Week 11 Information Security Positions.

Week 11. Information Security Positions.

When hiring information security professionals at all levels, organizations frequently look for individuals able to:

·         Understand how organizations are structured and operated

·         Recognize that information security is a management task that cannot be handled with technology alone

·         Work well with people in general, including users, and communicate effectively using both strong written and verbal communication skills

·         Acknowledge the role of policy in guiding security efforts

·         Understand the essential role of information security education and training, which helps make users part of the solution, rather than part of the problem

·         Perceive the threats facing an organization, understand how these threats can become transformed into attacks, and safeguard the organization from information security attacks

·         Understand how technical controls (including firewalls, IDSs, and antivirus software) can be applied to solve specific information security problems.

·         Demonstrate familiarity with the mainstream information technologies, including Disk Operation System (DOS) and/or the Windows command-line, Windows XP/Vista/2003 and 2008 Server, Linus, and UNIX

·         Understand IT and InfoSec terminology and concepts.

Information Security Community:

·      InfoSec department manager

·      Access control system administrator

·      Internal InfoSec consultant

·      InfoSec engineer

·      InfoSec documentation specialist

·      InfoSys contingency planner

·      Local InfoSec coordinator

IT Community:

·         Chief information officer

·         InfoSys analyst/business analyst

·         Systems programmer

·         Business applications programmer

·         Computer operations manager

·         Computer operator

·         InfoSys quality assurance analyst

·         Help desk associate

·         Archives manager/records manager

·         Telecommunications manager

·         Systems administrator/network administrator

·         Web site administrator/commerce site administrator

·         Database administrator

·         Data administration manager

General Business Community:

·         Physical security department manager

·         Physical asset protection specialist

·         Building and facilities guard

·         Office maintenance worker

·         Internal audit department manager

·         EDP auditor

·         Internal intellectual property attorney

·         Human resources department manager

·         Human resources consultant

·         Receptionist

·         Outsourcing contract administrator

·         In-house trainer

·         Insurance and risk management department manager

·         Insurance and risk management analyst

·         Business contingency planner

·         Public relations manager

·         Chief financial officer

·         Purchasing agent

·         Chief executive officer

Reference.

Whitman, M. & Mattord, H. (2010).  “Management of Information Security.”
Boston, MA, Course Technology, Cengage Learning.