Skip links and keyboard navigation

Cyber security careers: Governance, risk and compliance

This career stream provides leadership, management, direction or development and advocacy to enable the organisation to effectively conduct cyber security work.

Speciality areas

  • Cyber security awareness and training
  • Cyber security advice and advocacy
  • Strategic planning and policy development
  • Information security risk management
  • Information Security Management System
  • Cyber security audit and policy compliance

Example roles

  • Chief Information Security Officer
  • Manager Information Security and Risk
  • Principal Security Specialist
  • Security Administrator
  • Security specialist

Information assurance

As defined by the SFIA foundation: Information assurance is the protection of integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit. The management of risk in a pragmatic and cost-effective manner to ensure stakeholder confidence. Here are some ways you could build this skill, which applies to a range of cyber security roles.

Certifications

  • CISM Certified Information Security Manager
  • CISSP Certified Information Systems Security Professional
  • Certified Information Systems Auditor (CISA) Certification
  • CRISC Certified in Risk and Information Systems Control
  • CCSP Certified Cloud Security Professional
  • Security+
  • SANS GISP
  • SANS GSNA
  • COBIT 5
  • Information Technology Infrastructure Library (ITIL)
  • Information Technology Service Management (ITSM)
  • ISO 27001 LI and ISO 27001 LA

Courses

  • COBIT 5
  • Information Technology Infrastructure Library (ITIL)
  • Information Technology Service Management (ITSM)

Frameworks

  • ISO 27001 LI and ISO 27001 LA