Skip to content

Security-Operations

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

Security-Operations

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
Management
Management
 
 
Security-Analyst
Security-Analyst
 
 
Security-Engineer
Security-Engineer
 
 
README.md
README.md
 
 

README.md

Security Operations Roles

Words that resonate with SecOps: Awareness + Response + Prevention. We work proactively and reactively to increase awareness of threats. We are the first responders for security incidents and work closely with the Legal, Compliance, and I.T. Operations teams. We do the heavy lifting to implement and improve the controls underpinning our Information Security Management System (ISMS), making it easier for teams to do their jobs safely. We have three disciplines/sub-teams: Security Analysts, Security Engineers, and Cloud Security Engineers.

Security Analysts, Security Engineers, and Cloud Security Engineers are three distinct roles that closely align with each other, albeit on separate career tracks. If we were to distill their role definitions, they would be as follows:

  • Security Analysts are at the forefront of our security operations. They continuously monitor and assess threats, providing real-time awareness and insights. By analyzing data and identifying patterns, they proactively work towards preventing security incidents and ensuring the security and integrity of our systems and data.
  • Security Engineers architect, build, and maintain our security tooling and platforms. They collaborate closely with R&D teams to design and implement secure systems and applications. Working hand-in-hand with our security analysts, they ensure that our security measures are effective and scalable, enabling us to respond swiftly to emerging threats.
  • Cloud Security Engineers are essentially the same as our security engineers, but they specialize in cloud security practices and cloud environments. Implementing advanced cloud security measures ensures our cloud environments are resilient against threats and compliant with industry standards.

Our roles are defined by expectations for each level in terms of:

  • Planning Horizon: The typical timeframe to be thinking ahead about your impacts.
  • Impact Radius: The number of people or teams typically impacted by your work.
  • Evaluated By: The person typically accountable for evaluating your performance.
  • Responsibility and Direction Needed: The expected degree of autonomy at that level.

...and in each of the following dimensions:

  • 🦉 Domain Expertise
  • 🌱 Teaching and Mentoring
  • 🧭 Culture and Leadership
  • 🏆 Business Success

The following pages provide demonstrable values and concrete examples to describe these expectations:

  1. L1 Junior Security Analyst
  2. L2 Security Analyst
  3. L2 Security Engineer
  4. L3 Senior Security Analyst
  5. L3 Senior Security Engineer
  6. L3 Senior Cloud Security Engineer
  7. L4 Security Analyst Technical Lead
  8. L4 Security Engineer Technical Lead
  9. L5 Senior Security Operations Manager

💡 Tip: To help guide conversations about your progression with your manager, open multiple tabs and contrast the expectations across adjacent levels.

See also: Guidance on Levels, Maturity, and Performance Reviews.