Secure Operations
Secure Operations Career Overview
Those in the Secure Operations pathway oversee networks and systems to make sure they provide users and other systems with the desired services, but they also have the additional duty of seeing that this is done safely. These individuals monitor security measures and adhere to formal secure operating procedures. They make sure that the controls that verify and authorise users' access are operating properly anywhere that users interact with systems to read or process data, as is typically the case. When installing new systems or updating old ones, Secure Operations professionals carefully arrange the installation to minimise disruption to current services and ensure that the modifications won't introduce new vulnerabilities or impair operations.
If an incident is confirmed, Secure Operations will support the incident response by restricting access to particular components of the system or network, making sure that any control failures are fixed, and making sure that all other controls are operating as they should. Additionally, this role might need to quickly reconfigure a portion of the network to isolate it for further digital forensics analysis. They are proficient with server-level software, including operating systems, system processes, and directories. Specialists in this pathway will have a solid understanding of the current cloud platforms if their systems are running on the cloud. If there is significant local hardware as well, Secure Operations will be familiar with managing maintenance, updates, and repairs as well as monitoring its operation.
What are the roles and responsibilities of a Secure Operations Practitioner?
In order to safeguard the organisation's data and processes from assaults and unintentional security mishaps, this pathway entails maintaining an organisation's information systems and networks in accordance with security standards and requirements.
The tasks likely included in this role are as follows:
- Ensure that system operation, like backups, is reliable and adheres to established standards.
- Minimise the risk to the security of existing systems and services while managing the transition to the operation of new components and systems.
- Maintain directories and other identification, authentication, and authorization controls.
- Track system performance, including metrics for security incidents.
- Promptly but safely apply upgrades (patches) to externally supplied software and hardware.
- Help users to view and process data in accordance with established access controls.
- Supervise the restoration of services following the resolution of a security incident.
What is the salary of a Secure Operations Practitioner?
As of September 2022, the median salary for a Secure Operations Practitioner is £65,000, although salaries of £100,000 for senior practitioners have been reported. The majority of the higher salaries are based in the UK’s larger cities, so it is to be expected that roles elsewhere may offer lower wages.
Data has been taken from ITJobsWatch (IT Jobs Watch | Real-Time Digital & IT Job Market Trends & Actionable Insights), which calculates the median from job vacancies published online within the last 6 months.
What are the knowledge, skills, and behaviours required in Secure Operations?
- Has a solid understanding of the setup, running, and upkeep of secure systems, as well as the detection and reaction to security issues and the gathering and use of threat intelligence.
- A thorough understanding of identity management and authentication technologies in all their facets, as well as the architectures and tools that enable authorisation and accountability in both contained and distributed systems.
- An awareness of operating systems' security features, including isolation in multiuser systems, secure virtualisation, and security in database systems, as well as how to implement these features.
- Has knowledge of the security facets of networking and telecommunication protocols, such as the security of routing, network security components, and particular cryptographic algorithms used for network security.
- Possesses the capacity to set up and control operations on servers and network security equipment.
- Can select and develop system performance measurement tools for change management.
- Can keep an eye on both system security and performance.
- Able to comprehend formal procedures, follow them, and evaluate their success.
- Has a keen eye for detail and sound reasoning abilities.
- Has a grasp of user and business needs.
What are the career paths in Secure Operations?
In the majority of companies, managing the security of information system operations is incorporated into managing the systems as a whole. There may be professionals in other firms who nearly exclusively focus on security, possibly in a separate Security Operations Centre (SOC).
A small business might just have one person in charge of overseeing all system operations, including security, especially if those systems are mostly or completely cloud-based.
A team of system operators, system administrators, and operations centre managers may be present in larger organisations where the security of operations is incorporated into system management. Senior operations managers to junior system operators are all given varying amounts of responsibilities.