|
|
A Microsoft Certified Systems
Engineer Security Specialist, also known as an information
security engineer, or security administrator, is an IT
professional who designs and manages an organization’s
security infrastructure. This includes choosing the network
hardware and network operating systems, locking down those
systems, and staying focused on possible weaknesses in those
systems and hardening them as appropriate.
Duties of an information
security specialist include the analysis of an
organization’s security risks and requirements, rating the
importance of a company’s products and services, and the
related design, implementation and maintenance of the
security infrastructure to protect the business from
security breaches. This role has overlap with that of a
network engineer but is higher level in that it is a more
specialized role. A very good understanding of networking,
both hardware and operating systems, and the web is
critical. As the old saying goes, bank tellers don’t spend
as much time learning about counterfeits as they do with
knowing the real thing, the same applies to security
specialists: they must have an intimate knowledge of their
systems in order to best know their weaknesses and how to
overcome those weaknesses. As well, strong interpersonal
skills are also important, as security specialist must be
able to convey to management the security risks, as well as
be able to keep close tabs of newly discovered holes in
their systems. They likely work in a team with other more
and less qualified security staff and so must be able to
communicate both up and down the chain of command.
An information security
specialist often starts out as a network engineer and may
move on to more specialized roles within the security or
educational realm, such as information security architect,
or else move towards IT management. Whichever path they
take, these professionals tend to be at the high end of the
IT pay scale.
|