Standardizing
Security Titles
An open-source framework for consistent job titles, levels, and expectations across the cybersecurity industry.
Why This Matters
A "Senior Security Engineer" at one company might equal a "Security Analyst II" at another. This inconsistency makes it hard to compare roles, set fair compensation, and define clear career paths. Security Titles provides a common language for the industry.
NICE Framework Aligned
Every role includes a best-effort mapping to the NIST NICE Workforce Framework SP 800-181r1 — the federal standard for cybersecurity work roles. Each mapping shows the closest NICE Work Role, the strength of the match, and where the frameworks diverge.
Browse Role Frameworks
Offensive Security
Penetration testers, red team analysts & engineers, purple team specialists, and offensive security management.
- Penetration Testing
- Red Team Analyst
- Red Team Engineer
- Purple Team
- Management
Defensive Security
SOC analysts, incident responders, insider threat, security administrators, engineers, architects, and management.
- SOC Analyst
- Incident Responder
- Security Admin
- Security Engineer
- Security Architect
- Insider Threat
- Management
Governance, Risk & Compliance
Professionals who enable the business through risk management, compliance, policy governance, and privacy.
- Risk Analyst
- Compliance Analyst
- Governance Analyst
- GRC Engineer
- Privacy
Identity & Access Management
Covering identity governance, authentication, privileged access, directory services, and identity security.
- IGA
- Access Mgmt
- PAM
- Directory Services
- CIAM
- IAM Architect
- Identity Security
Specialized Roles
Cross-functional and domain-specific security roles spanning vulnerability management, AppSec, cloud security, forensics, threat intelligence, fraud, OT security, and physical security.
- EVM
- AppSec
- CloudSec
- Forensics
- CTI
- Cyber Fraud
- OT Security
- Physical Security
Leadership
Executive and senior leadership roles spanning all security functions, from Director to CISO.
- Director
- Senior Director
- VP / SVP
- CISO
Security Consulting
Big 4 consulting career ladder, vCISO services, and Fractional CISO practice for multi-client advisory work.
- Analyst
- Manager
- Director
- Partner
- vCISO
- Fractional CISO
What Each Framework Covers
Use Cases
For Hiring Managers
Write accurate job descriptions, set appropriate compensation, and benchmark candidates against industry standards.
For Job Seekers
Understand where you fit, identify skill gaps, negotiate compensation, and plan your career progression.
For Team Leads
Define career ladders, set promotion criteria, and create development plans for your team members.
For Organizations
Standardize titles across departments, align compensation with market rates, and build consistent job families.