Profession ICT security manager

ICT security managers propose and implement necessary security updates. They advise, support, inform and provide training and security awareness and take direct action on all or part of a network or system.

ICT security manager Jobs: Open positions

Find the job of your dreams on Talent.com, one of the largest job sites worldwide.

Job postings: talent.com

Personality Type

Knowledge

  • Internal risk management policy

    The internal risk management policies that identify, assess and prioritise risks in an IT environment. The methods used to minimise, monitor and control the possibility and the impact of disastrous events that affect the reaching of business goals.

  • Computer forensics

    The process of examining and recovering digital data from sources for legal evidence and crime investigation.

  • ICT quality policy

    The quality policy of the organisation and its objectives, the acceptable level of quality and the techniques to measure it, its legal aspects and the duties of specific departments to ensure quality.

  • Internet governance

    The principles, regulations, norms and programs that shape the evolution and use of internet, such as internet domain names management, registries and registrars, according to ICANN/IANA regulations and recommendations, IP addresses and names, name servers, DNS, TLDs and aspects of IDNs and DNSSEC.

  • Information security strategy

    The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.

  • Internet of Things

    The general principles, categories, requirements, limitations and vulnerabilities of smart connected devices (most of them with intended internet connectivity).

  • ICT problem management techniques

    The techniques related to identifying the solutions of the root cause of ICT incidents.

  • ICT security standards

    The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

  • ICT project management

    The methodologies for the planning, implementation, review and follow-up of ICT projects, such as the development, integration, modification and sales of ICT products and services, as well as projects relating technological innovation in the field of ICT.

  • ICT system user requirements

    The process intended to match user and organisation's needs with system components and services, by taking into consideration the available technologies and the techniques required to elicit and specify requirements, interrogating users to establish symptoms of problem and analysing symptoms.

  • Legal requirements of ICT products

    The international regulations related to the development and use of ICT products.

Skills

  • Define security policies

    Design and execute a written set of rules and policies that have the aim of securing an organisation concerning constraints on behaviour between stakeholders, protective mechanical constraints and data-access constraints.

  • Manage disaster recovery plans

    Prepare, test and execute, when necessary, a plan of action to retrieve or compensate lost information system data.

  • Implement ICT risk management

    Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.

  • Manage IT security compliances

    Guide application and fulfilment of relevant industry standards, best practices and legal requirements for information security.

  • Lead disaster recovery exercises

    Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.

  • Maintain ICT identity management

    Administer identification, authentication and authorisation of individuals within a system and control their access to resources by associating user rights and restrictions with the established identity.

  • Establish an ICT security prevention plan

    Define a set of measures and responsibilities to ensure the confidentiality, integrity and availability of information. Implement policies to prevent data breaches, detect and respond to unathorised access to systems and resources, including up-to-date security applications and employee education.

  • Develop information security strategy

    Create company strategy related to the safety and security of information in order to maximise information integrity, availability and data privacy.

  • Solve ICT system problems

    Identify potential component malfunctions. Monitor, document and communicate about incidents. Deploy appropriate resources with minimal outage and deploy appropriate diagnostic tools.

Optional knowledge and skills

ict security legislation audit techniques provide technical documentation information confidentiality tools for ict test automation use ict ticketing system systems development life-cycle saas (service-oriented modelling) organisational resilience decision support systems hybrid model service-oriented modelling ict network security risks levels of software testing outsourcing model web application security threats open source model cyber security mobile device management cyber attack counter-measures investment analysis ict process quality models ict encryption execute ict audits identify ict security risks define technology strategy ict recovery techniques

Source: Sisyphus ODB