About this profile
​
​The cybersecurity generalist profile (focusing on areas such as ISO 27001 / IT Risk / GRC) is a foundational path into the cybersecurity domain. Many cybersecurity leaders have started here, developing a comprehensive understanding of cybersecurity and its governance.
​
​​If you enjoy auditing, conducting risk assessments, drafting policies and procedures, and implementing international standards such as ISO 27001, this role is ideal for you. It encompasses cybersecurity strategy and doesn’t require advanced technical knowledge—a basic understanding of computers and networking suffices. Cybersecurity is crucial for both commercial entities and government agencies, making this a rewarding career. Starting salaries range from Rs. 3 lakhs to Rs. 20 lakhs.
​
This profile involves assisting organizations in understanding their cybersecurity posture and compliance with various standards like ISO 27001, NIST CSF, NIST 800-53, and country-specific regulations. Typical responsibilities include conducting assessments based on these standards, helping organizations implement these standards, performing risk assessments, drafting policies, and coordinating assessment findings, amongst others.
​​
Key success factors
​​​
​Success in this profession requires strong drafting, writing, and communication skills. While technical knowledge is advantageous, it can be developed over time. Diligence, quality documentation, attention to detail, and effective client interaction skills are key. Knowledge of standards like ISO 27001 and NIST CSF is essential and can be acquired quickly.