Now Enlisting IT Experts: CIS Benchmarks Community Roles

Have you ever wanted to be part of a global security community? Want to help develop cybersecurity recommendations for new and emerging technologies? Now’s your chance! The CIS Benchmarks are more than 100 free configuration guidelines across 25+ vendor product families including servers, applications, operating systems, mobile devices, web browsers and more. They are created through a unique consensus-development process involving volunteers from across the world. Unlike vendor-driven benchmarks, the CIS Benchmarks provide independent security guidance.

Why volunteer?

CIS Benchmarks community members enjoy collaborating and networking with thousands of cybersecurity experts from around the globe. In addition to the warm-and-fuzzy feeling you get from helping secure the connected world, you’ll be able to receive CPEs (Continuing Professional Education credits) and be recognized for major contributions to CIS Benchmarks within the documentation. Not to mention, bragging rights to your friends and family about the intricacies of FIPS encryption configuration!

Here are a few communities which are currently seeking participants:

Who helps develop?

Creating CIS Benchmark recommendations requires a wide variety of skills. We’re continuously looking for volunteers who can commit as little as an hour a week to many hours to help create and update CIS Benchmarks. It’s really up to you.  Here are some of the roles you can take on in a CIS Benchmark community:

  • Technical and Security Subject Matter Expert (SME): Individuals with expertise in a given technology family and/or in broad security issues and system interactions.
  • Technical Writer: Individuals with expertise in communicating technical subjects clearly to a diverse audience. (English is the standard language of the CIS Benchmarks).
  • Tester: Individuals with expertise in testing various criteria or rules against specific target systems and reporting results.
Arrow View the CIS Communities Page

Which role is right for me?

No matter your level of technical or professional experience, there’s a place for you in the CIS Benchmarks communities. If you’re a systems or network administrator, the SME role might be a great fit for your expertise. SME volunteers might draft a new set of configuration items for a CIS Benchmark, or lead the development of an entire CIS Benchmark document. Strong writers or proofreaders are always valued as technical writers.

Technical writers who volunteer will review and submit spelling corrections on CIS Benchmarks and look for unclear wording as well as the format of the documents.

On the other hand, if you have access to network devices or specialized hardware, the tester role might be right for you. Testers often review and comment on technical details of the open discussions or tickets on a particular CIS Benchmark to ensure recommendations are correct when applied and not impacting system.

The day-to-day work of developing the CIS Benchmarks is varied and takes people from all walks of life; all contributions are valued in our communities. “The best thing is they contain practical security recommendations. The content comes from a diverse set of contributors and considers realistic threats,” says volunteer Paul Campbell. Without it we don’t have consensus-based benchmarks.

How to get involved

You can join our CIS Benchmark communities anytime by registering on our online collaboration platform, CIS WorkBench. CIS WorkBench is free to join and contribute to the CIS Benchmarks development. There are over 12,000+ cybersecurity experts, technical engineers, risk managers, and more on CIS WorkBench today. Join the discussion today!