XClose

UCL Career Frameworks

Home
Menu

Information Security

The Information Security careers family sits within the Information Technology practice area. An example career pathway could take you from Security Analyst to Head of Risk and Governance.

Image of the portico
What is Information Security

Many of the skills used when working in information security are already cover by other job families.  If you are going to be a security architect, then you probably want to start by looking at the skills in the “strategy and architecture” family.  Likewise, if you think you might be interested in working in as a Security Analyst then you should probably start off by reading up on the skills outlined in Delivery and Operation.

There are a huge range of different roles within Information Security, looked at closely there are perhaps ten different roles within the UCL security team due to differences in grade and focus of responsibility. However, for ease of presentation we have grouped all the roles into two broad categories Security Operations and Governance, Risk and Compliance. Some people will be firmly in one job family and others will have a blend of skills from both families.

  • Security Operations
    SecOps is the skills family that most people probably think of first when security comes up.  These are the people who monitor systems, respond to alerts, scan for vulnerabilities, and want to have copies of your log files. Jobs in this family include Security Analyst, Senior Security Analyst, Security Operation Centre Manager, Vulnerability Manager and Penetration Tester

  • Governance, Risk and Compliance
    Traditionally GRC covers drafting policies, setting standards, helping an organisation to understand security risks, and auditing and tracking compliance. Jobs in this family include Risk Assessor, Auditor, Security Trainer, Security Awareness Coordinator and Security Architect.

Role Profiles