JOB DESCRIPTION/PERSON SPECIFICATION
|
|
- Ambrose Jacobs
- 8 years ago
- Views:
Transcription
1 JOB DESCRIPTION/PERSON SPECIFICATION A POSITION DETAILS DIVISION: Business Support JOB TITLE: MIS Security Analyst DEPARTMENT/BUSINESS SECTOR: MIS REPORTING TO: MIS Security Manager GRADE: 11 B KEY RESPONSIBILITIES PEOPLE: Enabling staff to conduct their day-to-day tasks with Information Technology (IT) as a seamless, beneficial work tool. Providing staff with the information they need to do their job, where & when they need it, with the tools to enhance the value of that information through analysis, workflow and sharing. PROTECTION: Implement and support strategic IT solutions, which allow SITA UK to meet its environmental protection strategy. IT Specific: Ensure operational stability and appropriate levels of service from SITA s computing infrastructure by strategic input into systems design, implementation and operation. This includes ensuring appropriate levels of security and accountability to prevent operational impact from accidental or malicious activity. PROFILE: Improve SITA s ability to interact with existing & potential customers, suppliers and partners through the use of collaborative and integrated IT systems. PROFIT: Improving the effectiveness of staff by leveraging time-saving and ability-enhancing Information Technology: Reducing Total Cost of Ownership (TCO) of IT systems through the automation of routine tasks and leveraging economies of scale with standardisation of approaches and processes. Increasing competitive advantage by enabling smart working within geographically separated teams through collaborative solutions that allow remote working, information sharing and interaction Reducing overhead costs & the time taken to perform regular processes and improving the speed & quality of decisions through the availability of up-to-date and appropriate information.
2 In line with SITA UK s Health and Safety Policy the job holder is expected to; Take reasonable care of his/her own health, safety and welfare and that of other people who may be affected by his/her actions or omissions. To co operate with SITA UK and with other employees in order to comply with health and safety law and SITA UK s Health and safety Policies and Procedures Not to misuse or interfere with, intentionally or recklessly, anything provided in the interests of safety. To ensure that within his/her areas of responsibility, SITA UK complies fully with its legal duties in respect of the health, safety and welfare of its employees and of other people who may be affected by his/her actions or omissions To ensure that the responsibilities commensurate with his/her role as laid out in the Health and safety policies and Procedures are fully met. C RESPONSIBILITIES Role and Context PURPOSE: This is a new role within the IT Team, and is a multi-faceted position. Security covers aspects of Confidentiality, Integrity and Availability: the success of this role will be measured not only in terms of attempted / foiled un-authorised access, but also in the success in mitigating service degradation as a result of malicious or accidental actions. This could include avoidance of DoS attacks (or consequential DoS, through spam overload for example). The role will also be expected to ensure regulatory compliance regarding security controls implemented on IT systems and data networks. The primary purposes are: The creation and maintenance of a demonstrably secure data-networking environment in which the SITA UK can achieve its strategic goals. This state will be achieved by working with both the Communications Team and the IT Security Manager The provision of secure implementation of major project work that requires expertise and specialist knowledge of both the SITA security environment, and the policies and regulations to which all users and equipment must adhere. Taking responsibility for and initiating immediate counter measures to real-time threats to SITA that are identified through the implemented security systems. CONTEXT: Based at Maidenhead, working as part of the Security Team, deputising for IT Security Manager during absence. Will be expected to x-train to basic level in network skills to progress their own knowledge, and improve the solutions offered, as a result of a wider perspective RELATIONSHIPS: INTERNAL IT Security Manager Unified Communications Team Internal Audit team SDT & BAS staff, IT Project Managers and BAS Business Risk Office Business owners of core applications Pan-Suez peers
3 EXTERNAL Hardware and software suppliers and vendors Outsource Service providers Service Providers Company Auditors DECISION MAKING AUTHORITY: Participation in infrastructure strategy decisions information security expertise Determination and implementation of counter-activities to be taken in response to identified real-time security threats. Key Activities Key Outputs Assist in the provision, operation, documentation and maintenance of the secure elements of the IT infrastructure to UK business stated quality objectives, (measured through IT SLAs). MIS monitoring and reporting of security performance of the IT infrastructure and relevant components. Ensuring that any attacks on the SITA IT systems are countered immediately through activating counter-measures they deem appropriate. Taking a lead role in medium/long term counter-threat activities (e.g. post-virus clean-up projects) Provision of technical input to problem and incident resolution using network and system security tools and equipment Provision of technical input to ad-hoc project work relating to secure network connectivity, including DMZ, B-2-B, wireless and remote access devices. Often in conjunction with the Unified Communications Manager. General connectivity issues, user training and support as well as security elements of remote access will be addressed. Input to the annual audit process, showing CODIS compliance to security procedures through records, audit logs, and processes. Will be required to liaise directly with auditors about countermeasures (appropriateness and effectiveness) that have been implemented in the course of their duties. Participation in annual Disaster Recovery and continues vulnerability testing program demonstrating that IT systems and network s Integrity, Availability and Confidentiality are maintained. Provision of remedial actions to IT systems and Networks identified through on-going security management practices. MIS monitoring and reporting of IT Security objectives. Presentation and explanation of the security models and their purpose to other IT colleagues and Operational Management. Deputizing for Security Manager in times of absence. Assist in the delivery of Service Improvement and Quality Assurance plans implemented as per SIP Manager Involvement in other and diverse activities as required from time to time to ensure the smooth operation of the IT Department. Assist and advise operational functions to stated security standards, providing cost-effective security for the SITA UK community Ensuring that the Service Standards as measured by the SDT and IT SLAs pertaining to Security Targets are met and published. Other capacity and usage thresholds (e.g. spam control) are adhered to, and potential breaches mitigated with minimum business impact.
4 Ensuring Suez, and SITA UK standards for all aspects of information security are adhered to for all project delivery, whilst not negatively impacting timeliness, quality or cost. All audit compliant targets for security are met, or compensating control and mitigation plans available to be submitted to external auditors and SUEZ risk management teams. Includes BC and DR planning and testing. Production of an ongoing security audit program including ethical hacking, social engineering etc. Provision of MIS to the business and IT management both on a regular and ad-hoc basis, to enable quantitative business decisions to be made. Leading, with support from the IT Security Manager, completion of the annual UK IT ISMM (Information Security Maturity Model) position, and defining / actioning any remedial actions arising. Full participation in a culture of continuous improvement that is considered business as usual throughout the team. The contents of this job description reflect the main duties and responsibilities of the job and are not intended to form part of the contract of employment. SITA UK may revise the content of this Job Description/Person Specification at its discretion. D. GENERAL CRITERIA MINIMUM ESSENTIAL RATING QUALIFICATIONS / TRAINING: HNC or degree in a computer science discipline preferred. Working knowledge of Microsoft server and PC operating systems. ITIL understanding / foundation level CAREER HISTORY / EXPERIENCE: 2 years commercial experience in a system administration or support role. A good level of understanding of communication protocols, in particular IP (over Ethernet and WANs) and their impact on security A good level of understanding of system and application architecture Knowledge of MPLS, VPN, DSL WiFi and emerging connectivity technologies. Fault diagnosis and analysis for installed security hardware: Firewalls, IDS/IPS, SSL VPN, Encryption software Fault diagnostics and analysis of Anti-virus software Up-to-date knowledge of all SITA shrink-wrapped applications: (MS Office, Lotus Notes etc.) and their security implications Working knowledge of Active Directory and Group Policy Objects and Patch deployment software Understanding of the use of Citrix and its network and security impact. Ability to communicate clearly both with technical staff and non-technical customers, ranging from temps to MD. Keen interest in Information Security.
5 E. KEY COMPETENCIES & ATTRIBUTES SERVICE TO THE CUSTOMER/COLLEAGUE: Is this person passionate about personally understanding the customer and meeting their needs? FINANCIAL AWARENESS: Does this person understand the financial impact on the business of any decisions made? MINIMUM ESSENTIAL RATING BUILDING CAPABILITY: Does this person work to develop the long term capability of others? 2 COMMUNICATION EFFECTIVENESS: Does this person firmly believe in communication to all appropriate stakeholders and have the skill to get ideas accepted by others or to get others to change their opinion? DRIVE FOR RESULTS Does this person lead individuals or groups of people effectively and make continuous improvements and meet/surpass targets and goals? PROBLEM SOLVING: Can this person recognise a problem and decide what to do about it? QUALITY OF WORK: Is this business run in a manner that complies with all operational standards both internal and external? Prepared By (Line Manager): Approved By (Director): [If applicable] Approved by HR Manager: Signed to confirm received (Employee):
Infrastructure Support Engineer Job Profile
Infrastructure Support Engineer Job Profile About the HCPC The Health Professions and Care Council (HCPC) is the regulator of 16 different health and care professions, set up to protect the public. To
More informationSTRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction
Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table December 2011 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationSecuring the Service Desk in the Cloud
TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,
More informationJOB SPECIFICATION. Service Support Manager ORGANISATION CHART: JOB PURPOSE:
JOB SPECIFICATION JOB TITLE: GRADE: Service Support Manager SMP ORGANISATION CHART: JOB PURPOSE: Management responsibility for the Service Support within the Trust delivering an efficient and cost effective
More informationClient Security Risk Assessment Questionnaire
Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2
More informationTEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL
TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for
More informationMaximize potential with services Efficient managed reconciliation service
RECONCILIATION IntelliMatch Operational Control services Optimize. PRODUCT SHEET Maximize potential with services Efficient managed reconciliation service Overview At its best, technology provides financial
More informationLot 1 Service Specification MANAGED SECURITY SERVICES
Lot 1 Service Specification MANAGED SECURITY SERVICES Fujitsu Services Limited, 2013 OVERVIEW OF FUJITSU MANAGED SECURITY SERVICES Fujitsu delivers a comprehensive range of information security services
More informationJOB DESCRIPTION CONTRACTUAL POSITION
Ref #: IT/P /01 JOB DESCRIPTION CONTRACTUAL POSITION JOB TITLE: INFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) SECURITY SPECIALIST JOB SUMMARY: The incumbent is required to provide specialized technical
More informationSITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA
SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...
More informationNetwork & Information Security Policy
Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk
More informationThe evolution of data connectivity
Leveraging the Benefits of IP and the Cloud in the Security Sector The CCTV and alarm industry has relied on analogue or Integrated Services Digital Network (ISDN) communications to provide data connectivity
More informationThe Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
More informationJob description. Job title: Server Infrastructure Analyst 1
Job description Job title: Server Infrastructure Analyst 1 Department: Resources Service: IT Service Grade: G Post reference number: 1 Job purpose To provide specialist enterprise level design, planning,
More informationNext generation enterprise communications
Next generation enterprise communications Peter Hall Principal Analyst July 2010 1 Agenda Top CIO/IT manager issues The role of managed services and outsourcing Evolution of players - the expanding role
More informationG-Cloud Service Definition. Atos Information Security Wireless Scanning Service
G-Cloud Service Definition Atos Information Security Wireless Scanning Service Keeping your wireless networks secure Atos Information Security Wireless Scanning Service The Atos Wireless Scanning Service
More informationJOB DESCRIPTION. Server infrastructure specialist. Capacity and Configuration Manager
JOB DESCRIPTION POST: LOCATION: Server infrastructure specialist Belfast City Hospital GRADE: Band 6 REPORTS TO: RESPONSIBLE TO: Capacity and Configuration Manager Co-Director for I.C.T JOB SUMMARY/MAIN
More informationNOS for Network Support (903)
NOS for Network Support (903) November 2014 V1.1 NOS Reference ESKITP903301 ESKITP903401 ESKITP903501 ESKITP903601 NOS Title Assist with Installation, Implementation and Handover of Network Infrastructure
More informationI.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure 2015 1
I.T. Security Specialists Cyber Security Solutions and Services Caretower Corporate Brochure 2015 1 about us As an independent IT security specialist, with over 17 years experience, we provide tailored
More informationSenior Manager Information Technology (India) Duration of job
Role Profile Job Title Senior Manager Information Technology (India) Directorate or Region South Asia Department/Country Business Support Services, India Location of post Gurgaon Pay Band 6 / Grade G Reports
More informationSecurity Controls What Works. Southside Virginia Community College: Security Awareness
Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction
More information---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---
---Information Technology (IT) Specialist (GS-2210) IT Security Model--- TECHNICAL COMPETENCIES Computer Forensics Knowledge of tools and techniques pertaining to legal evidence used in the analysis of
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationMSP Service Matrix. Servers
Servers MSP Service Matrix Microsoft Windows O/S Patching - Patches automatically updated on a regular basis to the customer's servers and desktops. MS Baseline Analyzer and MS WSUS Server used Server
More informationGENERIC JOB DESCRIPTION - SCHOOLS
GENERIC JOB DESCRIPTION - SCHOOLS Job information as shown on organisation chart Job Title: Senior IT Technician Organisational information: Responsible to: Data Manager Post No: GEN75 Grade: HC6 Dimensions:
More informationQRadar SIEM 6.3 Datasheet
QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar
More informationHead of Information & Communications Technology Responsible work team: ICT Security. Key point summary... 2
Policy Procedure Information security policy Policy number: 442 Old instruction number: MAN:F005:a1 Issue date: 24 August 2006 Reviewed as current: 11 July 2014 Owner: Head of Information & Communications
More informationHow to Practice Safely in an era of Cybercrime and Privacy Fears
How to Practice Safely in an era of Cybercrime and Privacy Fears Christina Harbridge INFORMATION PROTECTION SPECIALIST Information Security The practice of defending information from unauthorised access,
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationExhibit to Data Center Services Service Component Provider Master Services Agreement
Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information
More informationEmpowering the Enterprise Through Unified Communications & Managed Services Solutions
Continuant Managed Services Empowering the Enterprise Through Unified Communications & Managed Services Solutions Making the transition from a legacy system to a Unified Communications environment can
More informationInformation Security: A Perspective for Higher Education
Information Security: A Perspective for Higher Education A By Introduction On a well-known hacker website, individuals charged students $2,100 to hack into university and college computers for the purpose
More informationINFORMATION TECHNOLOGY ENGINEER V
1464 INFORMATION TECHNOLOGY ENGINEER V NATURE AND VARIETY OF WORK This is senior level lead administrative, professional and technical engineering work creating, implementing, and maintaining the County
More informationRemote Services. Managing Open Systems with Remote Services
Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater
More informationAppendix 1c. DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF NETWORK/INTERNET SECURITY
Appendix 1c DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF NETWORK/INTERNET SECURITY DISTRIBUTION LIST Audit Team Prakash Gohil, Audit Manager Steven Snaith, Risk
More informationProcuring Penetration Testing Services
Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat
More informationThales Service Definition for NOC Services for Cloud
Thales Service Definition for UK NOC Services Thales Service Definition for NOC Services for Cloud April 2014 Page 1 of 13 Thales Service Definition for UK NOC Services CONTENT Page No. Introduction...
More informationTERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO
TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) Consultant - Enterprise Systems & Applications 1. Reporting Function. The Applications Consultant reports directly to the CIO 2. Qualification and Experience
More informationSolution Brief for HIPAA HIPAA. Publication Date: Jan 27, 2015. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Publication Date: Jan 27, 2015 8815 Centre Park Drive, Columbia MD 21045 HIPAA About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized
More informationManaging internet security
Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further
More informationEND TO END DATA CENTRE SOLUTIONS COMPANY PROFILE
END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE About M 2 TD M2 TD is a wholly black Owned IT Consulting Business. M 2 TD is a provider of data center consulting and managed services. In a rapidly changing
More information1. To be the principal point of contact and have responsibility for IT support incidents.
JOB TITLE: RESPONSIBLE TO: RESPONSIBLE FOR: Service Desk Engineer Service Desk Supervisor N/A JOB OUTLINE The Service Desk Engineer will be responsible for providing an effective first-line support service
More informationSRA International Managed Information Systems Internal Audit Report
SRA International Managed Information Systems Internal Audit Report Report #2014-03 June 18, 2014 Table of Contents Executive Summary... 3 Background Information... 4 Background... 4 Audit Objectives...
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationExhibit B5b South Dakota. Vendor Questions COTS Software Set
Appendix C Vendor Questions Anything t Applicable should be marked NA. Vendor Questions COTS Software Set Infrastructure 1. Typically the State of South Dakota prefers to host all systems. In the event
More informationAPPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST
APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST Application Name: Vendor Name: Briefly describe the purpose of the application. Include an overview of the application architecture, and identify the data
More informationState of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE NETWORK RESOURCES POLICY
State of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE NETWORK RESOURCES POLICY Effective December 15, 2008 State of Illinois Department of Central Management Services
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationEnterprise K12 Network Security Policy
Enterprise K12 Network Security Policy I. Introduction The K12 State Wide Network was established by MDE and ITS to provide a private network infrastructure for the public K12 educational community. Therefore,
More informationCLASSIFICATION SPECIFICATION FORM
www.mpi.mb.ca CLASSIFICATION SPECIFICATION FORM Human Resources CLASSIFICATION TITLE: POSITION TITLE: (If different from above) DEPARTMENT: DIVISION: LOCATION: Executive Director Executive Director, Information
More informationManaged Service Plans
Managed Service Plans www.linkedtech.com 989.837.3060 989.832.2802 fax Managed Information Technology Services System downtime, viruses, spy ware, losses of productivity Are the computer systems you rely
More informationCyber Security Pr o t e c t i n g y o u r b a n k a g a i n s t d a t a b r e a c h e s
Cyber Security Pr o t e c t i n g y o u r b a n k a g a i n s t d a t a b r e a c h e s 1 Agenda Data Security Trends Root causes of Cyber Attacks How can we fix this? Secure Infrastructure Security Practices
More informationHOSTING. Managed Security Solutions. Managed Security. ECSC Solutions
Managed Security Managed Security MANAGED SECURITY SOLUTIONS I would highly recommend for your company s network review... were by far the best company IT Manager, Credit Management Agency Presenting IT
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationPost No: GEN75. Division/ Department: Schools
JOB DESCRIPTION Job information as shown on organisation chart Job Title: Senior School ICT Technician Directorate: People s Services Organisational information: Post No: GEN75 Division/ Department: Schools
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationCPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS
CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationDomain 1 The Process of Auditing Information Systems
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
More informationN e t w o r k E n g i n e e r Position Description
Position Title: Group/Division/Team Network Engineer Business Technology Services / IT Operations Division Date October 2011 Reports to Roles Reporting to This Primary Objective Decision Making Authority
More informationProject Management and ITIL Transitions
Project Management and ITIL Transitions April 30 th 2012 Linda Budiman Director CSC 1 Agenda Thought Leadership: Linda Budiman What is ITIL & Project Management: Applied to Transitions Challenges & Successes:
More informationJOB DESCRIPTION. IS teams, Hanover colleagues, third party suppliers. Principal Duties and Responsibilities
JOB DESCRIPTION Job title: IT Security Analyst Grade: Responsible to: Responsible for: Liaises with: Head of IS N/A IS teams, Hanover colleagues, third party suppliers Role Purpose: Location: The purpose
More informationInformation Technology Policy
Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov
More informationROCHDALE BOROUGH COUNCIL JOB DESCRIPTION
ROCHDAL BOROUGH COUNCIL JOB DSCRIPTION DIRCTORAT: SRVIC: LOCATION: JOB TITL: Neighbourhoods Customers & ICT Floor 2, Number One Riverside ICT Desktop ngineer POST NUMBR: Grade: 5 Accountable to: Service
More informationNetwork Security I Switches, Routers & Firewalls I Antivirus I Remote Assistance I Data Encryption
Vyom Consultants VYOM Consultants believes on Indian work culture, belief, and customs. We are the group of professional people who creates happiness by solving your technical issues and maintain the long
More informationConquering PCI DSS Compliance
Any organization that stores, processes or transmits information related to credit and debit card payments has a responsibility to protect each cardholder s personal data. To help accomplish this goal,
More informationBMC s Security Strategy for ITSM in the SaaS Environment
BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...
More informationValidating Enterprise Systems: A Practical Guide
Table of Contents Validating Enterprise Systems: A Practical Guide Foreword 1 Introduction The Need for Guidance on Compliant Enterprise Systems What is an Enterprise System The Need to Validate Enterprise
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationPOSITION PROFILE Support Officer, ICT. Position Summary. Position Statement. Corporate Vision. Constructive Culture ICT.
Position Summary Position Title: Business unit: ICT Support Officer ICT Division : ICT and Knowledge Management Classification : Level 5 Status : Position Statement The ICT Support Officer maintains the
More informationCase Study: Security Implementation for a Non-Profit Hospital
Case Study: Security Implementation for a Non-Profit Hospital The Story Security Challenges and Analysis The Case The Clone Solution The Results The Story About the hospital A private, not-for-profit hospital
More informationSupplier Security Assessment Questionnaire
HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.
More informationINFRASTRUCTURE SOLUTIONS OVERVIEW
INFRASTRUCTURE SOLUTIONS OVERVIEW CONTACT US Head Office Comtec House Albert Road North Reigate Surrey RH2 9EL T: 0800 008 7599 E: infrastructure@comtec.com www.comtec.com infrastructure datacentre communications
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More informationState of Oregon. State of Oregon 1
State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information
More informationINFORMATION TECHNOLOGY SECURITY STANDARDS
INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL
More informationUMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY
UMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY Originator: IT Performance and Capacity Management Policy Approval and Version Control Approval Process: Position or Meeting
More informationBusiness benef its of managed ICT services
Business benef its of managed ICT services A leadership perspectives white paper Recommended next steps for business and industry executives Issue 7 in a series Executive Summary With the steady decline
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationAdvantages of Managed Security Services
Advantages of Managed Security Services Cloud services via MPLS networks for high security at low cost Get Started Now: 877.611.6342 to learn more. www.megapath.com Executive Summary Protecting Your Network
More informationYou Can Survive a PCI-DSS Assessment
WHITE PAPER You Can Survive a PCI-DSS Assessment A QSA Primer on Best Practices for Overcoming Challenges and Achieving Compliance The Payment Card Industry Data Security Standard or PCI-DSS ensures the
More informationInformation Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy
Working Together Information Security Policy Information Security Policy May 2012 Borders College 19/10/12 1 Working Together Information Security Policy 1. Introduction Borders College recognises that
More informationinformation systems security policy...
sales assessment.com information systems security policy... Approved: 2nd February 2010 Last updated: 2nd February 2010 sales assessment.com 2 index... 1. Policy Statement 2. IT Governance 3. IT Management
More informationIM&T Infrastructure Security Policy. Document author Assured by Review cycle. 1. Introduction...3. 2. Policy Statement...3. 3. Purpose...
IM&T Infrastructure Security Policy Board library reference Document author Assured by Review cycle P070 Information Security and Technical Assurance Manager Finance and Planning Committee 3 Years This
More informationTo provide an effective, professional and customer focussed ICT Service Desk service to the customers of the Council, NHS and all Hoople customers.
JOB DESCRIPTION Job ination as shown on organisation chart Job Title: ICT Service Desk Post No: Analyst Directorate: Transation & Technology Division/ Department: ICT Operations, ICT Service Desk Grade:
More informationJob Description. The applicant will require the ability to learn key processes and gain an understanding of IT systems and how to support them.
Job Description Job Title Service Desk Function IT Services IT Service Desk Reporting to IT Service Desk Manager Direct Reports None Working Hours Standard 35 hours per week Normally working Mon Fri, this
More informationGuardian365. Managed IT Support Services Suite
Guardian365 Managed IT Support Services Suite What will you get from us? Award Winning Team Deloitte Best Managed Company in 2015. Ranked in the Top 3 globally for Best Managed Service Desk by the Service
More informationCyber and Data Security. Proposal form
Cyber and Data Security Proposal form This proposal form must be completed and signed by a principal, director or a partner of the proposed insured. Cover and Quotation requirements Please indicate which
More information