SFIA Skills: Security operations (SCAD)

Investigates security breaches in accordance with established procedures and security standards, and recommends required actions and support/follows-up to ensure these are implemented. Investigates and reconciles violation reports and logs generated by automated systems. Where appropriate (i.e. involving employees within own organisation) interviews minor offenders and compiles reports and recommendations for management follow-up.

Provides advice and handles enquiries relating to security, contingency planning and related activities. Acts as subject matter expert for security administration activities.

Maintains security administration processes, and checks that all requests for support are dealt with according to agreed procedures.

For all services and systems within identified remit, maintains auditable records and user documentation. Assists in the preparation and maintenance of other documentation such as business recovery plans, particularly in the data collection and compilation/production/distribution phases of the exercise.

Ensures that all identified breaches in security are promptly and thoroughly investigated, and that any system changes required to maintain security are implemented. Investigates complex, or highly sensitive violations referred by more junior staff or colleagues, handling issues imaginatively, efficiently and professionally. Obtains factual information and formulates opinions regarding exposed violations. Where appropriate (i.e. involving employees within own organisation) interviews offenders in conjunction with the relevant line manager or on own authority if warranted.

Ensures that training, guidance and support is provided to security administrators, in all aspects of security policy and control.

Provides general security expertise and specialist guidance on security administration and wider security issues.

Contributes to the creation and maintenance of policy, standards, procedures and documentation for security, taking account of current best practice, legislation and regulation.

Advises on and assists with the assessment of the potential impact on existing access security mechanisms of specific planned technical changes, in order to help ensure that potential compromise or weakening of existing security controls is minimised. Also assists in the evaluation, testing and implementation of such changes.

Ensures that security records are accurate and complete, and that requests for support are dealt with according to set standards and procedures. Recognises requirements for, and creates, auditable records, user documentation and security awareness literature for all services and systems within scope, ensuring that the records provide a comprehensive history of violations, resolutions and corrective action.

Monitors the application and compliance of security administration procedures, and reviews information systems for actual or potential breaches in security.

Investigates minor security breaches in accordance with established procedures and security standards. Investigates and reconciles violation reports and logs generated by automated systems. Integrates findings from other investigators, and compiles reports and recommendations for management follow-up. Leads the continual monitoring and remediation processes following an incident.

Handles all enquiries relating to security administration with only infrequent reference to more senior staff for assistance

For all services and systems within identified remit, maintains auditable records and user documentation. Assists in the preparation and maintenance of evidence required for internal and external audit, compliance or regulatory reporting, security accreditations, and business recovery plans — particularly in the data collection and compilation/production/distribution phases of the exercise.

Assists in the investigation and resolution of issues relating to access controls and security systems. Investigates and reconciles violation reports and logs generated by automated systems. Investigates any other minor security breaches, in accordance with established procedures and security standards. Integrates findings from other investigators, and compiles reports and recommendations for management follow-up.

Receives and responds to routine requests for security support. Maintains records and advises relevant persons of actions taken.

For all services and systems within identified remit, maintains auditable records and user documentation. Assists in the preparation and maintenance of evidence for use in internal and external audits, compliance or regulatory reporting, security accreditations, and business recovery plans — particularly in the data collection and compilation/production/distribution phases of the exercise.