Kyle Peterson

ITS-370

Chapter Eleven

10/13/17

1.      Violation and Employee Termination, Maintaining protocols

In regards to violating organizational policies, it is quite easy to find on the internet. This is something many HR departments struggle with, and as per usual, there are many recommendations on how to properly uphold company standards. I will list a couple below:

·         1. Be consistent

·         2. Make sure everyone’s on the same page

·         3. Document everything

·         4. Be a Boy Scout: Aka have a plan incase an employee breaks a key rule and needs to be terminated immediately.

 

2.      CISSP and SSCP certifications

Isc2.org offers a verity of certifications, below are the list of certifications one can obtain from this resource:

·         CISSP

·         SSCP

·         CCSP

·         CAP

·         CSSLP

·         HCISPP

All of these certifications require 5+ years in the specified field, One year of which can be satisfied by a bachelor’s degree. These certifications define key IT skills required in the field and are very prestigious certifications.

 

3.      Certifications that were not identified in the chapter.

In the chapter there were a couple that were not touched base on, such as, CCSP, CAP, CSSLP, and HCISPP. All of these are important certifications which can earn you merit in the IT field.

·         Cloud Security (CCSP)

·         Authorization (CAP)

·         Software Security (CSSLP)

·         Healthcare Services (HCISPP)

These are all important in the field of IT, and all of which will earn you a large pay upgrade if achieved. One thing that was not highlighted in the chapter was the use of IT in the field of Healthcare services. This is a large specialized field which seeks a highly specialized IT Professional in order to perform complex operations and software management.

 

4.      Security Analyst Search

After a google search this is what I found:

·         Gunderson Health System- Security Analyst

o   3-4 years in network infrastructure

o   2 years’ experience with common security management frameworks, i.e., NIST, SANS, CSC.

o   Required Bachelor's degree in Computer Science.

·         The Judge Group- Security Analyst

o   Requires 2+ years’ experience in support and operations role in any of the following areas: access management of network security technologies, servers, networks, telecommunications, operating systems, middleware, hardware/software support, or other infrastructure role.

o   Required Bachelor's degree in Computer Science.

·         Iris Consulting Corporation- Cloud Security Analyst

o   5+ years relevant experience with security platforms and tools such as firewalls, SIEM, intrusion detection and prevention, and penetration testing.

o   Undergraduate degree in technical field or comparable work experience.

o   Strong Microsoft technology stack knowledge: Windows; IIS; SQL Server in a multi-tier application model.

·         Various U.S. Employers- Security Analyst

o   4+ years relevant experience with security platforms

o   Required Bachelor's degree in Computer Science.

·         Ameriprise- Security Analyst

o   Required Qualifications - Bachelor’s degree in Information Security, Computer Science or related technical field; or equivalent work experience.

o   • Diverse technical background in one or more of the following: enterprise networking, server infrastructure, operating systems, application development or database technologies.

o   • 3+ years of experience in information security or related technical field.

o   • Broad work experience that spans one or more of the information security functions - policy development, education, executing penetration testing and application vulnerability assessments, risk analysis and compliance testing.

o   • Working knowledge of security related technologies and practices, including: authentication and authorization, endpoint protection, encryption, segmentation strategies, vulnerability management, secure remote access, and firewalls.

o   • Effective verbal and written communication skills.

 

5.      Termination Policies

Employee Termination policies can be difficult for employers, especially HR departments. Below is a termination Policy I found for an IT situation.

Policy:

1.      Voluntary termination: Generally includes voluntary separation or non‐renewal of contract. Determination of termination as voluntary is at the discretion of the supervisor within the parameters of the University Rules.

a.       The employee’s supervisor must notify the Unit Information Security Administrator within two workdays of the initial notice of termination. Notice to the administrator must include a listing of information assets to which the employee has access.

b.      The supervisor and the Unit Information Security Administrator will determine the timing and process for revoking access to information assets.

 

2.      Involuntary termination: Generally occurs when an employee is being terminated for performance or for violation of University or Health Science Center policy/rules.