Network Security Manager (NSM)
Role and tasks
Professional who carries out the task of managing the security of a computer network, working individually or as part of a team.
The professional defines the security policies of the organisation's network and the actions to be taken in case of an emergency. He/she supervises the perimeter security and manages the implementations which are necessary to achieve an optimal level of security in the organisation's computer network. He/she also communicates with the other professionals involved in the security of the organisation's computer systems (computer network management, software design or management of development projects, database administration, etc.).
Competences developed
- Ability to perform tasks according to the code of ethics and the legal aspects of the ICT environment.
- Ability to analyse the architecture and structure of an organisation's computer network, as well as to understand the implications for the systems and applications it supports.
- Knowledge of the current and emerging communication technologies to define the most suitable solutions for the security of the company's network.
- Ability to promote and evaluate different technological alternatives and/or actions for a specific security problem of a computer network.
- Ability to adapt to new technologies and environments to update his/her professional competences.
- Ability to work in a team, negotiation skills, and efficient and high-standard communication (written and spoken) within a professional environment
- Ability to abstract a problem to the appropriate level in order to analyse and resolve it by using suitable skills and knowledge
Activities performed
- Established and periodically reviewed the security policy of the organisation's computer network taking into account the prevention criteria and techniques which are necessary to ensure the perimeter security against the most common incidents, as well as the corresponding regulations, processes, and training of the users.
- Updated his/her knowledge of the standards and best practices of perimeter security and different kinds of vulnerabilities which exist in different types of computer networks connected to or via the Internet.
- Established the necessary relations with the security authorities and provided convenient information and alert systems to ensure and improve the security of the managed computer network.
- Applied the most suitable techniques and systems for user authentication and user securisation at remote workstations which are interconnected via Internet or third party networks.
- Applied the most suitable techniques and systems for the detection of intruders and/or security violations in the organisation's network.
- Established the processes and took the most suitable decisions in the event of any violation of the security of the organisation's computer network.
- Parameterised, extracted and analysed data from different monitoring, control and network management tools, and appropriately used and interpreted the most common cryptographic tools.
- Created and maintained the register of security incidents to document the cases that occurred, as well as the corrective and preventive actions taken.
- Created and updated the risk analysis of the computer network to implement the corresponding security measures complying with the related legal aspects.
- Established and supervised the suitability and/or parameterisation of the security of the infrastructure of the computer network.