SGC Job Analysis Questionnaire - R1G03 - Security Operations

 

 

You have completed 0% of this survey
0%
100%

For the role of Security Operations in the Smartgrid Cybersecurity environment, please indicate how frequently each task below would be performed by a person at the listed level of expertise, and how important is it that this task be completed by a person with the listed level of expertise.
*Maintain analytical resource POC information (Task ID: R1-9773)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Maintain professional credentials and networking relationships with professional organizations. (Task ID: R1-9777)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Prioritize alerting after analysis into pre-defined buckets. (Task ID: R1-9122)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Recognize dissenting analytical opinions (Task ID: R1-9778)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Select a team of internal experts that should be consulted (Task ID: R1-9769)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Test the incident response program / plan. (Task ID: R1-9775)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Train staff on the incident response program / plan. (Task ID: R1-9774)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Update the incident response program / plan based on feedback from testing. (Task ID: R1-9776)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Identify source of all infections or successful attacks (Task ID: R1-9706)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Monitor all systems that were suspect or confirmed during an intrusion/incident (Task ID: R1-9701)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Report eradication status and success to include confidence to management (Task ID: R1-9704)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Review running processes to determine if clean up efforts removed suspect software/code (Task ID: R1-9703)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Train users if they were an unwitting party in a successful attack (Task ID: R1-9707)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)
 
*Analyze response actions and performance of response team members against the plan (Task ID: R1-9686)
  Frequency   Importance
  Never Rarely Sometimes Often Always   Unimportant Low Moderately Very Extremely
Novice (Apprentice)  
Intermediate (Journeyman)  
Expert
(Master)