Cybersecurity talent

development playbook
12 pre-built training plans to help teams
identify, upskill and retain cybersecurity talent
Introduction
There are more than four million open cyber roles worldwide.
This shortage of cybersecurity talent is magnified by today’s
highly competitive job market — causing many organizations
to see record-high churn rates, recruitment costs and staff
salaries. $138K - $184K
Cost to replace a single
Infosec’s 2021 IT and Security Talent Pipeline Study found cybersecurity employee
that hiring managers experiencing recruiting success were (Source: Gallup and Payscale)
44% more likely to consider candidates with no previous
experience and 67% more likely to report well-defined cyber
roles.

“It is highly unreasonable for companies to expect

turn-key hires. There is no one-size-fits-all.”
— Jonathan Brandt, Director of Professional
Practices and Innovation at ISACA 92%
Hiring managers
impacted by the
It’s clear that with the right training program, organizations cybersecurity skills gap
and their teams can greatly reduce the negative impacts felt (Source: Infosec)
by the cybersecurity skills gap and the competitive job market.
That’s why Infosec developed pre-built training roadmaps for
12 of the most in-demand cybersecurity roles. Team leaders
can leverage these Infosec Skills Roles to efficiently and
effectively:

» Personalize development plans for each employee at

every stage of their career
» Upskill and cross-train talent for open cybersecurity
positions within their organization 66%
» Boost employee engagement and talent retention Boost in employee
retention when learning
Backed by the research of skills requested by employers and and development
a panel of cybersecurity subject matter experts, each of the opportunities are
12 Infosec Skills Roles clearly outlines which training and provided
certifications are needed so professionals can spend their (Source: Salesforce)
limited time on the areas that matter most.

1
Creating a training plan
Role-guided
Developing cybersecurity talent and teams
cannot be a one-size-fits-all approach. It
is critical to tailor training plans to each
employee’s job role and level of proficiency.
Check out the “Which roles fit your team”
section to find the right role for each of your
team members.
Hands-on
We all learn better when we learn by doing.
Incorporating elements of hands-on training
will deepen your team’s engagement,
accelerate their skill development and
increase their knowledge retention. Explore
our Infosec Skills Roles for relevant hands-on
training opportunities to move your team
from theory to practice.

Measurable
Set your team up for success by identifying Engaging
and tracking training goals. Every Infosec A great way to encourage continuous
Skills Role includes a variety of skill learning is to gamify the experience with
assessments and practice exams, helping micro-credentials. Small yet tangible
you to gather baseline scores and report on milestones will provide your team with the
progress over time. social validation they need to stay motivated.
Every time your employee completes a
learning path on their training roadmap, they
Personalized will earn a certificate of completion.
Beyond immediate training goals, provide
each employee with a long-term career
roadmap. Employees with this insight tend to
have greater confidence in their skills, longer
retention rates and higher job satisfaction.
Twelve sample training plans are provided
below to support the long-term career
development of each Infosec Skills Role.

Additional team and skill development resources

“We are finding that retention 2021 IT and Security Talent 2021 Cybersecurity Role and
rates are going up in our Pipeline Study Career Path Clarity Study
cybersecurity roles because
Read Now Read Now
people feel like they’re being
listened to. They’re being
provided opportunities that
Developing Cybersecurity Talk to Infosec about
they may not have had before.”
Talent and Teams Ebook role-guided training

Read Now Book a Meeting

— James “Slim” Beamon, Dean of the CyberEDGE
Academy and Senior Cybersecurity Program Manager
at Leidos

2
Which roles fit your team?
Infosec Skills role-guided training is designed to be flexible, whether you want to hit the ground running with an
out-of-the-box training plan or build a custom plan mapped to the NICE Workforce Framework for Cybersecurity or
MITRE ATT&CK® Matrix for Enterprise.

Check out the 12 Roles below and tweak the training plans as necessary to fit your organization’s needs.

Cybersecurity Beginner SOC Analyst Digital Forensics Analyst

Cross-train employees Build a baseline of incident Prepare your team to

and build a baseline of response skills and prepare investigate and uncover the
cybersecurity knowledge. junior analysts to progress into true nature of cybersecurity
more senior positions. incidents.

View Plan View Plan View Plan

Penetration Tester OT Security Practitioner Security Engineer

Build your team’s skills around Build your team’s operational Build your team’s technical
uncovering vulnerabilities and technology skills and keep your skills and keep your
other security weaknesses. industrial control systems (ICS) organization’s security controls
secure. running smoothly.

View Plan View Plan View Plan

Cloud Security Engineer Security Architect Information Risk Analyst

Build your team’s cloud Upskill your team to better Upskill your team and gain
security skills and ensure design, implement and a better understanding of
your organization’s cloud maintain secure infrastructure. how to assess and manage
infrastructure is secure. organizational risk.

View Plan View Plan View Plan

Security Manager Privacy Manager Secure Coder

Build your team’s management Build your team’s privacy skills Upskill your engineering team
skills and ensure your and learn to create a strategic and ensure your software and
organization’s security aligns and comprehensive privacy applications are protected
with business objectives. program. from vulnerabilities.

View Plan View Plan View Plan

Create your free Infosec Skills account to browse all 190+ role-guided learning paths.

Browse All Training

Cybersecurity
Beginner
What is a Cybersecurity Beginner?
If you need to get your team up to speed on cybersecurity
basics, this is the perfect role for them. The Cybersecurity
Beginner Role focuses on the foundational skills and
knowledge that will allow anyone to take the first step Role at a glance
towards transitioning into a cybersecurity career. No prior
knowledge of cybersecurity or work experience is required.
Core domains
The only prerequisite is a passion for technology and
cybersecurity. » Foundational cybersecurity

Related job titles

How this role helps my organization
» Beginner
Finding cybersecurity candidates with the exact background
» Newbie
you desire can be challenging. This role provides a proven
pathway to quickly upskill employees and certifies they have » Entry-level
the baseline of knowledge needed for future success —
whether they’re external hires with less experience or existing Related NICE Work Roles
employees from other areas of your organization.
No direct correlation, but this
role gives you the foundational
What will my team learn? knowledge you need for all
NICE Work Roles.
You can easily customize the training assigned from the
Cybersecurity Beginner Role to fit each team member’s
needs depending on existing knowledge and skills. It includes
CompTIA’s “core” certifications and other entry-level learning
paths that organizations like VetsInTech and other private
enterprises have used to build a baseline of knowledge.
They’ll learn about:

» Hardware, operating systems and mobile device management

» Applications and software development
» Network and cloud infrastructure
» Best practices for troubleshooting
» Common attacks, threats and vulnerabilities
» Introduction to risk and risk management
» Security operations and incident response
» Implementing security best practices
View all Cybersecurity
Beginner training

View Training

4
INFOSEC SKILLS SAMPLE TRAINING PLAN

Cybersecurity Beginner
Cross-train employees and build a baseline of cybersecurity knowledge with the
Cybersecurity Beginner Role training plan. Use the pre-built training below or
customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

Cybersecurity Foundations CompTIA A+

• OS, network & cloud basics • Install, configure & support devices
• Risk management basics • Network, virtualization & cloud fundamentals
• Command line basics • Troubleshoot devices & software

CompTIA Security+ CompTIA Network+

• Implement security solutions • Network technology & devices
• Monitor & secure hybrid environments • Implement, monitor & optimize networks
• Identify, analyze & respond to incidents • Harden & troubleshoot networks

Specialize your team’s skillsets (Elective)

Linux Fundamentals The Basics: EC-Council CEH Fundamental Privacy Laws & Acts
• Linux architecture • Recon & vulnerability analysis • U.S. federal privacy legislation
• Linux jobs & processes • Web app, wireless & IoT hacking • U.S. healthcare privacy laws
• Linux scripting & automation • Exploitation & exfiltration • Global data protection laws

Apply your team’s skills (Continuing Ed)

Command Line Basics Cyber Range

• Common Windows tools & utilities
• Common Linux tools & utilities
• System & network admin tasks

Other potential Cybersecurity Beginner training: CompTIA ITF+, Certified Reverse Create your free Infosec Skills account to
Engineering Analyst Fundamentals, The Basics: CISA, The Basics: CISM and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
SOC Analyst
What is a SOC Analyst?
Security Operations Center (SOC) Analysts are responsible
for analyzing and monitoring network traffic, threats and
vulnerabilities within an organization’s IT infrastructure. This
includes monitoring, investigating and reporting security
events and incidents from security information and event
management (SIEM) systems. SOC Analysts also monitor Role at a glance
firewall, email, web and DNS logs to identify and mitigate
intrusion attempts.
Core domains
» Cyber defense analysis
How this role helps my organization » Systems analysis
SOC Analyst is a great role to evaluate junior cybersecurity
hires and help them grow into the types of mid-level security Related job titles
employees your company needs. Since this role is typical for
» Security analyst
many newcomers, it’s important to develop a training plan
that builds a base foundation of skills to set them up for » Security specialist
long-term success — and provides the opportunity to » Incident analyst
discover future career interests and aptitudes.
Related NICE Work Roles

What will my team learn? » Systems security analyst

» Cyber defense analyst
The SOC Analyst Role in Infosec Skills aligns with 37
Knowledge Statements and eight Skill Statements in the » Vulnerability assessment
NICE Framework, which primarily roll up to the following analyst
competencies: » Cyber defense incident
» Vulnerabilities assessment » System administration responder
» Threat analysis » Computer network » Cyber defense
» Infrastructure design defense
infrastructure support
» Information systems/ » Business continuity
specialist
network security
» Incident management

Common tools and technology

» Wireshark » McAfee Enterprise
» Solarwinds Security Event Security Manager
Manager » Trend Micro
» Solarwinds Log Analyzer » Snort
» Splunk » Barracuda
» Splunk Enterprise Security » LogDNA
» LogRhythm NextGen SIEM » Datadog View all SOC Analyst
» Alienvault Unified Security training
Management
» Sumo Logic View Training

6
INFOSEC SKILLS SAMPLE TRAINING PLAN

SOC Analyst
Build a baseline of incident response skills and prepare junior analysts to progress
into more senior positions with the SOC Analyst Role training plan. Use the pre-built
training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

CertNexus CyberSec First Responder Incident Response

• Tools, tactics & procedures • Incident response stages
• Evaluate & analyze cybersecurity intel • Incident response tool deep dive
• Remediate & report incidents • Memory, network & host forensics

Cyber Threat Hunting Network Traffic Analysis for Incident Response

• Intelligence gathering • Collect & analyze traffic data
• Investigation techniques • Case studies of extracting intel
• Remediation methods • Build network monitoring program

Specialize your team’s skillsets (Elective)

Advanced Intrusion Detection Cybersecurity Data Science

• Open-source tools & use cases • Static & dynamic malware analysis
• Prioritize risks with frameworks • Building an IDS
• Craft meaningful detections • Machine learning use cases

Apply your team’s skills (Continuing Ed)

Network Traffic Analysis Cyber Range Cyber Threat Hunting Cyber Range
• TShark, Scapy & other tools • Detect port scans
• Examine capture files & live traffic • Find threats in .pcap & .vmem files
• Identify & analyze abnormal traffic • Hunt host-based & network-based threats

Other potential SOC Analyst training: Computer Forensics, Threat Modeling and more. Create your free Infosec Skills account to
see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Digital Forensics
Analyst
What is a Digital Forensics Analyst?
Digital Forensics Analysts collect, analyze and interpret digital
evidence to reconstruct potential criminal events and/or
aid in preventing unauthorized actions from threat actors.
They help recover data like documents, photos and emails
Role at a glance
from computer or mobile device hard drives and other data
storage devices — such as zip folders and flash drives — that Core domains
have been deleted, damaged or otherwise manipulated.
Digital Forensics Analysts carefully follow chain-of-custody » Digital forensics
rules for digital evidence and provide evidence in acceptable
formats for legal proceedings. Related job titles
» Incident handler
How this role helps my organization » Incident responder
» Incident response analyst
When a cybersecurity incident occurs, Digital Forensics
Analysts are the professionals who piece together what » Incident response engineer
happened and the potential impact on your organization. » Incident response
That’s why it’s important to build a training program that coordinator
aligns with the types of data and systems they may be tasked
» Intrusion analyst
with analyzing. The technical and analytical nature of the
role is also a good fit for transitioning into future roles like » Computer network defense
Penetration Tester or Information Risk Analyst. incident responder
» Computer security incident
response team engineer
What will my team learn?
The Digital Forensics Analyst Role in Infosec Skills aligns with
Related NICE Work Roles
46 Knowledge Statements and 22 Skill Statements in the » Cyber defense forensics
NICE Framework, which primarily roll up to the following analyst
competencies:
» Cybercrime investigator
» Computer forensics » Information systems/
network security » Cyber defense incident
» Vulnerabilities assessment
» Threat analysis » Encryption responder
» System administration » Computers and
» Legal, government and electronics
jurisprudence » Computer network
» Operating systems defense`

Common tools and technology

View all Digital Forensics
» Kali Linux » Windows registry analysis:
Registry recon
Analyst training
» Disk analysis: Autopsy/the
Sleuth Kit » Mobile forensics:
Cellebrite UFED View Training
» Image creation: FTK
imager » Network analysis:
» Memory forensics: Wireshark
Volatility » Linux distributions: CAINE 8
INFOSEC SKILLS SAMPLE TRAINING PLAN

Digital Forensics Analyst

Prepare your team to investigate and uncover the true nature of cybersecurity
incidents with the Digital Forensics Analyst training plan. Use the pre-built training
below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

Certified Computer Forensics Examiner (CCFE) Network Forensics

• Investigation process • Concepts & techniques
• Legal issues • Firewalls, IDSes & other tools
• Types of forensic artifacts • Log, protocol, email & traffic analysis

Windows Registry Forensics Windows OS Forensics

• Structure of registry hives • FAT32, exFAT & NTFS systems
• Investigate different hive files • Recover deleted files
• Export & interpret data • Interpret & validate data

Specialize your team’s skillsets (Elective)

Certified Mobile Forensics Introduction to x86 Disassembly Cyber Threat Hunting

Examiner (CMFE) • Computer architecture basics • Intelligence gathering
• Android, iOS & other forensics • Build & debug x86 • Investigation techniques
• Analyze & extract evidence • x86 assembly instructions • Remediation methods
• Report on findings

Certified Reverse Engineering CompTIA Advanced Security

Analyst (CREA) Practitioner (CASP+)
• Different malware types • Security ops & architecture
• Common malware behavior • Engineering & cryptography
• Reversing tools & techniques • Governance, risk & compliance

Apply your team’s skills (Continuing Ed)

Computer Forensics Cyber Range Cyber Threat Hunting Cyber Range

• Create & examine forensic images • Detect port scans
• Perform memory forensics • Find threats in .pcap & .vmem files
• Use Volatility & Foremost • Hunt host-based & network-based threats

Other potential Digital Forensics Analyst training: Incident response, Network Traffic Create your free Infosec Skills account to
Analysis for Incident Response, CertNexus CyberSec First Responder and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Penetration Tester
What is a Penetration Tester?
Penetration Testers, or ethical hackers, are responsible for
planning and performing authorized, simulated attacks within
an organization’s information systems, networks, applications
and infrastructure to identify vulnerabilities and weaknesses.
Findings are documented in reports to advise clients on how
to lower or mitigate risk. Penetration Testers often specialize Role at a glance
in a number of areas such as networks and infrastructures;
Windows, Linux and Mac operating systems; embedded
computer systems; web/mobile applications; supervisory Core domains
control data acquisition (SCADA) control systems; cloud » Exploitation analysis
systems and internet of things (IoT) devices.
» Vulnerability assessment
and management
How this role helps my organization
Related job titles
Penetration Testers require a solid understanding of systems
and infrastructure in order to properly uncover all the » Ethical hacker
potential risks facing your organization. A number of tools » Assurance validator
are available to help automate pentesting tasks, but training
programs need to go beyond basic scanning and teach
Related NICE Work Roles
advanced tactics, which is where many of the most important
issues are often found. As Penetration Testers’ skills grow, » Exploitation analyst
they can specialize in certain areas to fit your organization’s » Target network analyst
needs, such as cloud or mobile pentesting.
» Threat/warning analyst

What will my team learn?

The Penetration Tester Role in Infosec Skills aligns with
70 Knowledge Statements and 15 Skill Statements in the
NICE Framework, which primarily roll up to the following
competencies:
» Vulnerabilities assessment » Identity management
» Computer network » Operating systems
defense » Network management
» Infrastructure design » Information assurance
» Threat analysis » Encryption
» Information systems/ » Data privacy and
network security protection

Common tools and technology

View all Penetration
» Wireshark » SimplyEmail
Tester training
» Hashcat » Zmap
» John the Ripper » Powershell-suite
View Training
» Hydra » Burp Suite
» Aircrack-ng » Metasploit
» Xray » Nikto
10
INFOSEC SKILLS SAMPLE TRAINING PLAN

Penetration Tester
Build your team’s skills around uncovering vulnerabilities and other security
weaknesses with the Penetration Tester Role training plan. Use the pre-built
training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

EC-Council Certified Ethical Hacker Web Application Pentesting

• Tools, systems & programs • OWASP Top Ten
• Procedures & methodology • Tool setup & usage
• Hacking ethics • Pentesting dos & don’ts

Python for Pentesters Cloud Pentesting

• Python basics • AWS pentesting
• Common vulnerabilities • Azure pentesting
• Network & web app attacks • Tools & techniques

Specialize your team’s skillsets (Elective)

Mobile Application Pentesting Advanced Cybersecurity Concepts Offensive Bash Scripting

• iOS pentesting • Reverse engineering • Bash & Python basics
• Android pentesting • Web app pentesting • Reconnaissance & scanning
• Tools & techniques • Privilege escalation • Privilege escalation

Certified Mobile & Web App Machine Learning for Red Team Certified Expert Penetration
Penetration Tester Hackers Tester
• Pentesting methodologies • Hack CAPTCHA systems • Create Windows exploits
• Pentesting tools • Write evolutionary fuzzer • Create Linux exploits
• Mobile & web app attacks • Evade malware detection • Advanced techniques

Apply your team’s skills (Continuing Ed)

Purple Team Web App Cyber Common Attack Types Cyber Resource Development Cyber
Range Range Range
• Remote code execution • Cross-site scripting • Build custom tools
• LFI vulnerability • Cross-site request forgery • Malicious APK & Linux packages
• Web app firewall • Injection attacks • C&C, keyloggers & webshells

Other potential Penetration Tester training: CompTIA PenTest+, Cyber Threat Hunting, Create your free Infosec Skills account to
Reconnaissance Cyber Range and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
OT Security
Practitioner
What is an OT Security Practitioner?
Operational Technology (OT) Security Practitioners (formerly
ICS Security Practitioner) are responsible for securing
mission-critical supervisory control and data acquisition
(SCADA), industrial control systems (ICS) information Role at a glance
systems and others. They are responsible for restricting
digital and physical access to devices, such as PLCs and
Core domains
RTUs, to maximize system uptime and availability. Extensive
knowledge of OT and IT protocols, incident response, Linux » System administration
and Windows OS, configuration management, air-gapped » Systems architecture
or closed networks, insider threats and physical security
controls are important competencies for any OT security
practitioner.
Related job titles
» Information security
How this role helps my organization engineer
» Cybersecurity engineer
Solid networking skills are foundational to many ICS roles.
» Security systems engineer
ICS systems also tend to have significantly more restrictions
around patching, so it’s important for teams to have excellent » IT security engineer
planning skills and be proactive around security updates. An » IS architect
effective training plan should include a solid understanding
of what’s most important to your organization and guidance
Related NICE Work Roles
on how your systems, policies and procedures help balance
those priorities against potential cyber risks. » Systems testing and
evaluation specialist

What will my team learn? » Technical support specialist

» Network operations
The Security Practitioner Role in Infosec Skills aligns with specialist
23 Knowledge Statements and nine Skill Statements in the
» System administrator
NICE Framework, which primarily roll up to the following
competencies: » Cyber infrastructure
» Computer network » Infrastructure design support specialist
defense » System administration » Information systems
» Information systems/ » Information assurance security developer
network security » Incident management
» Vulnerabilities assessment » Security architect
» Encryption

Common tools and technology

» Tripwire » McAfee View all OT Security
» FireEye IOC Editor » Nessus
Practitioner training
» FireEye IOC Finder » Nextnine ICS Shield
» Symantec Anomaly » Snort
View Training
Detection for ICS » Splunk
» DarkTrace ICS » Symantec Anomaly
» AlienVault Unified Security Detection for ICS
Management SIEM 12
INFOSEC SKILLS SAMPLE TRAINING PLAN

OT Security Practitioner
Build your team’s operational technology skills and keep your industrial control
systems (ICS) secure with the OT Security Practitioner Role training plan. Use the
pre-built training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

ICS/SCADA Security Analyst Network Traffic Analysis for Incident Response

• SCADA security frameworks • Collect & analyze traffic data
• Assess ICS/SCADA risk • Case studies of extracting intel
• SCADA security controls • Build network monitoring program

Certified SCADA Security Architect (CSSA) Identity & Access Management

• SCADA security best practices • Design & implement IAM system
• Authentication & authorization • IAM security considerations
• Detecting cyber incidents • IAM federal standards

Specialize your team’s skillsets (Elective)

Writing Secure Code in C++ Cyber Threat Hunting

• Common C/C++ vulnerabilities • Network traffic anomalies
• Safely use variables & strings • Identify & remediate malware
• Error handling • Attack simulators

Apply your team’s skills (Continuing Ed)

SCADA Cyber Range Cyber Threat Hunting Cyber Range

• Reconnaissance & scanning • Detect port scans
• Attacks & exploits • Find threats in .pcap & .vmem files
• CTF exercises • Hunt host-based & network-based threats

Other potential OT Security Practitioner training: CompTIA Security+, Incident Create your free Infosec Skills account to
Response and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Security Engineer
What is a Security Engineer?
Security Engineers are responsible for implementing and
continuously monitoring security controls that protect
computer assets, networks and organizational data. They
often design security architecture and develop technical
solutions to mitigate and automate security-related
tasks. Technical knowledge of network/web protocols, Role at a glance
infrastructure, authentication, log management and multiple
operating systems and databases is critical to success in this
role. Core domains
» System administration

How this role helps my organization » Systems architecture

The day-to-day tasks of a Security Engineer vary depending

Related job titles
on the organization, but strong technical skills and a solid
understanding of system architecture will set employees » Information security
on a path to success. Although it’s usually not an entry-level engineer
role, you can build a solid pipeline of talent by identifying » Cybersecurity engineer
employees in more junior technical roles and creating
» Security systems engineer
training plans specific to your organization’s cybersecurity
engineering needs. » IT security engineer
» IS architect

What will my team learn? Related NICE Work Roles

The Security Engineer Role in Infosec Skills aligns with » Systems testing and
65 Knowledge Statements and 14 Skill Statements in the evaluation specialist
NICE Framework, which primarily roll up to the following
» Technical support specialist
competencies:
» System administration » Information technology » Network operations
» Infrastructure design assessment specialist
» Identity management » Software development
» System administrator
» Operating systems » Risk management
» Information assurance » Cyber infrastructure
» Information systems/
network security » Encryption support specialist
» Enterprise architecture » Vulnerabilities assessment » Information systems
» Data privacy and » Systems integration security developer
protection » Network management
» Security architect
Common tools and technology
» Wireshark » Web vulnerability
» Nmap scanning tools View all Security
» Ncat (previously Netcat) » Network security Engineer training
» Metasploit monitoring tools
» Nikto » Encryption tools View Training
» Burp Suite » Network defense wireless
tools
» Kali Linux
» Packet sniffers 14
INFOSEC SKILLS SAMPLE TRAINING PLAN

Security Engineer
Build your team’s technical skills and keep your organization’s security controls
running smoothly with the Security Engineer Role training plan. Use the pre-built
training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

(ISC)² Certified Information Systems Security Security Engineering

Professional (CISSP) • Implement security controls
• Security operations • Manage processes & tools
• Network, asset & software security • Vulnerability & risk management
• Security assessment & testing

Enterprise Security Risk Management Identity & Access Management

• Risk metrics & frameworks • Design & implement IAM system
• Security governance & policies • IAM security considerations
• Risk mitigation & response • IAM federal standards

Specialize your team’s skillsets (Elective)

Advanced Intrusion Detection Database Security Threat Modeling

• Open-source tools & use cases • Laws & regulations • Defense-in-depth
• Prioritize risks with frameworks • Data in use, in transit & at rest • Conceptual frameworks
• Craft meaningful detections • Standards & disaster recovery • Rapid Threat Model Prototyping

CompTIA Advanced Security Windows Server Security DevSecOps

Practitioner (CASP+) • Best practices • Source control management
• Security operations • Update services • Secure CI/CD pipeline
• Security architecture • Backups & disaster recovery • Container security
• Governance, risk & compliance

Apply your team’s skills (Continuing Ed)

Advanced Adversary Tactics Cyber Range

• MITRE ATT&CK® Matrix for Enterprise
• Tactics & techniques
• Offensive & defensive measure

Other potential Security Engineer training: CISSP-ISSEP, Identity and Access Create your free Infosec Skills account to
Management, Advanced Adversary Tactics, Web Application Security and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Cloud Security
Engineer
What is a Cloud Security Engineer?
Cloud Security Engineers design, develop, manage and
maintain a secure infrastructure leveraging cloud platform
security technologies. They use technical guidance and
engineering best practices to securely build and scale Role at a glance
cloud-native applications and configure network security
defenses within the cloud environment. These individuals
Core domains
are proficient in identity and access management (IAM),
using cloud technology to provide data protection, container » System administration
security, networking, system administration and zero-trust » Systems architecture
architecture.

Related job titles

How this role helps my organization » Information security
engineer
The duties of a Cloud Security Engineer will vary depending
on where your organization is on its cloud journey. » Cybersecurity engineer
Organizations often employ junior, senior and lead Cloud » Security systems engineer
Security Engineers, but even “junior” employees should
» IT security engineer
have experience in multiple security domains. Identifying
employees with a solid baseline of experience and creating a » IS architect
training plan to build their cloud skills will ensure a smooth
transition — no matter what stage of your journey. Related NICE Work Roles
» Systems testing and
evaluation specialist
What will my team learn?
» Technical support specialist
The Cloud Security Engineer Role in Infosec Skills aligns with
» Network operations
70 Knowledge Statements and 14 Skill Statements in the
specialist
NICE Framework, which primarily roll up to the following
competencies: » System administrator

» System administration » Enterprise architecture » Cyber infrastructure

» Infrastructure design
» Identity management
» Operating systems
» Information systems/
network security
» Data privacy and support specialist
protection
» Information systems
» Information technology
security developer
assessment
» Software development » Security architect

Common tools and technology

» Amazon Cloudwatch » Hyperic View all Cloud Security
» Microsoft Cloud Monitoring » Solarwinds Engineer training
» AppDynamics » CrowdStrike Falcon
» BMC TrueSight Pulse Horizon View Training
» DX Infrastructure Manager » eSentire esCLOUD
(IM) » Jenkins
» New Relic » Docker 16
INFOSEC SKILLS SAMPLE TRAINING PLAN

Cloud Security Engineer

Build your team’s cloud security skills and ensure your organization’s cloud
infrastructure is secure with the Cloud Security Engineer Role training plan. Use the
pre-built training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

(ISC)² Certified Cloud Security Professional (CCSP) Identity & Access Management
• Cloud architecture & design • Design & implement IAM system
• Data, platform & app security • IAM security considerations
• Legal, risk & compliance • IAM federal standards

Azure Security Engineer Associate AWS Certified Security Specialist

• Logging & monitoring • Implement platform protection
• Infrastructure security • Manage security operations
• Data protection • Secure data & apps

Specialize your team’s skillsets (Elective)

Cloud Service Providers (CSP) Container Security Microsoft Windows &

Security Features • Container basics
Virtualization Fundamentals
• CSP responsibilities • Docker security • Command-line interface
• Native security controls • Kubernetes security • PowerShell
• AWS, Azure & GCP • VLANs & cloud computing

Apply your team’s skills (Continuing Ed)

Offensive Bash Scripting Project Container Security Project Identity & Access Management
• Attack virtual machine • Review images
Project
• SQL injection • Docker image best practices • Password policies
• Python reverse shell • Scan for vulnerable software • Access control & authentication
• PKI systems

Other potential Cloud Security Engineer training: AWS Essentials and Solutions Create your free Infosec Skills account to
Architect Associate and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Security Architect
What is a Security Architect?
Security Architects are responsible for planning, designing,
testing, implementing and maintaining an organization’s
computer and network security infrastructure. Security
Architects develop information technology rules and
requirements that describe baseline and target architectures
and support enterprise mission needs. Advanced technical
knowledge of network/web protocols, infrastructure,
Role at a glance
authentication, enterprise risk management, security
engineering, communications and network security, identity Core domains
and access management, and incident response is critical to
success in this role. » System administration
» Systems architecture

How this role helps my organization Related job titles

A Security Architect is usually a more senior role in an » Enterprise architect
organization as they are tasked with implementing the
» Solutions architect
infrastructure on which an organization’s security is built. It
requires a thorough understanding of security components, » Enterprise security architect
how to implement those components to meet your » Infrastructure architect
organization’s needs and how risk is managed within your
» Data architect
organization. An effective training plan should cover all three
aspects. » Cloud solutions architect

Related NICE Work Roles

What will my team learn? » Enterprise architect
The Security Architect Role in Infosec Skills aligns with » Solutions architect
85 Knowledge Statements and 15 Skill Statements in the
» Enterprise security architect
NICE Framework, which primarily roll up to the following
competencies: » Infrastructure architect
» Infrastructure design network security
» Information assurance » Vulnerabilities assessment
» Enterprise architecture » Data privacy and
» Systems integration protection
» Encryption » Technology awareness
» Information systems/ » System administration

Common tools and technology

» Wireshark » Automation, and response
Nmap (SOAR) tools
» View all Security
» Ncat (previously Netcat) » Security information and
event management (SIEM) Architect training
» Metasploit
tools
» Nikto
» Web vulnerability scanning View Training
» Burp Suite
tools
» Kali Linux
» Network security
» Security orchestration monitoring tools 18
INFOSEC SKILLS SAMPLE TRAINING PLAN

Security Architect
Upskill your team to better design, implement and maintain secure infrastructure
with the Security Architect Role training plan. Use the pre-built training below or
customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

(ISC)² Certified Information Systems Security Security Architecture

Professional (CISSP) • Frameworks & processes
• Security operations • Threat modeling
• Network, asset & software security • Design for security
• Security assessment & testing

Enterprise Security Risk Management Cloud Security Architecture

• Risk metrics & frameworks • Design requirements
• Security governance & policies • Data, app & infrastructure security
• Risk mitigation & response • Legal & compliance

Specialize your team’s skillsets (Elective)

NIST DoD RMF AWS Essentials & Solutions
• NIST RMF phases
Architect Associate
• Security authorization processes • Resilient architectures
• Statutory & regulatory requirements • High-performing architectures
• Secure apps & architectures
Certified SCADA Security Architect
• SCADA security best practices
• Authentication & authorization
• Detecting cyber incidents

SIEM Architecture & Process Web Server Protection Incident Response

• Bring structure to data • Infrastructure concepts • Incident response stages
• Gain visibility into your environment • Design & installation • Incident response tool deep dive
• Build content for threat detection • Monitoring & active defense • Memory, network & host forensics

Apply your team’s skills (Continuing Ed)

SIEM Architecture & Process Web Server Protection Project Incident Response Project
Project • Implement network filtering • Wireshark, Zeek & Volatility
• Dashboard visualization • Harden host OS • Watering hole attack
• Enrich data • Identify tampered files • SQL injection attack
• Create alerts

Other potential Security Architect training: Threat Modeling, Incident Response, Create your free Infosec Skills account to
CISSP-ISSAP and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Information Risk
Analyst
What is an Information Risk Analyst?
Information Risk Analysts conduct objective, fact-based risk
assessments on existing and new systems and technologies,
and communicate findings to all stakeholders within the
information system. They also identify opportunities Role at a glance
to improve the risk posture of the organization and
continuously monitor risk tolerance.
Core domains
» Risk management
How this role helps my organization » Vulnerability assessment
Managing risk is crucial for every organization, and
Information Risk Analysts must have the knowledge, skills Related job titles
and authority to match the high stakes. An effective training
» ISSO
plan should build that expertise and align with how your
organization measures risk. This role also requires solid » Cybersecurity auditor
communication skills so that leadership can make informed » Cybersecurity assessor
decisions on whether to accept the risk, avoid it, transfer it or
» Security analyst
mitigate it.
» Risk analyst
» Security controls assessor
What will my team learn?
The Information Risk Analyst Role in Infosec Skills aligns
Related NICE Work Roles
with 76 Knowledge Statements and 14 Skill Statements in » Security controls assessor
the NICE Framework, which primarily roll up to the following
» System security analyst
competencies:
» Vulnerabilities assessment » Enterprise architecture
» Information assurance » Systems integration
» Information systems/ » System administration
network security » Encryption
» Infrastructure design » Information technology
» Data privacy and assessment
protection » Systems testing and
» Risk management evaluation

Common tools, frameworks and documentation

» NIST Cybersecurity
Framework
» NIST SP 800-53
» NIST SP 800-37
» NIST SP 800-171
» Vulnerability scanning tools
» Log management tools
» Security technical
implementation Guides
(STIGs)
» Security content
automation protocol
(SCAP)
» Compliance checker (SCC) View all Information
» Knowledge of information Risk Analyst training
assurance vulnerability
alerts (IAVAs) View Training
20
INFOSEC SKILLS SAMPLE TRAINING PLAN

Information Risk Analyst

Upskill your team and gain a better understanding of how to assess and manage
organizational risk with the Information Risk Analyst Role training plan. Use the
pre-built training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

(ISC)² Certified Authorization Professional (CAP) Enterprise Security Risk Management

• Risk management program • Risk metrics & frameworks
• Security & privacy controls • Security governance & policies
• Continuous monitoring • Risk mitigation & response

ISACA CRISC Vulnerability Assessment

• Governance • Discover, classify & prioritize
• IT & security principles • Create remediation plan
• Risk assessment, response & reporting • Document & maintain assessment

Specialize your team’s skillsets (Elective)

NIST DoD RMF Implementing Controls for HIPAA
• NIST RMF phases
Compliance
• Security authorization processes • HIPAA models & protocols
• Statutory & regulatory requirements • HIPAA controls
• HIPAA security incidents
NIST Cybersecurity Framework
• Legal guidelines
• NIST CSF implementation
• CSF components & processes

Apply your team’s skills (Continuing Ed)

Vulnerability Assessment Project Secure Coding Fundamentals NIST Cybersecurity Framework

• JDK 11, Maven 3.6.3 & Git
Project
• Identify & rate CWEs & CVEs • Identify vulnerabilities in code
• Discover appropriate mitigations • How exploits work
• Injection, overflow & XSS attacks
Project
• Perform a gap analysis
• FIPS 199 & NIST SP 800-60
• NIST SP 800-53 controls

Other potential Information Risk Analyst training: ISACA CISA, CompTIA Cloud+, Create your free Infosec Skills account to
NIST 800-171 and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Security Manager
What is a Security Manager?
Security Managers develop security strategies that align with
the organization’s goals and objectives. In addition, they
direct and monitor security policies, regulations and rules
that the technical team implements. Knowledge in areas like
information security governance, program development and
management, incident response and risk management are Role at a glance
important to success in any security management role.

Core domains
How this role helps my organization » Cybersecurity management
Security Managers often come from two primary » Leadership
backgrounds: technical cybersecurity roles or business and
project management roles. No matter their background, Related job titles
Security Managers require solid relationship-building skills
to make sure your organization’s security is aligned with » Chief information security
your business strategy. An effective training program should officer (CISO)
provide the frameworks, strategies and metrics needed to » Chief security officer (CSO)
help them meet that objective.
» Head of cybersecurity
» VP of cybersecurity
What will my team learn? » Information security
director
The Security Manager Role in Infosec Skills aligns with 68
» Information technology
Knowledge Statements and three Skill Statements in the
manager
NICE Framework, which primarily roll up to the following
competencies:
» Vulnerabilities assessment » Network management
Related NICE Work Roles
» Systems integration » Legal, government and » Information systems
» Risk management jurisprudence
security manager
» Infrastructure design » Information technology
assessment » Authorizing official
» Information systems/
network security » Information assurance » Program manager
» Data privacy and » Incident management
» Privacy officer/compliance
protection » Contracting/procurement
manager
» Project management » Business continuity
» IT project manager
Common frameworks and documentation
» NIST Cybersecurity » ISO/IEC 27001
Framework » CMMC (Federal)
» NIST 800-30 View all Security
» NIST 800-37
Manager training
» NIST 800-53
» NIST 800-171 View Training

22
INFOSEC SKILLS SAMPLE TRAINING PLAN

Security Manager
Build your team’s management skills and ensure your organization’s security aligns
with business objectives with the Security Manager Role training plan. Use the
pre-built training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

(ISC)² Certified Information Systems Security Cybersecurity Administration

Professional (CISSP) • Industry cybersecurity risks
• Security operations • Measure & control risks
• Network, asset & software security • Integrate technologies
• Security assessment & testing

Enterprise Security Risk Management Cybersecurity Management

• Risk metrics & frameworks • Security metrics & controls
• Security governance & policies • Incident response & recovery
• Risk mitigation & response • Security activities & architecture

Specialize your team’s skillsets (Elective)

NIST DoD RMF Cybersecurity Leadership & Information Privacy Essentials

• NIST RMF phases
• Security authorization processes
• Statutory & regulatory requirements
Management • Global data protection laws
• Align security with strategy • U.S. laws & regulations
• Align trust with regulations • Frameworks & standards
• Align stability with operations

(ISC)² Certified Authorization Cloud Security Management IAPP Certified Information

Professional (CAP) • Design requirements
Privacy Manager (CIPM)
• Risk management program • Platform, data & app security • Company vision & team
• Security & privacy controls • Legal & compliance • Implement privacy program
• Continuous monitoring • Measure & communicate

Other potential Security Manager training: ISACA Certified Information Security Manager (CISM), ISACA Create your free Infosec Skills account to
Certified in Risk and Information Systems Control (CRISC), NIST Cybersecurity Framework and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Privacy Manager
What is a Privacy Manager?
A Privacy Manager is responsible for the development,
creation, maintenance and enforcement of the privacy
policies and procedures of an organization. They ensure
compliance with all privacy-related laws and regulations. The
Privacy Manager takes an active lead role when a privacy
incident or data breach occurs and will start the investigation.
They will then monitor, track and resolve any privacy issues.
Role at a glance
The Privacy Manager builds a strategic and comprehensive
privacy program for their organization that minimizes risk Core domains
and ensures the confidentiality of protected information.
» Oversee and govern
» Legal advice and advocacy
How this role helps my organization
Privacy Managers come from a variety of backgrounds Related job titles
ranging from technical practitioners to legal experts to people » Compliance officer
managers. Regardless of their background, they require a
» Privacy officer
training plan that builds their knowledge and skills around
understanding legal requirements, translating external » Compliance manager
requirements into policies and procedures, and managing » Privacy leader
processes.
» Data protection officer

What will my team learn? Related NICE Work Roles

The Privacy Manager Role in Infosec Skills aligns with 15 » Privacy officer/privacy
Knowledge Statements and four Skill Statements in the compliance manager
NICE Framework, which primarily roll up to the following
competencies:
» Legal, government and » Telecommunications
jurisprudence » Risk management
» Vulnerabilities assessment » Requirements analysis
» Data privacy and » Organizational awareness
protection » Infrastructure design
» Business continuity » Information systems/
» TPO (third party oversight) network security
» Threat analysis

Common frameworks and documentation

» NIST Privacy Framework » Incident response
» Privacy impact » Risk Management
assessments (PIA) Framework View all Privacy Manager
» Knowledge of data » NIST SP 800-53 training
protection laws and » NIST SP 800-37
regulations » NIST SP 800-60 View Training
» GDPR
» FERPA
» The Privacy Act of 1974 24
INFOSEC SKILLS SAMPLE TRAINING PLAN

Privacy Manager
Build your team’s privacy skills and learn to create a strategic and comprehensive
privacy program with the Privacy Manager Role training plan. Use the pre-built
training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

IAPP Certified Information Privacy Professional/U.S. IAPP Certified Information Privacy Manager (CIPM)
(CIPP/US) • Company vision & team
• Private-sector data use • Implement privacy program
• Government & court data access • Measure & communicate
• Federal, state & workplace laws

NIST Cybersecurity Framework Information Privacy Essentials

• Legal guidelines • Global data protection laws
• NIST CSF implementation • U.S. laws & regulations
• CSF components & processes • Frameworks & standards

Specialize your team’s skillsets (Elective)

Cybersecurity Audit Cybersecurity Management Implementing Controls for HIPAA

Fundamentals • Security metrics & controls
Compliance
• Governance & due diligence • Incident response & recovery • HIPAA models & protocols
• Security operations components • Security activities & architecture • HIPAA controls
• Digital assets & controls • HIPAA security incidents

(ISC)² Certified Information

Systems Security Professional
• Security operations
• Network & asset security
• Security assessment & testing

Apply your team’s skills (Continuing Ed)

NIST Cybersecurity Framework Incident Response Project Secure Coding Fundamentals

Project • Wireshark, Zeek & Volatility
Project
• Perform a gap analysis • Watering hole attack • Identify vulnerabilities in code
• FIPS 199 & NIST SP 800-60 • SQL injection attack • How exploits work
• NIST SP 800-53 controls • Injection, overflow & XSS attacks

Other potential Privacy Manager training: CIPP/Europe (CIPP/E), Certified Create your free Infosec Skills account to
Information Privacy Technologist (CIPT) and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Secure Coder
What is a Secure Coder?
Secure coders are responsible for developing and writing
secure code in a way that protects against security
vulnerabilities like bugs, defects and logic flaws. They take
proactive steps to introduce secure coding methodologies
before the application or software is introduced into a Role at a glance
production environment, often following recommendations
from the Open Web Application Security Project (OWASP)
Foundation. Core domains
» Software development

How this role helps my organization » Vulnerability assessment

If it’s true that every company is a software company, then Related job titles
Secure Coders are the backbone that keeps your organization
running securely. An effective training program should » Security software developer
include both widely applicable secure coding methodologies » Software testing engineer
as well as training related to specific coding languages within
your organization.
Related NICE Work Roles
» Software developer
What will my team learn? » Secure software assessor
The Secure Coder Role in Infosec Skills aligns with 44
Knowledge Statements and 14 Skill Statements in the
NICE Framework, which primarily roll up to the following
competencies:
» Software development » Information systems/
» Computer languages network security
» Vulnerabilities assessment » Information assurance
» Risk management » Data privacy and
» Infrastructure design protection
» Systems testing and » Identity management
evaluation

Common tools and technology

» VisualCodeGrepper » Kiuwan
» Coverity » Kritika
» Veracode » Gamma
» Cppcheck » Code Compare
» Clang » Parasoft
» RIPS
» Flawfinder View all Secure Coder
» DevBug training
» SonarQube
» PVS-Studio View Training

26
INFOSEC SKILLS SAMPLE TRAINING PLAN

Secure Coder
Upskill your engineering team and ensure your software and applications are
protected from vulnerabilities with the Secure Coder Role training plan. Use the
pre-built training below or customize the plan to meet your organization’s goals.

Build your team’s skills (Core)

CertNexus Cyber Secure Coder Secure SDLC

• Implement common protections • Secure design, build & deployment
• Test software & fix defects • Test & validate software
• Maintain deployed software • Incidents during code lifecycle

Writing Secure Code in PHP OWASP Top Ten

• PHP best practices • Common web app risks
• Environment & cryptography principles • Risk severity & ranking
• Mitigate against common attacks • How to prevent risks

Specialize your team’s skillsets (Elective)

DevSecOps Developing in Splunk Database Security

• Source control management • Splunk basics • Laws & regulations
• Secure CI/CD pipeline • Build Splunk apps • Data in use, in transit & at rest
• Container security • Splunk REST API • Standards & disaster recovery

Container Security Software Security Testing Offensive Bash Scripting

• Container basics • Methodology & processes • Bash & Python basics
• Docker security • Identify & exploit vulnerabilities • Reconnaissance & scanning
• Kubernetes security • Break security systems • Privilege escalation

Apply your team’s skills (Continuing Ed)

Secure Coding Cyber Range Python Code Security Cyber Range C++ Code Security Cyber Range
• Javascript • Common issues • Common issues
• Java • Perform control flow analysis • Perform control flow analysis
• C/C++, PHP & Python • Recognize vulnerabilities • Recognize vulnerabilities

Other potential Secure Coder training: Writing Secure Code for Android, Writing Create your free Infosec Skills account to
Secure Code for iOS, HTML5 Security, PCI DSS for Developers and more. see all role-guided training

See All Training

Want to speak to someone? Book a meeting now.
Additional resources
Defeat cybercrime through education
» Upskill your IT, security and engineering teams
» Educate employees with security awareness
» Talk to someone about cybersecurity training

More free resources from Infosec

» 2021 IT and Security Talent Pipeline Study
» 2021 Cybersecurity Role and Career Path Clarity Study
» Developing Cybersecurity Talent and Teams Ebook
» Security Awareness, Behavior Change and Culture
Ebook
» Cyber Work Podcast
» Infosec webcasts and events
» Infosec YouTube channel
» Infosec Resources blog

28
About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT
and security professionals advance their careers with skills development
and certifications while empowering all employees with security
awareness and privacy training to stay cyber-safe at work and home. It’s
our mission to equip all organizations and individuals with the know-how
and confidence to outsmart cybercrime.

Learn more at infosecinstitute.com

©2022 Infosec, Inc. All rights reserved.