Computer Security Officer

Duties

Computer Security Officers set security standards and policy, performs investigations, performs security assessments of new and existing systems. (Works with infrastructure, networking, user support, application support). Ensures DR plans and infrastructure are in place to meet needs.

Skills Required

Computer Security Officers must have knowledge computer operations and computer security. They must understand organizational security and related policies. Relevant certifications include CISSP and MCSE.

Policies Affecting the Computer Security Officer Position

Must Take Specific action

  • Password Policy - Must enforce the password policy in project assessments including how account reset is done, whether password complexity requirements are properly set and working, whether maximum password age is set, and password reset functionality exists. May write this policy.
  • #Remote Access Policy - Must enforce remote access policy when remote access connections are approved.
  • Computer Training Policy - Determine whether users are aware of applicable policies and have been trained adequately for general computer use and specifically regarding computer security and scamming schemes.
  • Acceptable Use Policy - Investigates violations of the acceptable use policy and reports results either to the user's manager or HR depending upon organizational requirements.
  • User Privilege Policy - Security officers may need to help create computer security training programs by working with training staff for users that have more than basic access.
  • Privacy and Confidentiality Policy - The security officer must work with other information technology staff to be sure the proper controls of access, encryption, disposal, and other controls are followed to protect confidential information.
  • Internet Connection Policy - Must ensure that connections to the internet are approved. Any wireless or modem connection must be approved. Checks to determine that the surf control program is meeting the set standards. The security officer may need to approve connections and check for illicit connections or inappropriate use depending on organizational requirements and defined duties.
  • Approved Application Policy - When suspicious activity is detected, check to be sure that users are not using unapproved programs and may need to resolve security incidents when the policy is not followed.
  • #Network and Server Scanning Policy - Security officers doing scans must be sure they notify administrators before scans are done and report the scan results.
  • Perimeter Security Policy - Security officers must be sure the network structure is in compliance with this policy when it is designed and as it is maintained.
  • Internet DMZ Equipment Policy - Security officers should help develop server and network equipment maintenance processes. Security officers should work with administrators to ensure DMZ equipment is in compliance with this policy.
  • Router Security Policy - Security officers should help develop server and network equipment maintenance processes. Security officers should work with administrators to ensure routers are is in compliance with this policy.
  • Telecommunications Communication Policy - Security officers should work with network staff to ensure to ensure circuits and facilities are is in compliance with this policy and regularly monitored for security and quality reasons.
  • #Surf Control Policy - One or more security officers will perform administration on surf control equipment and enforce this policy.
  • Equipment and Media Disposal Policy - Auditors must periodically check to be sure this policy is being followed and the asset disposal procedure is effective.
  • #Mobile Computer/Device Policy - Security officers should provide guidance and processes regarding proper disposal of equipment and information storing media. Security officers should enforce this policy when they can.
  • Patch Management Policy - Security officers should help develop server and network equipment patch management processes. Security officers should work with administrators to ensure servers and equipment are is in compliance with this policy.
  • System Lockdown Policy - Security officers should help develop server and network equipment system lockdown processes. Security officers should work with administrators to ensure servers and equipment are is in compliance with this policy.
  • Server Monitoring Policy - Security officers should help develop server and network equipment monitoring processes. Security officers should work with administrators to ensure servers and equipment are is in compliance with this policy.
  • Backup and Recovery Policy - Security officers should help develop server and network equipment backup management processes. Security officers should work with administrators to ensure servers and equipment are is in compliance with this policy.
  • Audit Trail Policy - Security officers should help develop server and network equipment audit processes. Security officers should work with administrators to ensure events are being logged on servers, reviewed, and retained according to the policy.
  • Authentication Mechanism Policy - Security officers should when possible check to ensure users do not share accounts and have minimum privileges to perform their duties. Security officers should require account information to not be sent in the clear but using encrypted or hashed according to policy. Security officers can use security assessments of applications to enforce this policy for projects.
  • #Computer Forensics Policy - Security officers must ensure computer forensic evidence is preserved and that investigations are conducted according to the policy.
  • Server Security Policy - Security officers should help develop server and network equipment security processes. Security officers should work with administrators to ensure servers and equipment are in compliance with this policy.
  • Email Policy - Security officers should help develop email security processes. Security officers must work with email administrators to ensure email is properly scanned and handled according to estabilished policy and processes. Security administrators should help ensure that inbound and outbound mail is filtered for both spam, anti-virus, and illegal file types.
  • Server Setup and Configuration Policy - Security officers should help develop server setup and configuration processes. Security officers should work with administrators to ensure servers are in compliance with this policy.
  • #Certification and Accreditation Policy - Security officers must be qualified to perform security certifications and accreditations. Security officers must perform or oversee certifications and accreditations as required by policy. Security officers should develop certification and accreditation procedures and tests for systems.
  • Information Sensitivity Policy - Security officers must work with system administrators and business management to identify sensitive information and ensure that this policy is followed regarding security controls appropriate for the data sensitivity and also consider backup media, mobile devices, media and device disposal.
  • #Risk Assessment Policy - Security officers must conduct risk assessments according to the policy.
  • Database Passwords Policy - Security officers should work with administrators and programmers to help develop database processes and practices that are secure and follow the principles of least privilege.
  • Encryption Policy - Security officers must work with project managers and administrators to ensure that this policy is being followed for data requiring encryption.
  • Application Implementation Policy - Security officers should work with application developers to ensure that they follow the standards according to the policy.
  • #Incident Response Policy - Security officers must respond to security incidents in accordance with incident response procedures.
  • Intrusion Detection Policy - Security officers must be sure intrusion detection equipment is in the required locations and monitor intrusion detection equipment. Security officers must be sure intrusion detection processes are in place and made aware to those affected.
  • Disaster Recovery Policy - Security officers may be part of the disaster recovery planning team. They must work with the business management to be sure disaster recovery goals can be met. They must put the appropriate processes in place and be sure the processes are adequately communicated.
  • Extranet Policy - Security officers must be sure external connections are approved and meet the policy requirements.
  • Insurance Purchase Policy - When security officers perform risk analysis, they must be sure to inform management when purchase of insurance is a factor or should be considered.
  • ?#Segregation of Duties Policy - Security officers should ensure that projects comply with this policy when performing security assessments. Security officers should work with system administrators to help enforce this policy.
  • Change Management Policy - Security officers should work with project managers, system administrators and others to ensure they comply with this policy. Software should be distributed in accordance with the policy, software versions are controlled and documented, the development life cycle policy is followed, and the change process must be followed.
  • Auditing Policy - Security officers can expect to have their assessments and other work audited.
  • Software Standards Policy - Security officers help write and maintain software standards and work with software developers to be sure they understand the standards and write code that complies with the standards.
  • Business Continuity Policy - Security officers may be part of the emergency services office. Security officers will assist with the development of business continuity plans and ensure that business continuity is planned as a part of every project that they perform an assessment for.
  • Development Life Cycle Policy - Security officers must perform assessments of projects as required by the policy and be sure projects they are involved with comply with this policy.
  • Configuration Management Policy - Security officers should work with project managers, system administrators and others to ensure they comply with this policy. Software versions should be controlled in accordance with the policy.
  • #Emergency Access Policy - Security officers must assist with the development of emergency access procedures. After emergencies, security officers should check to determine whether this policy and associated policies were followed. They should look for ways to improve processes.

Must be Aware

  • Account Management Policy - Security officers must understand this policy and be sure that projects consider account management.
  • Employee Termination Policy - Security officers must understand this policy and be sure that projects consider employee termination and associated account management issues.
  • Browser Configuration Policy - Security officers may help determine browser configuration processes.
  • Wireless Communication Policy - Security officers may help approve wireless devices for use.
  • Network Documentation Policy - Security officers should be aware of this policy and be able to access network documentation when needed for their job function.
  • Virus Protection Policy - Security officers should be aware of this policy so they can recognize when there is a compliance failure.
  • Server Documentation Policy - Security officers should be familiar with this policy and use the server list when required to aid them in their job role.
  • Computer and Printer Naming Policy - Security officers should understand how computers are named.
  • IP Address Assignment Policy - Security officers should understand how IP addresses are assigned and the means to prevent IP address conflict reports.
  • IT Steering Committee Policy - Security officers may be involved with the creation of an organizational security plan. They should understand the policy since it provides for review of new technologies and security threats.
  • Technology Planning Policy - Used to set the framework for developing technology plans. The security officers should understand this policy since they may be involved in technology planning.
  • IT Organizational Policy - Understand how the IT function is organized and how it supports the business.
  • Service Monitoring Policy - All IT staff must be aware that their services may be monitored for QA purposes.
  • Service Reliability and Continuity Policy - Security officers must be sure that projects consider reliability as required by the business.
  • Quality Policy - IT staff should be familiar with quality activities that affect their job.

Affects Job but Awareness not Required

  • Computer Training Policy - Is trained in various technical areas.
  • User Privilege Policy - May require more than basic access depending upon the organization.