Did you know that in the field of Cybersecurity, there are more than 3 million unfilled positions worldwide? We present one of the main jobs in Cybersecurity that companies need more and more: Information Systems Security Manager, accessible with our Cyber Fullstack training.
Many companies today lament the lack of cybersecurity talent to fill the position of Chief Information Security Officer (CISO). The CISO is a cybersecurity professional who plays an important role in an organisation. The CISO profession is therefore an interesting career choice if you follow the right training. It offers a good salary and many opportunities. Jedha presents the essentials about the job of information security officer and the CISO training.
What is an Information Systems Security Officer (ISSO)?
The CISO is a professional who ensures the security, confidentiality, availability and integrity of data in an information system.
In view of the legal issues and risks associated with the information system, the CISO is attached to the company's general management in large groups. This cybersecurity professional is bound by the law and by a code of ethics.
Through the implementation of security guidelines and digital charters, the information systems security manager must inform staff about the security standards implemented. In 2012, for example, the CISO of EDF was sentenced to one year in prison for having participated in the illegal tapping of Greenpeace's Information Systems (IS).
The CISO therefore bears a heavy responsibility and must have a number of qualities.
What are the different tasks of a CISO?
The tasks of the information systems security manager are manifold.
The cybersecurity professional must define a security policy and ensure that it is applied.
The CISO is responsible for the implementation of various security projects while analysing the risks. He or she must ensure that relevant security measures are taken in order to reduce the risks as much as possible. The information systems security manager must be able to adapt to the various cybersecurity issues. He/she assesses the consequences that threats to the security of information systems may have.
He or she also plays the role of an advisor since he or she alerts, informs and raises the awareness of general management and other company employees with regard to IS data protection. The CISO coordinates the security of the company's information systems.
An important aspect of a CISO's work is "technology watch".
It consists of monitoring the various innovationsin the sector and controlling the impacts of new IT risks. The Information Systems Security Officer has a broad knowledge of the General Data Protection Regulations (GDPR ) with regard to user privacy and security.
What are the skills and qualities of a good CISO?
The information systems security manager is much more than just a department head responsible for implementing security measures. In addition to quality CISO training, this cybersecurity expert must have a range of skills and qualities, both technical and non-technical.
Leadership and supervision
The CISO has a direct influence on the security staff. He or she acts as both a mentor and a leader who can motivate employees and lead a team. This motivation can be in the form of simple recognition of work done, opportunities for network security training and professional development, or by giving an employee more decision-making power.
Good presentation and communication skills
Being an executive in a company most often involves interaction with the board of directors. However, given the low rate of senior executives with cybersecurity training, the cybersecurity professional is required to develop rhetoric to make the board more aware of the seriousness of the risks involved. The CISO must be a good communicator.
He or she must be able to translate the language of cybersecurity into simple terms understood by the company's management.
This ability will be a major asset in justifying the IT security budget.
The ability to manage a crisis effectively
86% of IT security managers believe that companies will sooner or later face one or more security breaches. Since panic and disorganisation in the event of a crisis will only make the situation worse, it is important for the CISO toestablish an effective strategy to counteract security breaches. The cybersecurity expert must be able to identify who is responsible for what action and who should be informed first (legal departments, legal teams, etc.) in order to resolve the problem quickly.
How much does an information systems security manager earn?
The salary of a CISO depends on the importance of the projects he/she manages, the size of the company and the level of expertise required. Salaries can range from €3,200 per month at the beginning of a career to €5,000 or more at the end. The average salary for a cybersecurity professional is therefore around €60,000 per year. A CISO can expect a salary of between €40,000 and €150,000 per year. For some rare exceptions, the salary can go beyond 200,000 euros per year.
What is the career path for a CISO?
In a company where security is a major issue, the CISO can evolve as CIO (Chief Information Officer). He or she may also turn to the liberal sector as a consultant for security flaws in the company's IT system. As a cybersecurity professional, he or she may decide to become DPO (Data Protection Officer) or DSI (Director of Information Systems).
How to become an information systems security manager?
The ideal route to becoming a CISO is usually from a top engineering school with a cybersecurity option. A master's degree in information and an option in cybersecurity can give access to a CISO position within an organisation.
With Jedha, it is now possible to follow a certification course in cybersecurity registered in the RNCP (Répertoire national des certifications professionnelles).
This training provides students with the skills required to ensure the security of corporate infrastructures through the techniques of SOC Analysts. Cybersecurity training enables this professional to deal effectively with the vulnerability of systems within the organisation.
The cybersecurity expert must have a perfect knowledge of the functioning of computer systems and networks. He or she must be informed of new technologies and security flaws in order to apply the corrective measures adapted to his or her strategy. To better protect their organisation, future CISOs will be required to learn hacking techniques. Cybersecurity training will consist of penetrating computer networks and assessing vulnerabilities.
The information systems security manager is a professional with a good training in CISO. He or she is a major asset for the protection of a company's data. It is important that the CISO is a professional in cyber security. Jedha offers a certified cybersecurity training for anyone who wants to make a career in this field. The training can be face-to-face, distance learning, part-time or full-time. The student can therefore follow the course regardless of his or her schedule.
