1. Professional Roles and Responsibilities:
Responsible for handling all type of Infrastructure Information Security alerts –
Review the alerts and handle them as per the process & best practices. This involves
working with different groups and ensuring that all the alerts are closed in a timely
manner [SLA]
Patch & Vulnerability Management Process – Responsible for identifying security
gaps and vulnerabilities through different tools and techniques in organization
devices/systems. Scan results are analysed [prioritise: C: H: M] and fixes are applied
as per the vendor recommendations.
System Security Logs: Monitor and analyse the logs using tools for unusual or
suspicious activity. Interpret such activity and make recommendations for resolution
Compile Security Metrics - Manage various IT & IS Security reports based on
information generated from different security Applications, Services & tools –
Compile security metrics and efficiency security metrics for management review
Assist and Contribute to IT risk identification, classification and response processes
Actively contribute to inter-departmental and cross-functional teams for the protection
of information & information assets in organization
Involve & support in organization IS internal audits [iso 27001,KCO ,etc.] on
assigned departments effectively to ensure systems are functioning, performing
properly and audit report & recommendation has been submitted to management
Actively conducting training/awareness program for newly joined employee on
Information Security
Provide support and direction for improving InfoSec policies, processes, and
standards
![Professional Roles and Responsibilities:
Responsible for handling all type of Infrastructure Information Security alerts –
Review the alerts and handle them as per the process & best practices. This involves
working with different groups and ensuring that all the alerts are closed in a timely
manner [SLA]
Patch & Vulnerability Management Process – Responsible for identifying security
gaps and vulnerabilities through different tools and techniques in organization
devices/systems. Scan results are analysed [prioritise: C: H: M] and fixes are applied
as per the vendor recommendations.
System Security Logs: Monitor and analyse the logs using tools for unusual or
suspicious activity. Interpret such activity and make recommendations for resolution
Compile Security Metrics - Manage various IT & IS Security reports based on
information generated from different security Applications, Services & tools –
Compile security metrics and efficiency security metrics for management review
Assist and Contribute to IT risk identification, classification and response processes
Actively contribute to inter-departmental and cross-functional teams for the protection
of information & information assets in organization
Involve & support in organization IS internal audits [iso 27001,KCO ,etc.] on
assigned departments effectively to ensure systems are functioning, performing
properly and audit report & recommendation has been submitted to management
Actively conducting training/awareness program for newly joined employee on
Information Security
Provide support and direction for improving InfoSec policies, processes, and
standards](https://image.slidesharecdn.com/8c2280e0-9420-4547-9b73-53361e47215d-150518113406-lva1-app6891/85/Professional-Roles-and-Responsibilities-1-320.jpg)
