Information Security Management

N/A

• Demonstrate awareness of security requirements.
• Demonstrate awareness of certification policies.
• Demonstrate awareness of privacy requirements and standards.
• Understand concepts of IT security and its application to computer systems architecture.

• Execute security test plans.
• Deal with low impact threats.
• Act to protect integrity of system data at operation level (e.g., single key incident).
• Perform security certifications.
• Provide advice on disaster recovery planning.
• Participate in disaster recovery tests.
• Recommend security safeguards.
• Execute standards.

• Demonstrate a broad understanding or very detailed area of expertise in security subject(s).
• Demonstrate a broad knowledge of security policies and interprets policies.
• Understand a specific security application or tool and how it works.
• Conduct risk assessments.
• Assess security safeguards.
• Deal with threats and serious incidents.
• Deal with intrusions at a high threat level.

• Demonstrate an expert understanding or very detailed area of expertise in multiple security subject(s).
• Demonstrate expert knowledge of law, regulation, and policies, and interpret policies and standards.
• Expert in multiple security applications and tools.
• Lead risk and security safeguards assessments.
• Mitigate threats and serious security incidents at the enterprise level.
• Consult on security issues and recommend corporate strategies.
• Lead the development of enterprise policies and standards.
• Direct employees and consultants and provide mentorship to others.