This section offers specific content aimed at INCIBE-CERT's target audience, in terms of their areas of knowledge, interests, profiles or skills.
This target group essentially refers to professionals who carry out their activity linked in some way to cybersecurity, regardless of whether they have had access to training in the field or to certification. In other words, profiles who work in cybersecurity, but whose tasks are carried out in the same way in any sector of professional activity.
It is not the intention to model all existing cybersecurity profiles or competencies, nor to determine watertight areas. The same professional can work in more than one of the areas defined here. This section only groups together the different knowledge and areas of competence, which make up professional profiles, to which the contents prepared by INCIBE-CERT are addressed. An extract of the contents is offered for each one, grouping them according to the different knowledge or activities and offering the most appropriate ones for each one.
This professional area of cybersecurity includes profiles that handle different programming languages, development environments, libraries, secure development methodologies (OWASP...), architectures, security threat modeling, best practices and utilities to apply in software development security requirements.
These also understand and use tools to ensure safety throughout the software life cycle. On the other hand, they analyze and recognize code that may pose a threat because of its behavior, using specific tools for this analysis.
Within this area, the profiles of secure code developer or auditor, specialist analyst or developer, cryptographer or cryptanalyst and malware analyst or reverse engineering specialist are grouped together.
This link offers content of interest to professionals in Development.
Research and technical analysis
This professional area includes investigation profiles that use different techniques and procedures to collect, process, preserve, analyze and present computer evidence to support various kinds of investigations or to mitigate vulnerabilities.
It also includes the profiles of analysts who detect and evaluate the threats and vulnerabilities of networks and systems; locate anomalies due to configurations or policy non-compliance; analyze cybersecurity events; assess risk levels and apply countermeasures to counteract weaknesses found.
This area includes the profiles of vulnerability analyst or researcher, ethical hacker or pentester (a profile that can be integrated into a Red Team), digital forensic, fraud and cybercrime researcher and cyber-intelligence or threat intelligence analyst.
This link offers content of interest to professionals in Technical research and analysis.
IT systems and networks administration
IT profiles are responsible for managing and maintaining systems (hardware or software), servers, applications, networks (including firewalls and other network devices), technical support, access control and user accounts, as well as ensuring their confidentiality, integrity and availability. All this in accordance with security policies.
In some cases, these professionals are part of what is called the Blue Team, a multidisciplinary team in charge of the organization’s defense and responsible for protecting infrastructure and information systems, as well as analyzing threat information from different sources, tools and disciplines, synthesizing it to put it in a context and extract the possible implications.
This area includes the profiles of IT system administrator, IT network administrator, IT specialist (cloud, web, voice ip, IAM,...), technical support or IT help desk, IT SOC specialist (OSINT, SIEM) and IT incident response specialist.
This link offers content of interest to professionals in IT systems and networks administration.
OT / ICS systems and networks administration
Technical professionals in OT environments are responsible for managing and maintaining systems (including SCADA, PLC, etc.), servers, applications, networks, access control and user accounts, technical support, implementation of security and operational controls in accordance with security policies and procedures, as well as ensuring their confidentiality, integrity and availability.
The descriptions of these professionals are similar to those of equivalent IT professionals, except that they deal with systems where availability is often more critical than confidentiality, and may use specific protocols, or may be real-time systems or considered critical infrastructure.
In the same way, these professionals can also be part of a Blue Team, with their own and necessary specialization in OT environments, in charge of the organization’s defense and responsible for protecting infrastructure and information systems, as well as analyzing threat information from different sources, tools and disciplines, synthesizing it to put it in a context and extract the possible implications.
This set includes the profiles of OT system administrator, OT network administrator, OT specialist (cloud, voice ip, smart grid, etc.), OT technical support or help desk, OT SOC specialist (OSINT, SIEM) and OT incident response specialist.
This link offers content of interest to professionals in OT / ICS systems and networks administration.
These professionals should be aware of applicable cybersecurity laws and regulations in order to provide advice and recommendations to management and operational levels. They lead the management and evaluation of risks, the measurement of established controls or policy changes necessary for legal and regulatory compliance, and guarantees of business continuity. These profiles can also be responsible for internal cybersecurity training and awareness.
This area includes consultants, generally from technology companies, who work on the integration of security tools in networks and systems and innovation consultants in cybersecurity.
This group includes the profiles of regulatory compliance auditor, IT consultant or risk management and information security consultant, security solutions integrator, business continuity consultant, legal or privacy consultant and cybersecurity innovation consultant.
This link offers content of interest to professionals in Audit and consulting.