|
Computer Network Defence
Jobs
Recruitment: Information Security
Computer Network Defence are experts in Information Security
Recruitment placing specialists into rewarding InfoSec roles that are appropriate for their
background and experience.
Information Security
Roles
This page
details all known roles within the IT Security field. In
reality the roles will combine many skills from other roles and
the variations are
infinite; it's purpose is for newcomers to the field to understand the
types of work available,.
The job titles vary as greatly as the skill sets required to perform
them. The most common are "Computer Security
Specialist" and "Information Security Specialist". These are broad
terms that apply to the many specific positions responsible for designing,
testing, implementing and monitoring solutions to security problems in computer
systems and the interaction of people with those systems.
In larger companies, there are management level positions such as Chief Information Security Officer,
Information Security Architect, Security Director, etc. These
positions have largely managerial and overview responsibilities, although
the skill levels required in each position depend upon the size of the company and how each
organization defines the job title.
In smaller companies, one person could fill three or four or all of the roles outlined here.
Information Security
Recruitment: If you are looking for people or
work click here
Links to Job Descriptions
|
Chief Information Security Officer
|
|
Global Head of IT /
Information Security |
|
The Chief Information Security Officer is a high-level management position
responsible for the entire computer security department and staff.
Traditionally this
position generally exists
in large organizations, like Fortune 500 companies or key government agencies, that have large computer security staffs and systems.
However, as the requirement for information security is becoming more
widely recognised the role is appearing in smaller organisations, though
often the role will include hands on technical work. Extending titles
with Chief and Global Head may be barred for political reasons |
|
Information Security Architect
|
|
Information Security
Director |
We have seen the Information Security Architect title used for very
different roles, the first for the individual who heads up a security
design team building a new enterprise network or taking one
through a tech refresh.
An Information Security Architect or Information Security Director is also
used as follows: directs organization-wide security technology. This role is responsible for the integration of
IT systems development with security policies and information protection strategies. It also has responsibility for developing,
maintaining, and publishing corporate information security standards, procedures, and guidelines. Provides technical guidance
and training to information "owners," corporate security officers, and IT associates, and designs and implements programs for
user awareness, compliance monitoring, and security compliance.
Typically the word "Information" shows this is a more managerial position than a "Security Architect", which is generally a
much more technical position. |
|
Cross-Platform Security Architect
|
|
This role develops and ensures policies for the secure management of security systems across platforms, including
development and maintenance of encryption policies, intrusion detection, and network authentication. The success of this
position is greatly dependent on the individual's ability to create and maintain relationships with programmers, risk assessment
staff, auditors, security department, and installation personnel.
|
|
Privacy Officer
|
|
Data Protection Officer |
|
The Privacy Officer develops and implements policies and procedures to guarantee that only those with the right to access
confidential information can do so. This is particularly important in education and health-care organizations where privacy
is regulated by law.
|
|
Information Security Analyst
|
|
This position conducts information security assessments for organizations. They interview employees to learn about current
information security policies, then evaluate them, write reports on their findings, present their reports to management,
and recommend strategies for improvement. Again, the use of "Information" in the title normally implies a more managerial,
less technical role.
|
|
Information Systems Auditor
|
|
Information Security Auditor |
|
An Information Systems Auditor tests the effectiveness of computer information systems,
including the security of the systems and reports their findings. They determine whether a computer system
safeguards assets, maintains data integrity, allows organizational goals to be achieved effectively and uses resources
efficiently. They usually work with others in the business and IT
departments in a cooperative effort to ensure the security of the systems.
Responsible for auditing a network against a given policy or standard such as a System Security Policy, ISO17799, ISO27001,
NSA Clamp Down etc. Depending on the scope the audit might cover Operating System settings such as within the registry,
firewall configuration, IDS Policy and tuning, Business Continuity Plans, Processes, Training and Personnel. The role is
usually well paid due to the diverse skillset required and the ability to instil trust and impart advice.
This is often a role performed by an outside consultant. |
|
Security Analyst
|
|
Usually specified as Junior or Senior. Responsible for assisting in the coordination effort to remediate security
alerts and respond to information security related incidents.
|
|
Security Auditor
|
|
This job title has a number roles associated with it,
see also Information Security Auditor above. A security auditor
analyses operating system and file access logs to detect inappropriate
access or nefarious activity. The role is usually found in the financial
or public sectors such as Government and Defence. |
|
Systems/Application/Information Security Manager
|
|
The Security Manager creates and develops security measures to safeguard information against accidental or unauthorized
modification, destruction, or disclosure. Coordinates with management, programmers, risk assessment staff, auditors,
facilities, and other security departments to identify and plan for security in all aspects of data, applications, hardware,
telecommunications, and computer installations.
|
|
Disaster Recovery Specialist
|
Disaster recovery specialists design and implement programs to recover
processes and data lost in a disaster. They might use Disaster Recovery Planning (DRP) software to
identify data and computer systems that
may need to be recovered, plan offsite data storage and computing
facilities, and test data recovery procedures.
Although not typically considered a "computer security" position, it actually is the most basic type of computer and
information security. "What happens when my computers are no longer available?" The normal description focuses
on natural disasters, but recovery is just as important in a malicious attack, and securing critical and sensitive data
stored offsite can be a huge challenge as well.
|
|
Security Architect - <specialism>
|
Firewallls - VPN - Content Management - IDS - IPS - Anti Virus -
A security architect either designs a network to be secure or designs a particular security element such as the PKI
infrastructure or IDS/IPS. Security skills vary considerably, a thorough understanding of security threats is
desirable though many become Security Architects from OS, networks, or database backgrounds.
|
|
Penetration Tester
|
|
Ethical Hacker |
|
Assurance Validator
|
A penetration tester is an extremely specialised role, to be a pen tester it isn't sufficient to run a vulnerability scan, a
true pen tester will be able to exploit the vulnerabilities and prove the system in question is truly vulnerable. To
ensure the most current strategies and stay on top of the vulnerabilities and exploits, this is a full time role.
There is a specialization of Penetration Tester known as a "Red Team" Tester. This is a member of a group put together
to perform penetration tests on the most critical infrastructure components of countries: utility companies, nuclear installations,
atomic research facilities, military computer systems, etc.
See also Vulnerability Assessor Application Tester CHECK Team Leader |
|
Vulnerability Assessors
|
Vulnerability assessors will scan a network and identify vulnerabilities producing a report prioritising the results.
Many will just run Nessus and charge a small fortune for the privilege, whilst others will engage numerous methods and tools
to derive the information. The difference between a vulnerability assessor and a pen tester is
that the Pen Tester will attempt to exploit the
vulnerabilities discovered. Vulnerability assessment are often preferable as they are quicker and require a lower skill
level than a pen test making them less expensive and less likely to cause an outage.
See also Pen Tester Application Tester CHECK Team Leader
|
|
CHECK Team Leader
|
|
CHECK is a UK government scheme run by CESG, aimed at ensuring the quality and integrity of Pen Testers assessing
government networks and and the wider public sector of systems handling protectively marked information. At present
the scheme has been temporarily suspended following the departure of the team that tested the testers (confused?)
Needless to say the remaining CHECK Team Leaders are in great demand and can command HUGE salaries. The Check Service Assault
Course has improved over the years and unlike many nameless civilian equivalents, candidates do fail.
|
|
Security Engineer/Administrator
|
|
Responsible for the installation and management of security systems across
the entire organization's network, including IDS, firewalls, log capture, etc, in a smaller deployment
they may also be responsible for monitoring and reacting to their output, though this would ordinarily fall to Security
Analysts.
|
|
Source Code Auditor
|
|
A Source Code Auditor is responsible for reviewing application programming source code to identify potential security
issues in how the application is built. Review should focus on things like santizing input, securing data as it is brought
from one platform to another, identifying potential programming issues that could result in unauthorized access to data and
system resources, or leaking of sensitive information.
|
|
Security Researcher
|
|
These used to be independent individuals who looked for new vulnerabilities in products. The notoriety and marketing potential
their findings received drew the attention of a number of companies who employ them either full-time or purchase their research.
Depending on the skills of the individual this can be extremely well paid.
|
|
Forensics Engineer
|
A Forensic Engineer preserves, identifies, extracts, and documents evidence stored in computers. They search through
the computer for information that will help identify and prove the crime
that was committed. They also compile computer evidence for legal cases and work on programs that help recover computer evidence.
They often give expert testimony at trials.
AKA Computer Crime Specialist, Computer Forensic Investigator
|
|
Computer Security Incident Response Team Member
|
Computer security incident response team members work together with other
team members to prepare for and provide rapid response to security threats
such as virus attacks. They develop a procedural set of responses to security problems,
including protocols for communication within the organization as well as
any interaction with law enforcement agencies during computer security incidents.
These positions typically exist in large organizations and as independent groups
usually funded by the government and
research sectors.
|
|
Cryptographer
|
A Cryptographer is responsible for the security of electronic information,
using encryption. Encryption is the transformation
of data into some unreadable form to keep it private and hidden from anyone for whom it is not intended. Decryption is the
transformation of encrypted information back into a comprehensible form.
These positions are normally research related, or working with security software companies to build cryptography into their products.
|
|
Cryptanalyst
|
This job analyzes hidden information, like an encoded message or encoded computer code, to figure out what the code means.
The skill set is a mix of mathematics and computer cryptography.
Although formally these positions are in the government or espionage arenas, often malware/virus technicians use these
skills to determine the intent of malicious software.
|
|
Virus Technician
|
|
This job analyzes newly discovered computer viruses and devises ways to defend against them.
|
|
Security Sales Account Manager
|
|
This is a typical sales position, where the product being sold is security solutions of some type. The product could be
security applications, security appliances, services, auditing, managed monitoring services, etc. This would require a
fairly in-depth knowledge of security issues and products to be successful.
|
|
Security Pre-Sales Engineer
|
|
Again, a typical sales position where the product being sold is security related. Responsible for providing presentations
on the products offered, demonstrations of those products, configuration and sizing recommendations, and post-sales support as
required to ensure future sales opportunities.
|
|
Security Post-Sales Engineer
|
|
This is a technical position responsible for assisting a customer with design and implementation of a security product into
the organization, networks, and systems. Often Training of customers on the particular product and skillsets is involved.
|
|
Security Software Developer
|
This role can have two definitions:
1) A Security Software Developer which actually develops security software. This person would participate in efforts to develop
new software tools for monitoring computer networks and analyzing traffic on those networks. They would participate in software
design, implementation and testing, and could also support customer deployments of software developed.
2) A Security Software Developer could also be responsible for ensuring security is implemented in applications developed through
the standard software development life cycle within an organization. In
this definition, the software developed is not security specific.
|
|
Intrusion Detection Specialist
|
An Intrusion Detection Specialist has skills in:
- Monitoring networks using a variety of tools to identify potential intrusions
- Penetration testing
- Software development and coding
This role will typically be in a large company or the government, as most smaller companies couldn't afford a dedicated staff member to
perform this function. An Intrusion Detection Specialist will monitor the network/computers/applications, looking for traffic or events
that could indicate an intrusion. He/She will then perform the research to determine if an intrusion occurred, how it occurred, and
what information was obtained or damage was inflicted. Finally, this staff member will identify what changes are necessary to ensure
the intrusion does not occur again, providing this information to the appropriate people to implement, whether that be network specialists,
application developers, or help desk staff.
|
If you are interested in any of these
roles please pass your CV with details of your availability and salary
expectations to secwizrec(@)securitywizardry.com
|
