Required skills
communication skills to liaise with internal and external personnel on technical, operational and business-related matters
literacy skills to:
collate, analyse and assess importance and relevance of product information
summarise and document information
write procedures
numeracy skills to take test measurements, interpret results and evaluate performance
planning and organisational skills to:
develop enterprise policy and procedures
plan, prioritise and monitor own work
research skills to interrogate vendor databases and websites
technical skills to:
configure a web server
identify key sources of information
see conflicts and integration capabilities between diverse equipment
understand specification sheets
use auditing and penetration testing techniques.
Required knowledge
Australian Computer Society Code of Ethics
client business domain, structure, function and organisation, including organisational issues surrounding security
copyright and intellectual property as related to website information
commonwealth Privacy Act 2000
current industry-accepted hardware and software products
desktop applications and OS as required
technical knowledge of functions and features of:
automated intrusion detection software
network address translation (NAT) related to securing internal IP addresses, buffer overruns and stack smashing with reference to operating system deficiencies
authentication and access control
common stored account payment systems
cryptography
CGI scripts
generic secure protocols
stored value payment systems
advantages and disadvantages of using the range of security features
protocol stack for internet communications
physical web server security, particularly remote host security threats.