shutterstock_617737619-1536x830.jpeg

Secure Operations

shutterstock_617737619-1536x830.jpeg

Secure Operations

Secure Operations is the management of an organisation’s information systems operations in accordance with the agreed Security Policy.

You manage systems and networks to ensure they deliver the expected services to their users and other systems, but with the particular responsibility of ensuring that this is done securely. You follow formal secure operating procedures and monitor security controls. Wherever - as is normally the case - users interact with systems to read or process data, you ensure that the controls which authenticate them and authorise their access are working properly. When there are updates to existing systems or new ones to install, you plan the implementation carefully to minimise disruption to existing services, and assure yourself that the changes will not create new vulnerabilities or disrupt services.

Your work is mostly guided by the agreed standards 

On the program learners will receive knowledge and skills relating to the following areas:

  • Secure Operations Management

  • Secure Operations and Service Delivery

  • Incident Management

  • Authentication, Authorisation and Accountability

  • Operations Systems and Virtualisation Security

  • Network Security

  • Cyber-Physical Systems Security

  • Distributed Systems Security

  • Human Factors

  • Nework Security

  • Forensics

  • Malware and Attack Technologies

and procedures. But, in the event of concern about a failure of the security controls, you focus on rapidly investigating the situation with colleagues in other specialisms. If there is a confirmed incident, you support the incident response by closing access to some parts of the system or network, ensure that any failure in the controls is addressed, and check that other controls are working as they should. You may also need to quickly reconfigure parts of the network to isolate it for deeper investigation by colleagues in digital forensics.

This is all fairly technical work, and you have a good understanding of server-level software such operating systems, system processes and directories. If your systems are running in the cloud, you will have developed a good understanding of the cloud platforms in use. If there's also substantial local hardware, you know how to monitor its operation and, in particular, to manage maintenance, upgrades and repairs. You work collaboratively with other specialists and, possibly, users, if you provide support.

Your primary responsibility is to keep the services operating reliably and securely, serving the needs of the business. This means you have a fair understanding of the relationship between systems and their role within the business; this is so you can, when necessary, prioritise support for those systems that are most crucial to business operations.

You're very organised and rigorous in managing, possibly even rejecting, any requests for access to the live systems from other teams who may want to test or investigate them, especially developers. 

Depending on the size of the organisation and the extent to which information systems and cyber security services are run in-house, you may either be part of a structured secure operations team or solely responsible for this. In either case, you may work shifts across a long day, or work at any time if there's a technical problem or a suspected security incident.

Given how much technology for which you're responsible, you stay on top of changes. You assess new technologies and explore whether they could make your current systems more effective, efficient or secure. You certainly understand both the updating of technology already in use, and how to manage the upgrading of it.

Entry Level Program

Learners will receive...

  • Coming soon...

Practitioner Level Program

Learners will receive...

  • Coming soon...