Description
Cybersecurity risk managers identify, analyse, assess, estimate and mitigate cybersecurity-related risks of ICT infrastructures such as systems or services. They manage these aspects by planning risk analysis, applying, reporting, assessing, communicating, and treating them. They establish a risk management strategy for the organisation and ensure that risks remain at an acceptable level for the organisation by selecting mitigation actions and controls.
EssentialOptional
Theoretical Knowledge
ICT network security risksICT security standardscyber securityinternal risk management policyethical hacking principlessecurity engineeringICT performance analysis methodsattack vectorsinformation security strategyrisk managementcyber attack counter-measuressecurity threatsassessment of risks and threatsweb application security threatsmobile device managementICT problem management techniquesdomain name serviceICT encryptionlevels of software testingsystems development life-cyclecloud security and complianceICT security legislationinvestment analysisICT project managementtools for ICT test automationICT system user requirementsorganisational resilienceICT recovery techniquesinformation confidentialitycomputer forensicsICT process quality modelshybrid modelInternet of Thingslegal requirements of ICT productsdecision support systemsaudit techniquesservice-oriented modellingOpen source modelICT quality policyinternet governanceOutsourcing modelcloud monitoring and reporting
Practical Skills
engage with stakeholderscommunicate with stakeholdersestablish an ICT security prevention planimplement ICT risk managementestablish an Information Security Management SystemICT safetymanage system securityensure adherence to organisational ICT standardsadvice on security risk managementdesign for organisational complexitydevelop information security strategyimplement cloud security and complianceimplement anti-virus softwareexecute ICT auditsimplement ICT security policiesdefine security policieslead disaster recovery exercisesuse back-up and recovery toolsimplement a firewalluse ICT ticketing systemimplement spam protectionidentify ICT security risksdevelop with cloud servicesdefine technology strategymanage disaster recovery plansmanage keys for data protectionimplement a virtual private networksolve ICT system problemsuse an application-specific interfaceremove computer virus or malware from a computer