252910 - Information and communication technology security engineer
Provides consultations and implements access to data and program control solutions, ensures the protection of organizational goals and business processes, protects information related to the organization or product, is responsible for the protection and security of related systems. Responsible for network and systems security and design, plans and implements systems security architecture, including reference models, segment and solution structure, as well as security policies and procedures. Updates and improves security systems, responds to security-related incidents. Collaborates with security teams, identifies, assesses, and adapts requirements and participates in cyber operations targeting, assessment, synchronization, and execution processes. Collaborates with other planners, operators and analysts, performs ex post evaluation.
Main activities
• develops and enforces written rules and policies, ensuring that the organization is protected from stakeholder behavioral constraints, protective mechanical constraints, and data access restrictions;
• analyzes the operation and results of information systems, determines their goals, structure and services, procedures and operations that meet the requirements of end users;
• uses specialized software tools, performs tests, ensures flawless operation of the software product in accordance with established customer requirements, identifies software defects (disruptions) and failures;
• identifies and evaluates factors that may harm the success of the project or pose a threat to the functioning of the organization;
• ensures that the information collected during investigations remains only in the hands of those persons who have the right to receive and use it.
Characteristic competences
• define security rules;
• analyze the system of information and communication technologies;
• perform software tests;
• perform a risk analysis;
• ensure information security.