- Configure, support and evaluate security tools.
- Review network designs and evaluate compliance to applicable security standards.
- Conduct security audits and provide recommendations to mitigate risks.
- Ensure compliance to security standards and policy.
- Evaluate project initiation documents.
- Design solutions, configure or support Firewalls, Content Engines, Intruder Detection or Prevention Systems.
- Configure and support anti-virus software.
- Configure and support patch management systems.
- Produce or modify disaster recovery and business continuity work practices.
- Configure and optimize server and desktop operating systems and enterprise patch management systems.
- Knowledge of common protocols such as SNMP, HTTP, HTTPS, SMTP, NTP, LDAP, KERBEROS, RADIUS and FTP.
- Ensure representation in change management working parties.
- Configure and support VPNs and enterprise gateway devices.
- Administer remote access infrastructure.
- Produce or update remote access policy.
- Define and enforce controlled access to corporate security zones as required.
- Judgement and Decision Making
- Situational Analysis
- Specific Technical Knowledge
We found security role descriptions to be some of the least consistent in the industry in terms of standard duties and responsibilities across different organizations. Some roles are more technical in nature and some roles are more policy based. In many cases both sets of skills are desirable but the degree of technical vs business varies between organizations.
|71%||Knowledge of L4-L7 protocols such as SSL,HTTP,DNS,SMTP and IPSec|
|59%||Strong understanding of firewall technologies Juniper / Cisco / Checkpoint|
|27%||Packet Shaper, Load Balancer and Proxy Server knowledge|
|24%||Intermediate to expert IDS/IPS knowledge|
|24%||Understanding of information management and data classification|
|20%||Investigations of security incidents|
|20%||Demonstrated understanding of VPNs and remote access|
|15%||Intermediate to expert virus protection and content filtering knowledge|
|15%||Experience with web application vulnerability scanning tools such as IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burp suite Pro|
|10%||Knowledge of encryption techniques and PKI infrastructure|
|10%||Understanding of business requirements, process and practice|
|7%||Knowledge of forensic tools such as Encase, FTK, Helix, Wireshark|
|5%||Knowledge of reverse engineering, binary analysis and assembler|
|4%||Audits and accreditation process experience|
|2%||Security policy knowledge and experience|
|2%||Understanding of incident investigations processes and reporting|
|31%||CISSP (Certified Information Systems Security Professional)|
|11%||RSA/CA (RSA Certified Administrator)|
|6%||CCSP (Cisco Certified Security Professional)|
|6%||CCSA (Check Point Certified Security Administrator)|
|6%||CISM (Certified Information Security Manager)|
|3%||CISA (Certified Information Security Auditor)|
The following salary indicators were found for this role;
|Role||Roles Not Requesting a Degree||Roles Requesting a Degree||Top End|
|Security Engineer or Administrator Salary||$89K - $110K||$86K - $104K||$146K|
|Contract Rates||$89h - $110h||N/A|
These roles are in a position of trust therefore a high sense of ethics is a key personal attribute. Because the most successful security operations are the ones that prevent an incident, rather than detecting and neutralizing it, a person who is also proactive and tries to implement preventative measures is an excellent prospect for this type of role.
Security jobs carry a degree of prestige and excitement due to the nature of the job.
This role can be perceived as 'road blocks' by other technical engineering departments and hence can become isolated from the technology community. Employers should clarify duties and responsibilities between departments and ensure communication lines between the groups remain open and healthy in order to avoid tension between teams.
Most job advertisements specify specialised skills so apart from general security skills it may be prudent for candidates to develop expertise in two or three areas such has firewalls, policy, Internet gateways, vulnerability scanning, penetration testing, software security, compliance, risk management, auditing or similar.