Professional knowledge
At the concept level:
1. Future technologies and their appropriate applications.
2. Basics of designing secure data centres, servers, storages and networks.
3. Obsolete, existing and new hardware components and infrastructure modules.
4. Web, cloud, mobile and environmental requirements.
5. Good practice.
6. Potential and opportunities of relevant standards and best practices.
7. Impact of legal requirements on information security.
8. Link between the elements of the system infrastructure and the impact of a failure on the business processes associated with it.
9. Infrastructure of a company/institution that may be the target of security incidents.
10. Web, cloud, mobile and environmental requirements.
11. Best practices (methodologies) and standards in risk analysis.
12. Various technical documents needed to develop, enhance and deploy products, apps and services.
13. Business challenges and risks.
14. Various technical documents needed to develop, enhance and deploy products, apps and services.
15. Business challenges and risks.
At the level of understanding:
1. Relevant sources of information (journals, conferences and events, newsletters, leading experts, online forums, etc.).
2. Mobile technologies.
3. Threat modelling techniques.
4. Impact of system integration on an existing organisation.
5. Techniques for interfacing modules, systems and components.
6. Software packaging and
7. methods and techniques of dissemination.
8. Monitoring the provision of services.
9. Company information strategy.
10. Potential security threats.
11. Procedures for escalating critical situations in a company.
12. Safety architecture principles.
13. Cyber-attack techniques and measures to avoid them.
14. Expertise in computer hardware.
15. Preventing the risk of countermeasures in planning.
16. Product version control documentation.
17. Resources to meet stakeholder demands.
18. Product version control documentation.
19. Resources to meet stakeholder demands.
At the level of use:
1. Discussion rules in online communities.
2. Techniques for requirements modelling and needs analysis.
3. Solution development methods and their rationale (prototyping, agile methods, reverse engineering, etc.).
4. Integration testing techniques.
5. Development tools (e.g. development environment, governance, source code access/version control).
6. Problem management techniques (operation, performance, compatibility).
7. Mobility strategy.
8. Different service models (SaaS (Software as a service), PaaS (Platform as a service, IaaS (Infrastructure as a service)) and operational forms.
9. A company’s overall ICT infrastructure and key components.
10. Appropriate ICT user applications.
11. Organisation of database structure and content.
12. Internal auditing of information and communication technologies and techniques for detecting security problems.
13. Applying risk analysis in the light of a company’s values and interests.
14. Company safety documentation and processes, including decision-making, budgeting and governance structure.
15. Company safety documentation and processes, including decision-making, budgeting and governance structure.

Professional skills and attitudes:
1. Use knowledge of new future technologies and business acumen to anticipate and formulate future solutions.
2. Provide guidance and advice to management to support strategic decision-making.
3. Develop and produce generic functional specifications and interfaces.
4. Apply prior knowledge of the Secure Infrastructure methodology.
5. Apply prior knowledge of the Secure Infrastructure methodology.
6. Systematically take steps to identify compatibility between software and hardware specifications.
7. Document all actions taken during installation and record deviations and corrective actions.
8. Comply with appropriate security standards and change control procedures to maintain the integrity of a system’s functionality and reliability.
9. Systematically take action to design system elements, identify faulty components and determine the root causes of failures.
10. Follow the instructions to record and track trust data and compare it with service level agreements.
11. Systematically analyse performance data and escalate potential service level failures and security risks to improve service reliability.
12. Use in-depth expertise and benefit from external standards and best practices.
13. Manage and participate in the development of process instructions.
14. Identify, classify and record incidents and service disruptions, cataloguing them by symptom and resolution.
15. Use one’s experience to solve user problems and browse the database for possible solutions.
16. Systematically monitor and investigate the environment to identify vulnerabilities and threats and prevent any security breaches.
17. Record and escalate non-conformities and complex and intractable incidents.
18. Apply risk management principles and explore ICT solutions to adapt security and mitigate risks.
19. Audit of ICT processes and environment.
20. Organise test programmes and create scripts to perform load tests for potential vulnerabilities and document the results.
21. Take systematic action to respond to and react to day-to-day operational needs, avoiding service interruption and complying with service level agreements and information security requirements.
22. Determine the documentation requirements, taking into account the purpose of the documentation and its intended audience.
23. Be accountable for own actions and those of others, managing a limited number of stakeholders.
24. Communicate with staff and provide all staff with the necessary safety information.

Professional competences:
1. Ability to identify, evaluate, justify and recommend the best solution and service providers.
2. Ability to evaluate the use of prototypes to contribute to the validation of collected and formatted requirements.
3. Ability to identify and communicate systematically and frequently with customers, users and stakeholders.
4. Ability to determine system performance and verify that the capabilities and effectiveness of the integrated system meet the specification.
5. Ability to document and record activities, problems and associated fixes, protect/duplicate data to ensure integrity during system integration.
6. Ability to organise database populations and manage data migrations, organise and plan beta test activities, test solutions in a production-ready operational environment.
7. Ability to configure components at any level, identify and perform the expertise needed to solve interoperability problems.
8. Ability to critically analyse and develop a company’s information security strategy.
9. Ability to perform security audits, identify potential critical component failures and take action to mitigate the effects of failure.
10. Ability to analyse a company’s most important assets and identify weaknesses and areas that are not fully protected against intrusion or attack.
11. Ability to develop a risk management plan to identify necessary preventive actions, develop and document risk analysis outputs and risk management processes.
12. Ability to keep company safety records up-to-date, set realistic expectations and explain the need for safety actions.
13. Ability to keep company safety records up-to-date, set realistic expectations and explain the need for safety actions.