Elements and Performance Criteria
- Assess network security threats and vulnerabilities
- Review current system security against organisational asset security requirements to identify security threats and vulnerabilities
- Analyse network, software, hardware and system security threats and vulnerabilities to prioritise deficiencies to be addressed
- Make recommendations to management to address security deficiencies according to organisational asset security requirements
- Implement countermeasures for identified threats and vulnerabilities
- Implement required level of perimeter security to meet organisational asset security requirements and according to identified threats and vulnerabilities
- Assess and implement server and network hardening techniques and measures
- Implement secure authentication and user account controls to secure data integrity and transmission
- Test and verify functionality and performance of countermeasures implemented
- Maintain and improve network security
- Review logs and audit reports to identify and record security incidents, intrusions and attempts
- Carry out spot checks and audits to ensure that procedures are not being bypassed
- Document newly discovered security threats vulnerabilities and recommendations in a report for presentation to superior to gain approval recommendations to be implemented