@joshgister "analysts" dont build things

@joshgister That is kinda impossible without knowing more details (which you probably shouldn't share publicly)

@joshgister "cyber security" is common terminology in DoD and US govt, but I continually wonder how (unironically) accepted it is outside those circles. You might get different pools of candidates between one or the other.

@joshgister my thought, if they’re designing things - architecture diagrams, picking security tools, etc - it’s an architect. Maintaining the systems and building them out is engineering … monitoring and triage of security events - analyst

@joshgister I'm in the program manager (or titled with similar meaning, based on how your org does titles) camp.

@joshgister None of those titles seem to match what you are describing. Why not hire a leader who has the managerial skills to manage the third parties and build a team with a vision. The role would be leadership from the start, even if it’s just leading a team of one plus the vendors. The “could become leadership” bit sounds like code for “we want to under-pay and over-work someone using a promotion as a carrot”. I’m not saying that is your intent, I’m saying that’s what it sounds like. Regardless of the title, you’re looking for someone who can do the work but wants to become a manager and build something out themselves. Use leadership titles to attract that person, and a good description to make sure you get someone who can do both sides.

@joshgister What’s the primary role? Designing wholistic security into your software, systems, and interconnections? Architect
Building security tools and deploying edr/network ids/firewalls? Engineer
Consuming and correlating events, building dashboards, and responding to incidents? Analyst
Focusing on maintaining regulatory compliance and meeting org security objectives by deciding what third party and internal services to create and consume? Program Manager

@joshgister If you're looking for a "builder," engineer seems more appropriate than "analyst."

@joshgister Building and maintaining systems and professional relationships - Engineer

@joshgister From available posts; do cat @r3db34rdh4x @gregporterfield answers >> final_answer.txt; done

@joshgister if you want them to build the program then none of these. Information Security Manager is more appropriate.

@joshgister analysts dont build, engineer is a bit too hands on since you want lots of soft skills in the role and someone to build a team around that works strategically and I assume is quite involved in customer engagements.
Architect perhaps, depending on how your org uses that title otherwise, but its not a great fit.
Security lead engineer could work.