I’m looking to start a career in GRC. Been searching a bunch of different things (e.g. cybersecurity internal audit, GRC analyst, cyber audit, risk analyst, etc.) but everything that’s coming up is mid-senior positions, manager positions, etc.

  • hellofriend@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    I’ve actually just done a bit of digging on it and it seems that CISSP is used in Canada, so I might pull the trigger on that. I’m also considering Unixguy’s GRC Mastery course. Happen to know anything about it? I don’t think it counts as a certification proper, but it might be good to show employers what I’m interested in and that I’ve already put in some work.

    • Nomecks
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      You need five years of experience in cybersecurity, or sponsorship from another CISSP to get certified. NIST and ISO are followed by lots of companies, and ISA-62443 is a big one for OT cyber.

      • hellofriend@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        Guess I shoulda done more digging lol. Thanks for the help. Btw, do you know much about PECB’s courses? They have some ISO stuff that’s GRC specific, might look into it.