Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

• If you were a security manager, what sort of team members would you hire? If y

ID: 3912657 • Letter: #

Question

• If you were a security manager, what sort of team members would you hire? If you could hire several staff members for a new security team, what specific skills and qualities would you look for in each of them? What type of training would you want to provide to them, so each of them could manage a different "security area" on the team?
• List the five typical duties of a technically oriented security team member. Then, list the five typical duties of a security team member who is more knowledgeable about administrative processes. Turn each of these lists into a short job advertisement that a security manager could use to fill two positions on the team: one technical and one administrative.

What skill(s) is of utmost importance you look for in a new candidate?

Why is it so important and in some organizations a must to have a security program, professionals in place?

Explanation / Answer

As the question is posted in Computer Science section, I am assuming the “security” implies “Cyber Security”.

There is an emerging need for cybersecurity expertise across the board but finding the right security professional is not an easy task. If I were a security manager, I would have been considered following factors:

1. Professional Experience: The number one thing to look for is someone with experience in information security--but not necessarily in the specific industry. Education alone doesn’t make a good security expert; having hands-on experience means that the person has knowledge of how to deal with problems when they arise and how to provide the leadership that the team needs. A candidate that has experience working on different teams will have a good grasp of the challenges that each one faces and be able to manage those in relation to security needs.

2. Culture Fit: It’s important to find a candidate who fits the culture of the company and work environment. Ensuring that this person has the same mission and values of the company and the team they are leading (or the team you want them to build) is critical to their overall success and the success of the company’s security program.

3. Business Understanding: A security team member must also understand how the business operates and not just think of security for security's sake. Being able to see what’s important to the business and how it operates will make a manager better equipped to deploy the right kinds of security technology and protections. While the role of the Chief Information Security Officer is to see the business through a security lens, a security manager should see security through a business lens.

Security Engineer: Depending on the size, composition, and needs of the organization, the company may have a variety of security engineers and/or architects in security team. While the broadest job title is “security engineer,” there may also be people on the team who specialize in SIEM, endpoint security, and other specific areas of security engineering.

Team members in this role are responsible for building security architecture and engineering security systems, as well as working closely with DevOps teams to ensure continuity and speed of releases. They should also be able to document the requirements, procedures, and protocols of the architecture and systems they create.

Security Analyst: Security analysts are, in many ways, the foot soldiers of the organization. Their job is to detect, investigate, and respond to incidents. They may also be involved in planning and implementing preventative security measures and in building disaster recovery plans. Depending on the vulnerabilities your organization faces and the nature of your security program, analysts may need to be on-call at various times to handle incidents as they arise.

Analysts may also be responsible for recommending new technologies and installing them, as well as training other team members to use them. Many organizations break security analysts out by level or tiers, where the rank determines the skill level of the analyst. Higher-ranked analysts will handle escalated events or more complicated incidents that junior analysts may not be prepared for and perform proactive hunting for threats that may have escaped their alerting systems.

Related Questions

• Choose a Adidas brand company that have product for both genders and analyse t
Question #3487428
• Choose a company’s consumer based product for both genders and analyse the fol
Question #3486991
• Consider the following: o You are caring for two patients in the hospital sett
Question #312960
• Consider the problem of trying to place 8 queens on a chess board such that no
Question #3676381
• Consider the problem of trying to place 8 queens on a chess board such that no
Question #3676385
• Create a ShipRegistry class that implements ShipRegistryInterface. It will con
Question #3695765
• Create a class that acts as a doubly linked list node. It should contain all t
Question #3684333
• Create a user player and a computer competitor. • Ask the user for number of g
Question #3626059

Navigate

Previous
• If you can sell a product for $67 and it costs you $28 per unit to produce, wh
Next
• Illinois transportation runs passenger and freight services between Chicago ai

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.