While at GSK I developed a career development framework based on the BCS Skills For the Information Age (SFIA) model.
I interviewed people in Security, Governance, Risk and Compliance (SGRC) roles to understand their career paths to date and the skills and competencies from the SFIA framework that they felt were most applicable to their role. This enabled me to propose role specifications for different levels of seniority, and development pathways for SGRC professionals to progress to more senior roles.
More recently, I took a similar approach to assist a CyberSecurity consultancy client in developing a Competency Framework. I used the latest version of the SFIA model to create skill profiles for over 100 consulting and support function roles, at 8 levels of seniority. These profiles were used as a basis for recruitment, retention and to define career pathways across the organisation.