SGC Job Analysis Questionnaire - R1G34 - Security Operations
You have completed 0% of this survey
0%
100%
For the role of Security Operations in the Smartgrid Cybersecurity environment, please indicate how frequently each task below would be performed by a person at the listed level of expertise, and how important is it that this task be completed by a person with the listed level of expertise.
*
Scan all impacted systems to ensure the patch or mitigations are present and the risk associated with the vulnerability has been reduced as expected (Task ID: R1-9628)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Test all identified mitigations or patches to make sure they remove or mitigate the vulnerability as expected with no negative impacts (Task ID: R1-9629)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Analyze vulnerabilities for business impact (Task ID: R1-9326)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Develop a method to characterize vulnerabilities and score them to determine risk (Task ID: R1-9603)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Develop a process for scoring the risk associated with identified vulnerabilities that takes into account how exploitable they are to develop priotization recommendations for mitigation (Task ID: R1-9294)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Develop a process to prioritize and create job tickets for analysis and distribution of information to specific receipents (Task ID: R1-9229)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Alert END users of potential risks and vulnerabilities that they may be able to mitigate (Task ID: R1-9314)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate with other departments to ensure that routine business operations are not impacted during testing (Task ID: R1-9399)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Develop a RACI (Responsible, Accountable, Consulted, Informed) matrix to ensure all roles clearly understand their responsibilities in the testing process. (Task ID: R1-9404)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Identify all systems that may be affected by testing (Task ID: R1-9406)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Identify threat actors (Task ID: R1-9331)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Report vulnerabilities to fellow staff and stakeholders (Task ID: R1-9244)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate efforts with the vendor to develop an understanding of the component and security implications. (Task ID: R1-9298)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate with external governments on threat intelligence (Task ID: R1-9596)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)