Information technology and cyber security qualification center

State Scientific and Research Institute

of Cybersecurity Technologies and Information Protection
  2. List

List

Approved (current) professional standards.

Separately indicated (underlined) qualifications for which certification can be carried out:





#1. Professional standard: "Developer of information protection systems"


Professional qualifications:


    

  • Developer of information protection systems
    • 

  • Leading developer of information protection systems
    • 



The main purpose of professional activity:


Design, development, testing and evaluation of information protection systems throughout the life cycle of their development.


Look at the standard. 


#2. Professional standard: "Administrator of networks and systems"


Professional qualifications:


    

  • Junior administrator of networks and systems
    • 

  • Administrator of networks and systems
    • 

  • Leading administrator of networks and systems
    • 



The main purpose of professional activity:


Installation and maintenance of networks and systems, their specific components (installation, configuration and updating of hardware and software, maintenance of databases, creation and management of user accounts, supervision or execution of backup and recovery, implementation of operational and technical security controls; compliance with policies and organization security procedures, etc.). Administration of a data management system that allows you to securely store, process, request, protect and use data.


Look at the standard. 


#3. Professional standard: "Specialist in the field of information protection"


Professional qualifications:


    

  • Specialist in the field of information protection
    • 

  • Leading specialist in the field of information protection
    • 



The main purpose of professional activity:


Ensuring security (confidentiality, integrity, availability) of information processed (transmitted) in information (automated), electronic communication and information and communication systems against unauthorized actions with information (including computer viruses), leakage through technical channels and special effects on means processing of information, as well as information voiced at the objects of information activity, leakage through technical channels.


Look at the standard. 


#4. Professional standard: "Security analyst of information and telecommunication systems"


Professional qualifications:


    

  • Security analyst of information and telecommunication systems
    • 

  • Leading security analyst of information and telecommunication systems
    • 



The main purpose of professional activity:


Collection, processing, analysis and dissemination of cyber threat/warning assessment results. Research, analyze and participate in cyber incident response in cyberspace.


Look at the standard. 


#5. Professional standard: "Security specialist (information and communication technologies)"


Professional qualifications:


    

  • Security specialist (information and communication technologies)
    • 

  • Leading security specialist (information and communication technologies)
    • 



The main purpose of professional activity:


Organization and provision of cyber security of information systems and information and communication technologies; management of the consequences of information security threats within the organization, including management of special programs (projects) of other areas of responsibility; formation of strategic development of the organization, personnel, infrastructure, security requirements, as well as development and implementation of the institution's information security policy and strategy; planning information security and cyber protection measures in case of emergencies or incidents; awareness of the security of information resources of the organization or enclave, institutions and enterprises of various forms of ownership.


Look at the standard. 


#6. Professional standard: "Instructor-methodologist in information security and cyber security"


Professional qualifications:


    

  • Instructor-methodologist in information security and cyber security
    • 

  • Leading instructor-methodologist in information security and cyber security
    • 



The main purpose of professional activity:


Provision of educational, advisory and methodical services in the field of information security and cyber security.


Look at the standard.


#7. Professional standard: "Cyber defense infrastructure support specialist"


Professional qualifications:


    

  • Junior cyber defense infrastructure support specialist.
    • 

  • Cyber defense infrastructure support specialist.
    • 

  • Leading defense infrastructure support specialist.
    • 



The main purpose of professional activity:


Testing, implementation, deployment, support and administration of cyber security infrastructure hardware and software.


Look at the standard.


#8. Professional standard: «Cyber defense incident responder»


Professional qualifications: 


    

  • Junior cyber defense incident responder.
    • 

  • Cyber defense incident responder.
    • 

  • Leading cyber defense incident responder.
    • 



The main purpose of professional activity:


Analysis, assessment of cyber security incidents within the network environment and response to them. Addressing and mitigating cyber security incidents. Tracking, assessment of the state of cyber security of systems and timely notification of cyber security incidents. Restoring the functionality of systems and processes to working condition. Research and analysis of response measures, evaluation of effectiveness and improvement of existing practices. Accumulation and analysis of data on cyber threats.


Look at the standard.


#9. Professional standard: «IT program auditor (Cybersecurity auditor)»


Professional qualifications: 


    

  • Auditor of information technologies (cyber security).
    • 

  • Leading auditor of information technologies (cyber security).
    • 

  • Auditor of information security management systems.
    • 

  • Lead auditor of information security management systems.
    • 

  • Head of the information security management systems audit team.
    • 



The main purpose of professional activity:


Conducting an internal and external audit of informatization objects to provide objective qualitative and quantitative assessments of the current state of the organization's information security in accordance with the criteria and security indicators defined in the normative-legal, normative-technical base. Forming recommendations, based on the provided assessments, to strengthen the information security management system, support resilience plans, and restore the normal functioning of the organization's infrastructure after incidents and emergency situations.


Look at the standard.


#10. Professional standard: «Cyber policy and strategy planner»


Professional qualifications: 


    

  • Cyber policy and strategy planner.
    • 

  • Leading cyber policy and strategy planner.
    • 



The main purpose of professional activity:


Planning, development, implementation and support, monitoring of policies, legislative, regulatory, organizational and technical measures of information and cyber security, as well as providing educational, advisory services and maintaining communication with stakeholders in the specified area.


Look at the standard.