maintenance, monitoring and support of cybersecurity solutions. Ensures adherence to specifications and conformance requirements, assures sound performance and resolves technical issues required in the organisation’s cybersecurity-related solutions (systems, assets, software, controls and services), infrastructures and products.

Main task/s
• Develop, implement, maintain, upgrade, test cybersecurity products
• Provide cybersecurity-related support to users and customers
• Integrate cybersecurity solutions and ensure their sound operation
• Securely configure systems, services and products
• Maintain and upgrade the security of systems, services and products
• Implement cybersecurity procedures and controls
• Monitor and assure the performance of the implemented cybersecurity controls
• Document and report on the security of systems, services and products
• Work close with the IT/OT personnel on cybersecurity-related actions
• Implement, apply and manage patches to products to address technical vulnerabilities

• Cybersecurity Researcher
Summary statement
Research the cybersecurity domain and incorporate results in cybersecurity solutions.

Mission
Conducts fundamental/basic and applied research and facilitates innovation in the cybersecurity domain through cooperation with other stakeholders. Analyses trends and scientific findings in cybersecurity.

Main task/s
• Analyse and assess cybersecurity technologies, solutions, developments and processes
• Conduct research, innovation and development work in cybersecurity-related topics
• Manifest and generate research and innovation ideas
• Advance the current state-of-the-art in cybersecurity-related topics
• Assist in the development of innovative cybersecurity-related solutions
• Conduct experiments and develop a proof of concept, pilots and prototypes for cybersecurity solutions
• Select and apply frameworks, methods, standards, tools and protocols including a building and testing a proof of concept to support projects
• Contributes towards cutting-edge cybersecurity business ideas, services and solutions
• Assist in cybersecurity-related capacity building including awareness, theoretical training, practical training, testing, mentoring, supervising and sharing
• Identify cross-sectoral cybersecurity achievements and apply them in a different context or propose innovative approaches and solutions
• Lead or participate in the innovation processes and projects including project management and budgeting
• Publish and present scientific works and research and development results

• Cybersecurity Risk Manager
Summary statement
Security Architects design, review, test and assure the technical environment, solution designs and solution implementations in accordance with current and emerging security best practice. They contribute to the technical architecture and security policies and practices.

Mission
Security Architects design, review, test and assure the technical environment, solution designs and solution implementations in accordance with current and emerging security best practice. They contribute to the technical architecture and security policies and practices.

Main task/s
• Interprets relevant security policies and threat/risk profiles into secure architectural solutions that mitigate the risks and conform to legislation and relate to business needs.
• Applies common architectural frameworks (e.g. TOGAF, SABSA).
• Presents security architecture solutions as a view within broader IT architectures.
• Maintains awareness of the security advantages and vulnerabilities of common products and technologies. Designs robust and fault-tolerant security mechanisms and components appropriate to the perceived risks.
• Develops and implements appropriate methodologies, templates, patterns and frameworks.

• Digital Forensics Investigator
Summary statement
Ensure the cybercriminal investigation reveals all digital evidence to prove the malicious activity.

Mission
Connects artefacts to natural persons, captures, recovers, identifies and preserves data, including manifestations, inputs, outputs and processes of digital systems under investigation. Provides analysis, reconstruction and interpretation of the digital evidence based on a qualitative opinion. Presents an unbiased qualitative view without interpreting the resultant findings.

Main task/s
• Develop digital forensics investigation policy, plans and procedures
• Identify, recover, extract, document and analyse digital evidence
• Preserve and protect digital evidence and make it available to authorised stakeholders
• Inspect environments for evidence of unauthorised and unlawful actions
• Systematically and deterministic document, report and present digital forensic analysis findings and results
• Select and customise forensics testing, analysing and reporting techniques

• Penetration Tester
Summary statement
Assess the effectiveness of security controls, reveals and utilise cybersecurity vulnerabilities, assessing their criticality if exploited by threat actors.

Mission
Plans, designs, implements and executes penetration testing activities and attack scenarios to evaluate the effectiveness of deployed or planned security measures. Identifies vulnerabilities or failures on technical and organisational controls that affect the confidentiality, integrity and availability of ICT products (e.g. systems, hardware, software and services).

Main task/s
• Identify, analyse and assess technical and organisational cybersecurity vulnerabilities
• Identify attack vectors, uncover and demonstrate exploitation of technical cybersecurity vulnerabilities
• Test systems and operations compliance with regulatory standards
• Select and develop appropriate penetration testing techniques
• Organise test plans and procedures for penetration testing
• Establish procedures for penetration testing result analysis and reporting
• Document and report penetration testing results to stakeholders
• Deploy penetration testing tools and test programs