For organizations, the risks related to cybersecurity are more and more present, the multiplication of cyberattacks and human errors has increased the need for cybersecurity specialists. The security of the State, of organizations (public administrations and OIV) and of private companies therefore requires continuing to recruit significantly in this field. The cyber risk for organizations will increase exponentially over the next few years.
The "Cybersecurity Auditor" certificate is broken down into the following 4 blocks:
Analyze the cybersecurity needs of the organization, taking into account all the active measures within the organization, the various stakeholders and the predefined specifications, using the most appropriate audit methodology in order to develop an audit plan adapted to the organization and following a defined data security policy Include the legal, regulatory and contractual context (RGPD, ISO...) in force in the environment and the sector of activity in the audit report via the use of appropriate tools in order to ensure that the whole organization remains compliant. Evaluate the identified gaps and the tools to be put in place thanks to an updated and sharp knowledge of all technologies in order to solve the gaps and thus meet the targeted cybersecurity needs of the organization. Develop prioritized recommendations accessible to all audiences to address the risks assessed in the audit plan, to allow the principals to anticipate the technical, time and budgetary requirements for upgrading the organization. Manage a project to secure an organization's IS by developing appropriate indicators and dashboards to monitor and evaluate the action and the operational implementation of its results, all in compliance with the standards in force. Lead a cybersecurity project, from the definition of the audit framework to the implementation of remediation solutions, in order to bring it to a successful conclusion, and to be the main referent having all the information on the project at all times, and to accompany all the services of the organization in all the activities related to it Evaluation: Professional situation "Elaboration of a cybersecurity audit plan"Assessment topic: Creation and implementation of a cybersecurity audit plan on a real or fictitious infrastructure according to a given standard, presented in front of an assessor (business and technical expert) during a remote or classroom presentation. The assessor will ask questions to the candidate in order to verify his/her level of mastery of a cybersecurity audit.Deliverable : A detailed and publicly accessible audit plan in Word or PowerPoint format (or equivalent software) including a snapshot of the organization's infrastructure, an audit methodology including the steps in the plan, and an estimate of the time required to complete the project.Design a network architecture using the appropriate tools and methods and in accordance with the needs of the organization and its users in order to guarantee the general technological security of the infrastructure Write scripts adapted to the local machine operating system, ensuring that all components interact with each other in order to be able to manipulate the organization's network in a functional and secure manner Implement cyber defense best practices (Defense in depth, CIA Triad) by adapting documented procedures and disseminate them through appropriate communication via company channels to the teams in order to secure the organization's infrastructure Ensure and disseminate a technological watch of systems, networks and their updates, to exploit this watch efficiently in order to apprehend potential threats, flaws and identify innovations that can be implemented in the IS Evaluation: Resolution of a practical case in a dedicated environment "Design of secure architectures"Evaluation topic: Case study (in a dedicated environment) of infrastructure management using bash & python scripts and written synthesis with justification of technical choices. The candidate will also be subjected to a question and answer session with an evaluator (business and technical expert)Deliverable : Architecture implemented in the dedicated environment plus synthesis including an architecture diagram (2 pages max)Collect public information (OSINT) on a target organization from various sources, taking into account all users of the organization's IS in order to detect human vulnerabilities in the IS Scanning information systems with vulnerability detection tools (NMAP, NESSUS or KALI) to detect technical vulnerabilities in the IS Perform intrusion tests by applying the most efficient methods on the different vulnerabilities detected in order to evaluate the risks incurred by the organization and to propose remediation options Conduct social engineering intrusion tests to assess the organization's human vulnerabilities and provide appropriate and inclusive recommendations. Document the causes of vulnerability and damage by producing an accessible intrusion report to inform business departments of the threats and risks faced by the organization. Propose prioritized and adapted remediations to close IS security gaps in order to perpetuate the organization's security system Evaluation : Professional situation "Intrusion test"Assessment topic: Production of a report on a complete penetration test on a real or semi-real infrastructure (technological laboratory) with the aim of detecting flaws and proposing remedies, including a remote or face-to-face presentation to an assessor (business and technical expert). The assessor will ask questions to the candidate in order to verify his/her level of mastery of an intrusion test and the associated remediations. Deliverable : An intrusion report including documentation of the infrastructure vulnerabilities and a suggested remediation for each vulnerability.Correct system or network vulnerabilities by using the appropriate defense tools (proxy, vpn, antivirus) in order to consolidate the organization's security system and ensure its sustainability. Correct the source code of an application using the most appropriate tools and methods in order to close web vulnerabilities, thus ensuring the sustainability of the IS and preserving it from external attacks. Monitor the network and machine activity of an organization by implementing SIEM or EDR tools in order to improve the detection time of a breach and to reinforce the immunity of the organization to external attacks Control the implementation of remediation procedures (organizational, technical and software) using monitoring tools adapted to all stakeholders in order to evaluate their effectiveness on the security of the IS Define the appropriate security tools, both technical and software, in order to set up an efficient watch to maintain the integrity of the organization's IS. Evaluation: Professional situation "Audit report explaining the reproducibility of the CVE" Evaluation topic: Study, reproducibility of a CVE (Common Vulnerabilities and Exposures) selected from a database including the reproduction of the latter and a remediation including a remote or face-to-face presentation to an evaluator (technical expert). The evaluator will ask the candidate questions about the CVE study and the proposed remediation.Deliverable : A CVE report explaining the reproducibility of the CVE on the given operating system and documentation of the remediation.Obtaining the "Cybersecurity Auditor" certification can lead to several technical or managerial jobs in Cybersecurity:
