Professional Titles

What are Professional Titles?

UK Cyber Security Council (UK CSC) is creating a vibrant and diverse cyber security industry that supports individuals as they develop the necessary skills to raise global cyber excellence.

Through this programme, cyber professionals can apply for one of four Professional Titles aligned to the UK CSC’s Professional Standard, with each title requiring increasing levels of demonstrable experience and expertise.

Becoming professionally registered is not only a reflection of an individual's commitment to their industry, it provides proof that their skills have been proven in a work-based, practical environment. It could also provide opportunities for career development.

Why apply through CREST?

We have been licensed by the the UK CSC to grant Professional Titles within the Security Testing specialism.

We are delighted to be offering applicants an alternative route to acquire their Professional Title in this specialism. As an alternative to undertaking a formal interview, our applicants complete an application form and provide an employer testimonial.

We believe this is more inclusive for those that find interviews particularly difficult and ultimately saves applicants time. It also provides an opportunity for employers to actively support their employees' professional development.

Currently available

Chartered Cyber Security Professional (ChCSP)

Becoming Chartered is the highest recognition and a significant milestone in a professional’s career, validating their considerable expertise and competence.

A Chartered Cyber Security Professional (ChCSP) will have significant practical knowledge in several Specialisms, though should have a particular Specialism at which they are an acknowledged expert. As such, they should be operating at a level where their professional opinion may reasonably be sought to contribute to the development of the overall cyber security profession.

A Chartered Cyber Security Professional (ChCSP) will be able to demonstrate competence and commitment in all the areas below and provide appropriate evidence. The UK Cyber Security Council Standard for Professional Competence and Commitment (UK CSC SPCC) sets a clear assessment criteria, taking into account existing qualifications/certifications and experience.

The Minimum Qualification Level (standard) states the level of knowledge required for each Professional Title. Applicants will be able to prove they meet the minimum standard by holding relevant qualifications.

The examples of evidence documented in the UK CSC SPCC are intended as examples only as the most appropriate evidence will vary with each individual role and their associated Specialism. Examples should not be considered as complete or prescriptive and other types of evidence may be valid.

Chartered Cyber Security Professionals should demonstrate:

that they have effective communications and interpersonal skills to operate at all levels within and without an organisation, with their peers and those who have little or no knowledge of cyber security.
that they have developed effective management skills and are able to demonstrate their ability to lead and mentor groups and individuals in a personal, technical, or business cyber security environment.
that they have the highest level of integrity, morals, and ethical values.
that they are committed to the continued development of themselves and the cyber security profession.

Principal Cyber Security Professional (PCSP)

A Principal Cyber Security Professional will have practical experience in a specific Specialism, at which they are an expert practitioner, and have experience in other Specialisms. As such, they should be operating at a level where their professional expertise may reasonably be sought to contribute to the development of their specific Specialism.

A Principal Cyber Security Professional will be able to demonstrate competence and commitment in all the areas below and provide appropriate evidence. The UK Cyber Security Council Standard for Professional Competence and Commitment (UK CSC SPCC) sets a clear assessment criteria, taking into account existing qualifications/certifications and experience.

Principal Cyber Security Professionals should demonstrate:

their knowledge, understanding and experience relating to their Specialism, including experience of cyber security in another Specialism.
that they have appropriate communications and interpersonal skills to fulfil their role within their organisation. This includes communicating with those who may have little or no knowledge of cyber security.
that they have developed management skills and are able to demonstrate their ability to lead groups and individuals in a personal, technical, or business cyber security environment.
that they have high levels of integrity, morals and ethical values.
that they are committed to the continued development of themselves and the cyber security profession.

Coming soon

Practitioner (under development)

CREST is currently participating in a pilot with the UK CSC to offer this title in the future. The pilot is currently closed to new applicants.

Please check back at a later date for more information.

Associate Cyber Security Professional (ACSP)

This title is not currently being offered by the UK Cyber Security Council.

Please check back at a later date for more information.

Find out more about Professional Titles through CREST

Check out our useful information