unit logo

Information Security Management

Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.

Behavior Statements

Proficiency Level 1 - Basic understanding

Identifies tools and facilities used for maintaining corporate data as a critical resource.

Identifies types of information needing protection and security.

Cites examples of common information security breaches.

Describes types of potential threats, public alerts and the use of early warning systems.

Proficiency Level 2 - Working experience

Assists in dealing with key issues and requirements for appropriately securing information.

Analyzes data security and integrity considerations relevant to own function.

Implements published information security management practices and guidelines.

Follows procedures for the handling of computer security incidents and vulnerabilities.

Participates in monitoring, back-up, recovery and archival activities.

Proficiency Level 3 - Extensive experience

Supervises the development, maintenance and utilization of information security practices.

Coaches others on the application of all major information platforms and security practices.

Consults on the capabilities, features and use of in-house information security technologies.

Evaluates the rationale for existing and planned enhancements to information security architecture.

Optimizes operational standards for securing information assets.

Consults on information security architecture concepts, disciplines and practices.

Proficiency Level 4 - Subject matter depth and breadth

Leads in the design and development of enterprise-wide programs for information security.

Develops, directs, implements, and administers information security processes.

Establishes principles, blueprints and standards for information integrity.

Presents strategic initiatives, industry trends, information security products and services to management and stakeholders.

Leads in the development and implementation of information security management methodologies.

Provides leadership on information security tactics and strategies in multiple environments.

Interview Questions

  • How did you enhance your organization's information security architecture?
  • What kinds of problems did you encounter in defining operational standards for securing information assets?
  • What kinds of problems did you encounter in handling security incidents and vulnerabilities?
  • What kinds of information platforms did you work with in your previous position(s)?
  • Tell me about your previous experience or involvement in managing information security.

Titles with Shared Competencies