CHIEF INFORMATION SECURITY OFFICER CISO+CISSP COURSE

• A foundation for the world of information security: handling people and handling processes. I.e.: Management aspects and aspects related to handling the business aspect - risk management, legal and regulatory aspects, and addressing the inherent contradiction between the security tasks and the needs of the organization’s openness. In many cases, the CISO is also responsible for performing a technical and administrative audit of the Information Security Team Manager.
• Areas of Knowledge Required: Training from the Architect’s World, as well as Government Protection. In addition, organization, methods, and management of cyber protection unit.
• This role will usually be filled by See Security CISO trainee, or CISSP-certified self-trained, or at least CISM. It is recommended to complete their education in the future (or before), even though academic degree in industry and management, economy and management, business administration, and academic tracks with similar orientation.
• מקורו של ה-CISO הוא בתפקיד ארכיטקט אבטחת המידע, אך כולל בנוסף לטיפול במימד הטכני, גם את שני המימדים הנוספים המהווים בסיס לעולם אבטחת המידע: טיפול באנשים וטיפול בתהליכים. כלומר: היבטים ניהוליים והיבטים הקשורים לטיפול בפן העסקי – ניהול סיכונים, טיפול בהיבטי חוק ורגולציה, וטיפול בסתירה האינהרנטית שבין משימות האבטחה לצרכי הפתיחות של הארגון. במקרים רבים – ה-CISO אחראי גם לביצוע ביקורת טכנית ומנהלית על מנהל צוות אבטחת המידע.

Job Requirements include:

• Introducing the world of information security, including a variety of security products (FW, DLP, NAC, etc.)
• Controlling GRC issues like Governance, Risk Management and Compliance.
• Familiarity with procedures and regulations in the field of information security, such as: ISO27001, GDPR, NIST - mandatory.
• Relevant IT and Cyber Certification, such as CSMP - Cyber Security Methodology Professional or CSTP - Cyber Security Technology Professional.
• CISSP certification - advantage.
• High verbal and written expression ability in both Hebrew and English
• Academic education - advantage.
• Experience in IT infrastructure - advantage.
• Knowledge of cyber defense architecture - advantage

• The architect is the brain behind information security. He will face the attacker, plan the system, guide the implementers in their work, design the work method, track the events for the purpose of locating an attack, and guide the response and dealing with an attack. The architect is responsible for designing and building defenses against the operating systems, telecommunications networks, code, and applications against hackers. His role will be carried out through guidelines for implementing information security. Cyber Defense Architect will be found in medium and large general organizations, and in information security consulting and service companies. In small companies, the role will be performed by the network administrator, the System Administrator, or the Communications Manager.
• · The architectural challenges are diverse and include coping with multisystem planning, 3D vision of implementing information security solutions and examining their effectiveness, taking into account their assimilation into society and their impact on the efficiency of society. In other words, the position requires high attention both for solving or mediating information security problems with minimal or all harm, at the availability of the company’s services and its ongoing work.
• Cyber Defense Architect Requirements: Knowledge in Operating Systems and Communication
• Areas of knowledge required: strengthening of computer infrastructure, application hardening, cyber protection tools and technologies, and understanding of the world of hacking. Experience or training in the implementation of information security tools as an implementation is an advantage but is not required.
• What needs to be learned? If you have studied or are engaged in network management, you must study tool and technology architecture, attack techniques, and defense techniques.
• Those who choose this route are advised to complete their education later on through a Bachelor's degree in Information Systems Engineering, Industrial Engineering and Management, Information Systems Management or similar orientation academic tracks.

Development Route

• A cybersecurity architect may move forward to the role of CISO. Familiarity with solution architecture provides unique vision and rich technological experience that will enable CISO to make up-to-date and well-studied management decisions.
• Cyber Defense Architect will be able to perform sales and sales engineering roles across a wide range of manufacturers, implementation companies and organizations. Knowing the technological, network and IT needs of one organization or another gives them advantages in planning and selling the solution.
• A cybersecurity architect can also integrate into product management roles. Our vast experience in multi-system design and knowledge in implementing technological solutions provides a unique perspective that enables the development of a product that meets market requirements that is better suited to the needs of the customer.

• The role of a cyber defense methodology expert is based on casting content to the technological defense pattern. This content is drawn from a set of rules, including professional guidance and full responsibility for organizational processes in the field of cyber protection, such as: guidance in establishing an organizational cyber defense system, professional guidance, and accompaniment of projects in the aspects of cyber protection, supply chain security, business continuity, disaster recovery (DR.) and business impact analysis. All of this, while settling the contradictions that stem from the need to strengthen the defensive rings on the one hand and the need to allow the current businesses to continue to exist freely, on the other.
• The National Cyber Directorate refers to this profession as one of the most essential components of the cyber unit's commitment to its cyber security.
• The essence of the profession according to the cyber system:
• Formulating, characterizing and realizing perceptions, methods and methodologies for cyber protection in the organization.
• Implementation of regulatory aspects (regulation) and Israeli and international standards and privacy protection aspects.
• Risk management in cyber protection.
• Professional guidance and full responsibility for organizational processes in the field of cyber protection, such as: accompanying the establishment of an organizational cyber defense system, professional guidance and accompaniment of projects in the aspects of cyber protection, supply chain security, business continuity, disaster recovery and business impact analysis.
• All this while recognizing and understanding the activity, needs and organizational goals.
• Responsibility to contact the organization's management for policy approval, to make sure that the backup is implemented by the organization's perceptions, methods, and methodologies for cyber protection through official letter of appointment, internal marketing support and budget.

Job Requirements include:

• Introducing the world of information security, including a variety of security products (FW, DLP, NAC, etc.).
• Controlling GRC issues like Governance, Risk Management and Compliance.
• Familiarity with procedures and regulations in the field of information security, such as: ISO27001, GDPR, NIST - mandatory.
• CSMP - Cyber Security Methodology Professional - Certified for IT and Cyber.
• CGRC/CISSP certification - advantage.
• Strong verbal and written expression in both Hebrew and English.
• Academic education - advantage.
• Experience in IT infrastructure - advantage.
• Knowledge of cyber defense architecture - advantage.

Development Route

• Filling the positions of an expert in cyber protection methodologies in various organizations is a unique position that carries with it many advantages in a variety of fields and lifestyles, such as: in-depth familiarity with international standards in the field, familiarity with information security solutions in the market, project management and support of end-to-end organizational processes.
• From this position it is possible to quickly advance in the ranks and move to CISO and consulting positions.

The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security market. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

This cybersecurity certification is an elite way to demonstrate your knowledge, advance your career and become a member of a community of cybersecurity leaders. It shows you have all it takes to design, engineer, implement and run an information security program. The CISSP is an objective measure of excellence. It’s the most globally recognized standard of achievement in the industry. And this cybersecurity certification was the first information security credential to meet the strict conditions of ISO/IEC Standard 17024.

The broad spectrum of topics included in the CISSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following 8 domains:

Security and Risk Management

Asset Security

Security Architecture and Engineering

Communication and Network Security

Identity and Access Management (IAM)

Security Assessment and Testing

Security Operations

Software Development Security

Candidates must have a minimum of 5 years cumulative paid full-time work experience in 2 or more of the 8 domains of the CISSP CBK. Earning a 4-year college degree regional equivalent or an additional credential from the (ISC)² approved list will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience. A candidate that doesn’t have the required experience to become a CISSP may become an Associate of (ISC)² by successfully passing the CISSP examination. The Associate of (ISC)² will then have 6 years to earn the 5 years required experience.

June 21st, 2023

Dear Mr. Weissman,

Re: (ISC)² Official Training Partner (OTP) Letter of Confirmation

Please accept this letter as confirmation that, as of the date of this letter, SEE SECURITY TECHNOLOGY Ltd is an (ISC)² Official Training Partner (OTP) in Israel and a provider of CISO programmes.

See Security Technology Ltd has been an (ISC)² Official Training Partner for over 5 years to enable the delivery of Official (ISC)² CISSP Training & Certification Programme in Israel, supporting the ongoing development of information and cyber security professionals through education, training, certification & membership.

See Security Technology provides (ISC)² authorised instruction in two ways:

1) CISSP Bootcamp - 40 hours of study with official (ISC)² courseware and instructors, specifically for experienced cyber security professionals.

2) CISO Programme - The sole provider and creator of this programme in this format is See Security Technology, 288 hours of study for professionals who wish to advance their knowledge and increase proficiency.

The course incorporates the official (ISC)² CISSP course, courseware and instructors.

The above programmes require authorization of use by (ISC)² and a fee per delegate. (ISC)² does not allow the use of its Official IP/materials in any unapproved manner.

As an Official Training Partner of (ISC)², See Security Technology Ltd continues to develop a network of experienced subject matter experts for approval as (ISC)² Authorized Instructors to deliver Official (ISC)² CISSP Training to their growing portfolio of B2C, B2B & B2G client base.

If you require any further information in support of See Security Technology Ltd please do not hesitate to contact me directly.

Yours sincerely

Mbarfoot

Marc Barfoot

Manager, Commercial Partnerships

(ISC)², Ltd.

Level 1 Devonshire House One Mayfair Place London, W1J8AJ United Kingdom mbarfoot@isc2.org