Perform security vulnerability assessments

Execute types of security testing, such as network penetration testing, wireless testing, code reviews, wireless and/or firewall assessments in accordance with industry-accepted methods and protocols to identify and analyse potential vulnerabilities.

skill/competence

sector-specific

Perform security vulnerability assessments is an essential skill of the following occupations:

Digital forensics expert: Digital forensics experts retrieve and analyse information from computers and other types of data storage devices. They examine digital media that may have been hidden, encrypted or damaged, in a forensic manner with the aim to identify, preserve, recover, analyse and present facts and opinions about the digital information.
ICT system tester: ICT system testers perform testing activities and some test planning activities. They may also debug and repair ICT systems and components although this mainly corresponds to designers and developers. They ensure that all systems and components function properly before delivering them to internal and external clients.
Ethical hacker: Ethical hackers perform security vulnerability assessments and penetration tests in accordance with industry-accepted methods and protocols. They analyse systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational weaknesses.
ICT system analyst: ICT system analysts specify the system needs to meet the end user requirements. They analyse system functions in order to define their goals or purposes and to discover operations and procedures for accomplishing them most efficiently. They also design new IT solutions to improve business efficiency and productivity, produce outline designs and estimate costs of new systems, specify the operations the system will perform, and the way data will be viewed by the end user. They present the design to the users and work closely with the users to implement the solution.
ICT resilience manager: ICT resilience managers research, plan and develop models, policies, methods, techniques and tools that enhance an organisation’s cyber security, resilience and disaster recovery.
ICT environmental manager: ICT environmental managers know the green ICT legal framework, understand the role of the ICT network configurations in the economy and energy resources deployment and evaluate the impact of CO2 footprint of each ICT resource in the organisation’s network. They plan and manage the implementation of environmental strategies for ICT networks and systems by conducting applied research, developing organisational policy, and devising strategies to meet sustainability targets. They ensure that the whole organisation uses ICT resources in a way that is as friendly as possible for the environment.

IT auditor: IT auditors perform audits of information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security. They evaluate ICT infrastructure in terms of risk to the organisation and establish controls to mitigate loss. They determine and recommend improvements in the current risk management controls and in the implementation of system changes or upgrades.

Perform security vulnerability assessments is optional for these occupations. This means knowing this skill may be an asset for career advancement if you are in one of these occupations.

ICT network technician: ICT network technicians install, maintain and troubleshoot networks, data communications equipment and network installed devices such as printers and storage area networks. They also analyse and fix network-related problems reported by users.

References

1. Perform security vulnerability assessments – ESCO