SFIA View: Skills for security professionals

Skills for security professionals

Some people are in specialist security roles. Typically all of their responsibilities are related to information and cyber security. Security professionals should first look at SFIA skills listed here.

Business risk management BURM

The planning and implementation of organisation-wide processes and procedures for the management of risk to the success or integrity of the business, especially those arising from the use of information technology, reduction or non-availability of energy supply or inappropriate disposal of materials, hardware or data.

Information security SCTY

The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.

Information assurance INAS

The protection of integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit. The management of risk in a pragmatic and cost effective manner to ensure stakeholder confidence.

Information governance IRMG

The overall governance of how all types of information, structured and unstructured, whether produced internally or externally, are used to support decision-making, business processes and digital services. Encompasses development and promotion of the strategy and policies covering the design of information structures and taxonomies, the setting of policies for the sourcing and maintenance of the data content, and the development of policies, procedures, working practices and training to promote compliance with legislation regulating all aspects of holding, use and disclosure of data.

Conformance review CORE

The independent assessment of the conformity of any activity, process, deliverable, product or service to the criteria of specified standards, best practice, or other documented requirements. May relate to, for example, asset management, network security tools, firewalls and internet security, sustainability, real-time systems, application design and specific certifications.

Digital forensics DGFS

The collection, processing, preserving, analysis, and presentation of forensic evidence based on the totality of findings including computer-related evidence in support of security vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.

Penetration testing PENT

The assessment of organisational vulnerabilities through the design and execution of penetration tests that demonstrate how an adversary can either subvert the organisation's security goals or achieve specific adversarial objectives. Penetration testing may be a stand-alone activity or an aspect of acceptance testing prior to an approval to operate. The identification of deeper insights into the business risks of various vulnerabilities.

Security administration SCAD

The provision of operational security management and administrative services. Typically includes the authorisation and monitoring of access to IT facilities or infrastructure, the investigation of unauthorised access and compliance with relevant legislation.

Specialist advice TECH

The development and exploitation of expertise in any specific area of information or communications technology, digital working, specific techniques, methodologies, products or application areas, for the purposes of providing specialist advice.

Continuity management COPL

The provision of service continuity planning and support, as part of, or in close cooperation with, the function which plans business continuity for the whole organisation. The identification of information systems which support critical business processes. The assessment of risks to critical systems' availability, integrity and confidentiality. The co-ordination of planning, designing, testing and maintenance procedures and contingency plans to address exposures and maintain agreed levels of continuity.

Incident management USUP

The processing and coordination of appropriate and timely responses to incident reports, including channelling requests for help to appropriate functions for resolution, monitoring resolution activity, and keeping clients appraised of progress towards service restoration.

Research RSCH

The systematic creation of new knowledge by data gathering, innovation, experimentation, evaluation and dissemination. The determination of research goals and the method by which the research will be conducted. The active participation in a community of researchers; communicating formally and informally through digital media, conferences, journals, books and seminars.

Measurement MEAS

The development and operation of a measurement capability to support agreed organisational information needs. The planning, implementation, and control of activities to measure attributes of processes, products, and services in order to assess performance, progress, and provide indications and insights to actual or potential problems, issues, and risks. The identification of requirements, selecting measures and measurement scales, establishing data collection and analysis methods, setting target values and thresholds. Measurement can be applied to organizations, projects, processes, and work products.

Supplier management SUPP

The alignment of an organisation’s supplier performance objectives and activities with sourcing strategies and plans, balancing costs, efficiencies and service quality. The establishment of working relationships based on collaboration, trust, and open communication in order to encourage co-innovation and service improvement with suppliers. The proactive engagement of suppliers for mutual benefit to resolve operational incidents, problems, poor performance and other sources of conflict. The use of clear escalation paths for discussing and resolving issues. The management of performance and risks across multiple suppliers (internal and external) using a set of agreed metrics.

Knowledge management KNOW

The systematic management of vital knowledge to create value for the organisation by capturing, sharing, developing and exploiting the collective knowledge of the organisation to improve performance, support decision making and mitigate risks. The development of a supportive and collaborative knowledge sharing culture to drive the successful adoption of technology solutions for knowledge management. Providing access to informal, tacit knowledge as well as formal, documented, explicit knowledge by facilitating internal and external collaboration and communications.

Learning delivery ETDL

The transfer of business and/or technical skills and knowledge and the promotion of professional attitudes in order to facilitate learning and development. Uses a range of techniques, resources and media (which might include eLearning, on-line virtual environments, self-assessment, peer-assisted learning, simulation, and other current methods).

Relationship management RLMT

The systematic identification, analysis, management, monitoring and improvement of stakeholder relationships in order to target and improve mutually beneficial outcomes. Gains commitment to action through consultation and consideration of impacts. Design the relationship management approach to be taken; including roles and responsibilities, governance, policies, processes, and tools, and support mechanisms. Creatively combines formal and informal communication channels in order to achieve the desired result.