| Document ID | CERG-GOV-JD-RISKOPS-000 |
| Version | 1.0 |
| Status | Approved |
| Classification | Public |
| Owner | Risk Pillar Leader |
| Parent Policy | CERG-POL-001 - Cybersecurity Policy |
| Review Cycle | Annual |
| Frameworks | NIST SP 800-181r1 (NICE) |
| Regulations | Cross-cutting |
| Environments | All CERG-managed workforce |
Table of Contents
- Family Overview
- Roles in This Family
- Family-Level Career Path
- Shared Certifications
- Cross-References
- Document Control
1. Family Overview
Risk Operations (JF-RISKOPS) — Maintain continuous visibility into organizational exposure; test controls; drive remediation.
| Attribute | Value |
|---|---|
| NICE Categories | PR (Protect and Defend), AN (Analyze) |
| Entry Grade | S1 |
| Terminal Grade | S4/M3 |
| Career Track | SME / Dual-track |
| Number of Roles | 7 |
This family groups roles that share a core competency profile and career progression path. Members of this family progress through four levels (L1-L4), mapped to CERG’s S1-S4/M1-M4 grade framework. See JF-001 for the complete level definitions and progression gates.
2. Roles in This Family
| Role | Document | Description |
|---|---|---|
| Exposure Management Lead | CERG-GOV-JD-RISKOPS-001 |
Owns the exposure management program: scanning, triage, SLA-driven remediation tracking. |
| Adversarial Testing Lead | CERG-GOV-JD-RISKOPS-002 |
Owns adversarial testing: pen testing, red team operations, purple team exercises, and control validation. |
| Threat Intelligence Analyst | CERG-GOV-JD-RISKOPS-003 |
Owns threat intelligence collection, analysis, production, and dissemination. |
| Detection Engineer | CERG-GOV-JD-RISKOPS-004 |
Owns detection engineering: SIEM rules, detection pipelines, ATT&CK coverage, signal-to-noise optimization. |
| OT Risk Analyst | CERG-GOV-JD-RISKOPS-005 |
Owns OT/ICS risk assessment, threat analysis for grid control systems, and OT vulnerability prioritization. |
| Identity Risk Analyst | CERG-GOV-JD-RISKOPS-006 |
Owns identity risk analysis: privileged access risk, identity hygiene, credential exposure monitoring. |
| Vendor Risk Analyst | CERG-GOV-JD-RISKOPS-007 |
Owns TPRM: vendor security assessments, supply chain risk monitoring, vendor remediation tracking. |
3. Family-Level Career Path
Progression within the Risk Operations family follows the standard four-tier structure:
- L1 (Associate) → L2 (Practitioner) → L3 (Senior) → L4 (Principal)
See JF-001 §8 for the standard progression gates (L1→L2, L2→L3, L3→L4). See JF-001 §9 for family-specific level definitions.
Cross-family movement is encouraged per the Family-to-Family Career Lattice. The Left-Right Knowledge Model (FRM-001 §9.2) and cross-training expectations (OM-001 §10.4) operationalize this movement.
4. Shared Certifications
Certifications relevant to the Risk Operations family are detailed in TRN-001. Each role’s certification matrix specifies Required, Recommended, and Aspirational certifications at each grade level. Consult the individual role description for role-specific certification requirements.
5. Cross-References
| Document | ID | Relevance |
|---|---|---|
| Job Families Overview | CERG-GOV-JF-001 |
Family structure, levels, progression gates |
| NICE Crosswalk | CERG-GOV-JF-002 |
NICE Work Role mapping for each role |
| Operating Model | CERG-GOV-OM-001 |
Canonical role roster |
| Job Architecture | CERG-GOV-JA-001 |
Grade definitions |
| Competency Model | CERG-GOV-CMP-001 |
Behavioral anchors |
| Training Framework | CERG-GOV-TRN-001 |
Certification matrix |
6. Document Control
| Field | Value |
|---|---|
| Document ID | CERG-GOV-JD-RISKOPS-000 |
| Version | 1.0 |
| Status | Approved |
| Effective Date | 2026-06-11 |
| Classification | Public |
| Owner | Risk Pillar Leader |
| Approved By | CISO |
| Parent Policy | CERG-POL-001 - Cybersecurity Policy |
| Review Cycle | Annual |
| Next Scheduled Review | 2027-06-11 |
| Frameworks | NIST SP 800-181r1 (NICE) |
| Regulations | Cross-cutting |
| Environments | All CERG-managed workforce |
Revision History
| Version | Date | Author | Change Summary |
|---|---|---|---|
| 1.0 | 2026-06-11 | Governance Pillar Leader | Initial release. Family-level index for Risk Operations (JF-RISKOPS). |
Review Triggers
- Addition or retirement of a role in this family
- Change to the NICE Work Role mappings for roles in this family
- Revision to the family-level definitions in JF-001
- Direction from the CISO
Governance owns this document. The Governance Pillar Leader (Policy & Standards) is responsible for initiating reviews, managing the revision cycle, and obtaining approval for all changes.
Related Documents
| Document | ID | Relationship |
|---|---|---|
| Cybersecurity Policy | CERG-POL-001 |
Parent policy |
| Job Families Overview | CERG-GOV-JF-001 |
Family structure and level definitions |
| NICE Crosswalk | CERG-GOV-JF-002 |
NICE Work Role mapping |
Source: roles/jf-riskops/CERG-GOV-JD-RISKOPS-000_Risk_Operations_Family.md ·
Download .md ·
View on GitHub