I’m looking to start a career in GRC. Been searching a bunch of different things (e.g. cybersecurity internal audit, GRC analyst, cyber audit, risk analyst, etc.) but everything that’s coming up is mid-senior positions, manager positions, etc.

  • @hellofriendOP
    link
    English
    12 months ago

    I’ve actually just done a bit of digging on it and it seems that CISSP is used in Canada, so I might pull the trigger on that. I’m also considering Unixguy’s GRC Mastery course. Happen to know anything about it? I don’t think it counts as a certification proper, but it might be good to show employers what I’m interested in and that I’ve already put in some work.

    • Nomecks
      link
      fedilink
      English
      12 months ago

      You need five years of experience in cybersecurity, or sponsorship from another CISSP to get certified. NIST and ISO are followed by lots of companies, and ISA-62443 is a big one for OT cyber.

      • @hellofriendOP
        link
        English
        12 months ago

        Guess I shoulda done more digging lol. Thanks for the help. Btw, do you know much about PECB’s courses? They have some ISO stuff that’s GRC specific, might look into it.