Cybersecurity Adjacent Work Roles

In conjunction with the core roles that define the cybersecurity occupation discussed in this NOS, there are several adjacent roles that have cybersecurity responsibilities which typically form only part of their overall responsibilities within an organization.

While often only employed in cybersecurity in a part-time capacity, the scope and extent to which they perform these roles will vary based on organizational size, type and degree of IT/Internet enabled infrastructure. For example, for larger IT enabled organizations, all the following roles may apply. For smaller organizations that are not overly reliant on IT or internet connectivity for the conduct of their business, it is likely that a majority of the technical expertise and services will be outsourced. Accordingly, the remaining non-technical cybersecurity responsibilities will be distributed within the organization.

The table here briefly outlines common cybersecurity adjacent roles[1], the related NICE ID if applicable, the associated NOC and the main cybersecurity responsibilities. Assuming that the majority of individuals in such roles already have the required competencies for their primary roles and functions, only cybersecurity functions are provided with key competencies. Specifically, for the existing workforce community and, in particular, educators, these should guide discussion around adapting training and education programs to more closely reflect the cybersecurity realities of the Canadian labour market.
[1] Other roles will be added as they are identified or emerge and follow the NOS update process outlined in the Review and Revision section presented earlier in this document.