You are on page 1of 6

SOUTH AUSTRALIAN PUBLIC SERVICE

JOB AND PERSON SPECIFICATIONS

Administrative Unit
Title of Position: ATTORNEY-GENERAL’S DEPARTMENT
Server & Desktop Security Analyst

Division: Justice Business Services


Remuneration Level: ASO6 Branch: Justice Technology Services
Section: IT Security & Audit
Type of appointment: Position Number: AG1728
Position Docket Number
þ Ongoing Occupant: Vacant

q Contract - Temporary (12 mths)


q Contract - 1 - 5 years

Job and Person Specification Approval

...................................................... ......../......../........
CHIEF EXECUTIVE/DELEGATE
JOB SPECIFICATION

1. Summary of the broad purpose of the position, and its responsibilities.


The Server and Desktop Security Analyst is responsible for providing expert
security/risk management advice and technical services/solutions in relation to the
security of server and desktop infrastructure used or managed by Justice
Technology Services (JTS). This includes:
• Windows and Unix servers,
• Windows desktops and laptops,
• Windows Terminal Servers and thin client appliances,
• PDAs and associated equipment.

The function liaises with the JTS LAN and Desktop Services section as well as
providing consultancy to criminal justice client agencies and external ICT service
providers.

2. Reporting/Working Relationships (to whom the person reports, staff for whom the person is responsible,
and other significant connections and working relationships within the organisation.)

The Server and Desktop Security Analyst:


• Administratively reports to the Manager, Infrastructure Services
• Is a member of the JTS IT Security and Audit Team, functionally reporting to the
Manager, IT Security and Audit and working closely with other team members.
• Provides backup support to the Principal Network Security Analyst
• Provides second level support to the Security Administrator

D:\DOCUMENTS AND SETTINGS\MXELG\LOCAL SETTINGS\TEMPORARY INTERNET FILES\OLK8B\UPDATED ASO6 JP JUL 08.DOC


-2-

3. Special Conditions (Such as non-metropolitan location, travel requirements, frequent overtime, etc.)
• Intrastate and Interstate Travel as required (occasional)
• Some out of hours work may be required
• Will be required to be On-Call
• Willing to undertake Criminal Offenders History checks and other security clearances if
required.

D:\DOCUMENTS AND SETTINGS\MXELG\LOCAL SETTINGS\TEMPORARY INTERNET FILES\OLK8B\UPDATED ASO6 JP JUL 08.DOC


-3-

JOB SPECIFICATION (continued) Position:


Unit:
Approval:
4. Statement of Key Outcomes and Associated Activities (Group into major areas of
responsibility/activity and list in descending order of importance.)

4.1 Contributes to the security of server and desktop infrastructure by:

• Specifying server and desktop security configurations, including server hardening


requirements, and implementing these in conjunction with LAN and Desktop Services
section.
• Ensuring that servers and desktops are appropriately patched against security threats,
by assessing security advisories, determining JTS’s response to each, and liaising with
LAN and Desktop Services section over implementation.
• Ensuring that servers and desktops are appropriately and efficiently updated with anti-
virus software definitions, in conjunction with LAN and Desktop Services section.
• Specifying and implementing server and desktop audit logging requirements.
• Administering server and desktop security in conjunction with the Security
Administrator.
• Reviewing audit logs for unusual activity and actual or suspected breaches of policy and
other security incidents.
• Assisting in the investigation of and recovery from security incidents involving server
and desktop infrastructure.
• Reviewing server access permissions on a periodic basis and removing obsolete
accesses.
• Auditing compliance with the server and desktop aspects of JTS security policies.
• Auditing security related aspects of server and desktop siting, configuration and
management practices, recommending improvements, and liaising with LAN and
Desktop Services section and relevant external service providers to implement such
recommendations.
• Preparing, reviewing and updating server and desktop security manuals, procedures
and other documentation.
• Contributing to appropriate server and desktop infrastructure contingency plans.

4.2 Monitors appropriateness of server and desktop security controls and contributes to
plans for security development that support effective program delivery by:

• Assessing the security risks associated with the provision of server and desktop
services.
• Assessing and proposing appropriate security changes to mitigate identified risks to an
acceptable level
• Evaluating the effectiveness of security controls against organisational and risk
mitigation objectives, and proposing improvements where necessary.

D:\DOCUMENTS AND SETTINGS\MXELG\LOCAL SETTINGS\TEMPORARY INTERNET FILES\OLK8B\UPDATED ASO6 JP JUL 08.DOC


-4-

4.3 Provides expert technical services and advice regarding server and desktop security
by:

• Developing, utilising and monitoring information/resource networks that contribute to


awareness of industry trends and best practice in server and desktop security
• Advising JTS on matters associated with developments in server and desktop security
and their application to JIS
• Advising client agencies on appropriate courses of action with regard to server and
desktop security.

4.4 Provides backup and support to the Principal Network Security Analyst by:

• Developing proficiency in network security matters and the network security controls
utilised on the Justice wide area network.
• Undertaking activities allocated by the Principal Network Security Analyst.

4.5 Responsible and accountable for adhering to the requirements of the OHSW Act
1986, relevant OHSW Regulations 1995; the Equal Opportunity Act 1984; the PSM
Act 1995 and the principles of diversity; and the Department’s policies and
procedures.

Certified Correct by Line Manager ............................................................................................ ........../........../..........

Acknowledged by Occupant ....................................................................................................... ........../........../..........

D:\DOCUMENTS AND SETTINGS\MXELG\LOCAL SETTINGS\TEMPORARY INTERNET FILES\OLK8B\UPDATED ASO6 JP JUL 08.DOC


-5-

PERSON SPECIFICATION (continued) Position:


Unit:
Approval:

Essential Minimum Requirements (Those characteristics considered absolutely necessary.)


1. Educational/Vocational Qualifications (Include only those listed in Commissioner’s Standard 2 as an
essential qualification for the specified classification group.)

NIL

2. Personal Abilities/Aptitudes/Skills (Related to the job description and expressed in a way which allows
objective assessment.)

• Proven ability to analyse, evaluate and apply information to align server and desktop
security policy and practices with Portfolio and government directions
• Proven ability to communicate effectively, in writing and verbally, with a wide range of
people from both technical and non-technical backgrounds
• Demonstrated high level of technical competency and ability to provide superior
analytical skills in solving complex technical problems
• Proven ability to work effectively as a member of a team or individually
• Demonstrated ability to work under limited direction and in a professional manner
• Proven commitment to the provision of excellent customer service and process/service
improvement.

3. Experience (including community experience)

• Significant experience in developing and implementing server and desktop security


strategies/policies/processes to support Portfolio policy and strategy
• Experience in risk assessment processes and in identifying and implementing mitigation
strategies in relation to the protection of IT assets
• Experience in developing and maintaining effective networks, alliances and operational
relationships with internal and external clients and stakeholders in an outsourced
environment
• Significant experience in monitoring the operation of server and desktop security
controls and identifying and analysing potential security incidents
• Significant investigative and problem solving experience in server and desktop security
issues
• Substantial experience in the use of Perl, Shell or similar scripting languages.

4. Knowledge

Generic:
• Knowledge of the principles and practice of OHSW, Equal Opportunity, the PSM Act
Employee conduct standards and diversity appropriate to the requirements of the
position.

D:\DOCUMENTS AND SETTINGS\MXELG\LOCAL SETTINGS\TEMPORARY INTERNET FILES\OLK8B\UPDATED ASO6 JP JUL 08.DOC


-6-

Technical:
• Thorough general knowledge of server and desktop security and audit issues
• Extensive practical knowledge of Windows server and desktop operating systems and
all aspects of their security and audit controls, particularly Windows NT and Windows
2000.
• Significant practic al knowledge of Unix and Linux operating systems and all aspects of
their security and audit controls
• Extensive knowledge of LAN data communications technologies and protocols
• A good understanding of security principles, issues and risks associated with the use of
the Internet, and the provision of services via the Internet

PERSON SPECIFICATION (continued) Position:


Unit:
Approval:

Desirable Characteristics (To distinguish between applicants who have met all essential requirements.)
1. Personal Abilities/Aptitudes/Skills
NIL

2. Experience

• Experience in security controls associated with wide area networks.

3. Knowledge

• A good understanding of intrusion detection technologies


• Significant practical knowledge of MS-Exchange and all aspects of its security and audit
controls
• Knowledge of PIX and Checkpoint Firewall capability and configuration
• Knowledge of router and switch capability and configuration
• Knowledge of VPN capability and configuration.

4. Educational/Vocational Qualifications (Considered to be useful in carrying out the responsibilities of the


position.)

• Tertiary qualifications in an IT related discipline.

5. Other details

D:\DOCUMENTS AND SETTINGS\MXELG\LOCAL SETTINGS\TEMPORARY INTERNET FILES\OLK8B\UPDATED ASO6 JP JUL 08.DOC