Cyber Security Generalists perform the duties of multiple cyber security specialisms in one role.
Cyber Security Generalist covers a wide variety of responsibilities, which may vary, depending on if you work as part of an organisation or as a cyber security consultant.
There are three types of generalist jobs:
If working directly at an organisation, a Cyber Security Generalist will typically be one of a handful of cyber security experts in the organisation. They will be responsible for the protection of the organisation, working closely with other teams (particularly IT development and operations staff and external providers) to identify and assess risks and manage the implementation and operation of security controls.
The exact scope of the responsibilities may vary, depending on the size and type of the organisation, and how focused senior management is on cyber security.
If working as a consultant, a Cyber Security Generalist provides broad advice on various aspects of cyber security to customers.
Compared to being a specialist in an organisation, a generalist role can provide opportunities to learn a wide range of skills and involves a broad range of responsibilities at an earlier stage of a cyber security career.
A Cyber Security Generalist will be largely responsible for every aspect of the security of an organisation’s data and its information systems.
In this specialism, you may:
With more experience, you may also:
Job Titles
For Generalist roles, job titles include:
And, for Generalist roles with more experience:
Salaries
An apprentice Cyber Security Generalist might earn between £13,000 and £20,000 a year.
A Cyber Security Generalist might earn between £22,000 and £55,000 a year. The median salary in March 2021 was £45,000.
A more experienced Cyber Security Generalist might earn between £45,000 and £75,000 a year. The median salary in March 2021 was £55,000.
The salary ranges are based on job vacancy advertisements published online in March 2021. They may not be representative of the salaries for such roles in all sectors or all regions. Median salary figures are taken from calculations performed by www.itjobswatch.co.uk.
Each of the 16 specialisms are based on knowledge areas within CyBOK.
More information on CyBOK knowledge areas can be found here.
Here are the knowledge areas associated with Cyber Security Governance & Risk Management
Core knowledge – you will need a very good understanding of these areas
Risk Management and Governance
Security management systems and organisational security controls, including standards, best practices, and approaches to risk assessment and mitigation.
Security Operations & Incident Management
The configuration, operation and maintenance of secure systems including the detection of and response to security incidents and the collection and use of threat intelligence.
And, if the responsibilities include Industrial Control Systems (ICSs):
Cyber-Physical Systems Security
Security challenges in cyber-physical systems, such as the Internet of Things and Industrial Control Systems, attacker models, safe-secure designs, and security of large-scale infrastructures.
Related knowledge – you will need a solid understanding of these areas
International and national statutory and regulatory requirements, compliance obligations, and security ethics, including data protection and developing doctrines on cyber warfare.
Authentication, Authorisation & Accountability
All aspects of identity management and authentication technologies, and architectures and tools to support authorisation and accountability in both isolated and distributed systems.
Technical details of exploits and distributed malicious systems, together with associated discovery and analysis approaches.
Usable security, social & behavioural factors impacting security, security culture and awareness as well as the impact of security controls on user behaviours.
Techniques for protecting personal information, including communications, applications, and inferences from databases and data processing. It also includes other systems supporting online rights touching on censorship and circumvention, covertness, electronic elections, and privacy in payment and identity systems.
Security aspects of networking and telecommunication protocols, including the security of routing, network security elements, and specific cryptographic protocols used for network security.
And, if the responsibilities include public-facing systems:
Issues related to web applications and services distributed across devices and frameworks, including the diverse programming paradigms and protection models.
Wider knowledge – these areas will help to provide context for your work
The application of security software engineering techniques in the whole systems development lifecycle resulting in software that is secure by default.
The collection, analysis, and reporting of digital evidence in support of incidents or criminal events.
Skills
Personal attributes
Specialist skills
CIISec Skills Groups* (additional Skills Groups may also be relevant to particular jobs).
A Generalist role may cover any set of cyber security responsibilities, so any and all of the CIISec Skills Groups could be relevant to a Generalist. Any of the work could be outsourced, but the generalist would still need to be able to direct and monitor this. The Skills Groups listed here are the minimum set which any Generalist, with broad responsibility for cyber security in an organisation, would need to be able to ensure an adequate level of cyber security if the technical services are very largely provided by third parties.
A1 – Governance
Principles:
A6 – Legal and Regulatory Environment and Compliance
Principles:
A7 – Third Party Management
Principles:
B2 – Risk Assessment
Principles:
B3 – Information Risk Management
Principles:
E1 – Secure Operations Management
Principles:
G1 – Data Protection
Principles:
*Non-Commercial - No Derivatives (BY-NC-ND) license. 2021 Copyright © The Chartered Institute of Information Security. All rights reserved. Chartered Institute of Information Security®, CIISec. Chartered Institute of Information Security®, CIISec®, AfCIIS®, ACIIS®, MCIIS®, FCIIS® and the CIISec graphic logo are trademarks owned by The Chartered Institute of Information Security and may be used only with express permission of CIISec.
Experience
A Cyber Security Generalist needs to have some understanding of most cyber security specialisms but, in most cases, need not be an expert in any of them. What's most important is having the breadth of vision and the confidence to manage several or many important aspects of an organisation’s cyber security.
This means that experience in some other types of role can provide useful experience for taking on a role as a cyber security Generalist; some of these are listed below. Note that few organisations would be willing to give substantial responsibilities for cyber security to someone who lacked significant experience in at least one cyber security specialism, so it's very unlikely that any of the jobs listed here would be sufficient on their own:
Linked Specialisms
Moving On
Cyber Security Generalists generally work in organisations that employ no specialists. However, your organisation may employ a few specialists, even though the majority of cyber security duties are handled by generalists. In such cases, or if you accept a position in another organisation which employs specialists, you should be well-equipped, even without acquiring additional specialist skills, to move into:
If, as a generalist, you have developed good skills in any of the specialisms, you should be equipped to move into almost any of them. The exceptions are cryptography development (in the Cryptography & Communications security specialism), Secure System Development or Security Testing.
With several years of experience as a generalist, you might take a senior management role, such Head of Cyber Security, or the Chief Information Security Officer (CISO).
Our qualifications framework is currently under development. Sign up to our newsletter here to be notified when this is published.
Entry route information can be found here.
You can also visit the National Cyber Security Centre website at the links below: