I will anticipate the potential impacts on critical assets and recommend applicable security measures

I will immediately assess enterprise relevant IT assets for any impact and recommend applicable security measures

I immediately provide a detailed report of the incident

I will be observant to the availability of possible fixes

Assess and track threats and vulnerabilities to systems within the network infrastructure

Analyse the sysytem to identify and recommend IT security control requirements to mitigate potential risks

Develop an IT security control framework for verifying IT security control effeectiveness

Perform security assessment of the system and recommend remediation

I will proactive step to check the systems and nertwork for any indicators of compromise (IOC) and recommend remedial processes in order to avoid similar security incidents.

I will adopt a systematic approach to identify the tactics, technique and procedures of the attack

I will collaborate with teams to apply the best controls to protect organisation' critical assets against such attack

I will analyse the attack patterns for security insight

I will avoid the cyber risk of opening the file to prevent spreading it to other system.

I will carefully check for inconsistent informations

I will broadcast the security incident to other in tthe team

I will logically assess the security incident to secure the systems from similar incident

I will perform thorough surveillance and monitoring of organisations' systems and nework operations

I will conduct a technical investigation to identify computer and network intrusions

I establish communication protocols and procedures and produce a detailed security incident reports for management

I will perform research and analysis on emerging threat sources

Monitoring systems and network for security anomalies

Deploying solution that prevents unauthorised access

Engaging with multiple stakeholders to failitate incident response

Triaging and prioritizing security incidents and alerts against business risks

By facilitating the development of IT security control baselines and procesess in compliance with standards and frameworks.

By recommending best security controls during Change Advisory Board meetings

By seeking and sharing technical knowledge with collleagues

By investigating incidents and responding to events in real time andi fxing vulnerabilities

Evaluate potential risks and develop security standards, procedures, and controls to manage risks in line with framework and regulations

Review and develop policies and procedures to manage risks associated with similar security incidents in future

Engaging with multiple stakeholders to understand the security incident and ownership of controls to monitor associated risks

Collect and analyze incident data, establish facts and draw valid conclusions

To gather information security controls evidence from vendors in compliance with business requirements and third party risk management framework

Analyse collated data and categorise service providers based on vendor residual and associated risks for proper monitoring

Explain with simple terms technical concepts to non-technical stakeholders

Collaborate and communicate with stakeholders business partners, third party/ supplier Business Activity Owners (BAOs) to monitor vendor associated risks

Investigative

Analytical

Managing

Engaging

I don't have much experience in the security field

I've gained some experience working with networks, but Ihave a lot to learn

I know how to protect my network and combat threats but I am just starting to learn how to proactively analyse behavior and prevent attacks

I'm the proud holder of almost every certification you can name and have spent number of years working in IT security

Helping others with basic cybersecurity knowledge

Testing network for security loopholes

Analysing users and systems data to identify cybersecurity threats

Managing threats and cybersecuirty incidents

Beginner

Intermediate

Advance

Master

Carry out a security assessment of the corporate network to identify any weakness

Attempt to exploit any vulnerability using a systematic approach

Communicate any security issue with possible remediation

Assess the potential impacts and risks of any identified security flaws

Oversee the monitoring of all IT security operations and infrastructures, policies and regulatory compliance, and to manage the deployment and maintainance of IT security tools and technology

Select appropriate controls and framework to secure the company's assets in line with business objectives

Ensure the design and implementation of secure IT network system with appropriate endpoint security measures

Develop and communicate high-level IT security reports influencing management strategic security decisions

Outgoing

Thorough

Practical

Smart

Gain a good understanding of the company's IT security controls requiremments

Have a clear picture of the organisation's IT processes, system and network

Assess the quality of company's system network and effectiveness of implemented controls

Effectively collaborate and report IT security findings with company's stakeholders

Stay within the purview of ISO 27001 standards while conducting an ISMS audit

Assess the control effectiveness within the scope of the company's ISMS implementation

Pre-design and communicate an audit plan and report any gap with the resolution timeline

Always maintain a zero trust approach

Designing

Organising

Discussing ideas

Solving problems

Inquisitive

Integrity

Detail-oriented

Tech-know how