This podcast is for both seasoned information security professionals and those who desiring a career in infosec, risk management or privacy. To that end there are agencies that can be beneficial for those at the beginning of their careers or those who are interested in more peer and community engagement.
There are various roles in information security: Red team, Blue Team, incident handlers, consultants and strategists to name a few.
ISSA – Information Systems Security Association
ISSA is an older professional information security organization. Years ago this association spun off the (isc)2 as an education/certification organization. With the relative value of obtaining certification versus being involved in the association (isc)2 has surpassed ISSA membership
I am Membership Director for my local ISSA chapter.
ISACA – Information Systems Audit & Control Association
The professional association for audit and compliance professionals in the information/technology space.
This org also accredits:
e..g, CRISC, CISA, CISM
(isc)2 – International Information Systems Security Certification Consortium
The education/cert association fostered by ISSA. I believe (isc)2 has surpassed ISSA in recognition within the infosec community based on professionals’ focus on certification. (isc)2 publishes its information about infosec within its Common Body of Knowledge (CBK) documentation.
e.g., CISSP, CCFP, CSSLP, CCSP
SANS/GIAC – Global Information Accreditation Corp (?)
Certifies for numerous information security skillsets
e.g., GSEC, GCIH, GCCC
I hold GCCC certification #242
EC Council –
Education organization the certifies for Certified Ethical Hacker (CEH).
e.g., CEH, CHFI, EDRP
Training and certification organization.
e.g., Security+, Cloud+, Mobile+, Server+
Most of these accreditations require some time component working in a specific role or, as in the ccase of the CISSP, time-in-seat- within two domains of the (isc)2’s CBK