Security levels used to be considered with respect to the security clearance levels. The expression "tiers of security" is not typically used as well.
My guess you are interested in security domains. Here below are the recognized typical domains in information security field.
Access Control
Telecommunications and Network Security
Information Security Governance and Risk Management
Software Development Security
Cryptography
Security Architecture and Design
Operations Security
Business Continuity and Disaster Recovery Planning
Legal, Regulations, Investigations and Compliance
Physical (Environmental) Security
Each of these domains is a certain part of information technology having its own set of vulnerabilities, standards, metrics, methods, and protocols to fix vulnerabilities, assess risk factors, and allowing to create security policies and govern security management in the best business interests of any organization.
Len and Jay already explicated their classifications. Apart from physical and legal security, I rather would conflate all their other items to IT or technical security. I do not see a compelling hierarchy between them, because all three are important and complement each other.