SGC Job Analysis Questionnaire - R3G26 - Intrusion Analyst
You have completed 0% of this survey
0%
100%
For the role of Intrusion Analyst in the Smartgrid Cybersecurity environment, please indicate how frequently each task below would be performed by a person at the listed level of expertise, and how important is it that this task be completed by a person with the listed level of expertise.
*
Verify system is reporting the expected information based on the configurations (Task ID: R3-9692)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate with system owners to modify schedule based on work or operational evolutions that impact security scanning (Task ID: R3-9599)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Define scope of systems and system exclusions for vulnerability testing. (Task ID: R3-9260)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Review scanning schedule results for anomalies (Task ID: R3-9598)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate with smart grid suppliers to confirm settings and scans for their equipment (Task ID: R3-9609)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate with vendors running scanners aganist their equipment to get a technical practice or relevant information to develop your scanning program (Task ID: R3-9279)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Understand the resources and processes used by the security monitoring tool, identify constraints, impacts to host or network systems, required configurations to develop an implementation plan (Task ID: R3-9144)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Verify system processes or state that are authorized for smart grid components with the vendor to identify unauthorized processes (Task ID: R3-9601)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Subscribe to security benchmark libraries (CIS, etc.). (Task ID: R3-9436)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Configure the security monitoring solution so that it provides a list of hosts that are being monitored and cross reference that with the asset inventory in place. (Task ID: R3-9765)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate an assessment of the current monitoring solutions coverage with a third part. (Task ID: R3-9763)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate an assessment to test the effectiveness and coverage of security monitoring tools. (Task ID: R3-9760)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate with administrators from other departments (i.e. networking, operating systems, servers) to identify strengths and weaknesses in the organization's logging implementations. (Task ID: R3-9140)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Identify metrics that will be used to show performance of monitoring solution (Task ID: R3-9160)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)