Personal attributes

an inquisitive nature and a problem-solving approach
prioritises work and escalates issues appropriately
interpersonal skills enabling effective interaction with technical and non-technical teams
verbal and written communication skills
evaluating the probable social, commercial, cultural, ethical and environmental consequences of an action

Specialist skills

interpreting, analysing, and reporting information/data security events and anomalies in accordance with Information Security directives
assessing new vulnerabilities, investigating solutions, and recommending controls to minimise risks that could arise
operating network intrusion detection, forensics, network access control, and other information security systems
troubleshooting and resolving failed patch installations and SCCM automation jobs
configuring and troubleshooting networks
using network and application scanning tools and utilities, such as SCCM, Nexpose Rapid 7, HP WebInspect, HCL AppScan, Nessus, Burp Suite and NMAP
configuring encryption protocols and algorithms
onboarding and decommissioning devices
maintaining an asset database.

CIISec Skills Groups* (additional Skills Groups may also be relevant to particular jobs)

E2 – Secure Operations & Service Delivery

Principles:

securely configures and maintains information, control and communications equipment in accordance with relevant security policies, standards and guidelines
this includes the configuration of Information Security devices (e.g., firewalls) and protective monitoring tools (e.g., SIEM)
implements security policy (e.g., patching policies) and Security Operating Procedures in respect of system and/or network management
undertakes routine technical vulnerability assessments
maintains security records and documentation in accordance with Security Operating Procedures
administers logical and physical user access rights
monitors processes for violations of relevant security policies (e.g., acceptable use, security, etc.)

F1 – Intrusion Detection and Analysis

Principles:

monitors network and system activity to identify potential intrusion or other anomalous behaviour
analyses the information and initiates an appropriate response, escalating as necessary
uses security analytics, including the outputs from intelligence analysis, predictive research and root cause analysis in order to search for and detect potential breaches or identify recognised indicators and warnings
monitors, collates and filters external vulnerability reports for organisational relevance, ensuring that relevant vulnerabilities are rectified through formal change processes
ensures that disclosure processes are put in place to restrict the knowledge of new vulnerabilities until appropriate remediation or mitigation is available
produces warning material in a manner that is both timely and intelligible to the target audience(s).

*Non-Commercial - No Derivatives (BY-NC-ND) license. 2021 Copyright © The Chartered Institute of Information Security. All rights reserved. Chartered Institute of Information Security®, CIISec. Chartered Institute of Information Security®, CIISec®, AfCIIS®, ACIIS®, MCIIS®, FCIIS® and the CIISec graphic logo are trademarks owned by The Chartered Institute of Information Security and may be used only with express permission of CIISec.

Experience

Any role which carries out research, closely analyses a situation or event, and shares findings with colleagues may provide a foundation, with additional specialist training, for moving into Vulnerability Management.

Such roles include:

police services: detection and intelligence roles
military services: intelligence analysts
business assurance
communications engineers

Vulnerability Management

More about a career in Vulnerability Management

An introduction to this specialismWorking life

An introduction to this specialism

What will your responsibilities include? What are your tasks likely to include?Responsibilities

What will your responsibilities include? What are your tasks likely to include?

What core, related and wider knowledge is important for working in this specialism?Knowledge

What core, related and wider knowledge is important for working in this specialism?

What personal attributes might you need? What specialist skills are important?Skills

What personal attributes might you need? What specialist skills are important?

What other cyber security or IT role might you progress to from this specialism?Moving on

What other cyber security or IT role might you progress to from this specialism?

Which certifications and qualifications are relevant to roles in this specialism?Qualifications

Which certifications and qualifications are relevant to roles in this specialism?