Security Basics mailing list archives

Re: Network Engineer vs. Network Security Engineer

From: "gig" <gigabit () satx rr com>
Date: Mon, 11 Jan 2010 13:07:35 -0600

Johnathan,

The only answer to your question that matters is: what does your managementwant?

Every organization does things differently, dependant on size, complexity,regulatory requirements and especially the capabilities of the peopleinvolved.

I manage the security team for a small sized financial institution and Ihave chosen to make my team more of a security assurance group that ismostly out of operational day to day activities. Almost like an internal ITAudit division...except with a clue (sorry auditors!).

My best advice to you is that you map out the hourly/daily/weekly processesthat you believe are necessary and have your management decide who shouldown those responsibilities. My guess is, one of you will be unhappy withthe decision but at least you will have some top-down support.


good luck.

gig

----- Original Message -----From: "Johnathan" <martinez85 () att blackberry net>

To: <security-basics () securityfocus com>
Sent: Saturday, January 09, 2010 11:04 AM
Subject: Network Engineer vs. Network Security Engineer

Hello List,
I am Security Engineer/Analyst at a company who is currently buildingtheir security program and have run into a issue on defining a NetworkSecurity Engineer's roles and duties versus a Network Engineer (on theLAN/WAN side) and where a line is drawn and what should overlap.
This subject came about when I requested access to our Cisco IPS, IDS andASAs. The senior engineer (who, by the way, is the only person who hasfull access to all of our Cisco routers, switches, IPS, IDS, ASAs, etc.)within my company fought to disallow my access.
We have Cisco MARS implemented, and I am the primary manager of thatdevice and require access to our Cisco security devices (IPS, IDS, etc.)to sufficiently tune and update the appliance.
Was I and am I wrong for requesting access and wanting it? Where shouldthe line be drawn as far as duties and roles? Not just for Cisco securitydevices but on an enterprise wide scale.
I would really appreciate any responses to this.

Than You.

----
Johnathan
Sent via BlackBerry by AT&T



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Re: Best firewall applience, (continued)
- - - Re: Best firewall applience Charlie Clark (Jan 13)
    - Re: Best firewall applience Chris Brenton (Jan 18)
    - RE: Best firewall applience Scott Race (Jan 19)
    - Re: Best firewall applience Jeremy Nenadal (Jan 13)
    - Re: Best firewall applience David Gadoury (Jan 13)
    - Re: Best firewall applience Asaf Maruf (Jan 13)
    - RE: Best firewall applience Quark Group - Hilton Travis (Jan 13)
    - Re: Best firewall applience Stephen Mullins (Jan 18)
    - Re: Network Engineer vs. Network Security Engineer Johnathan (Jan 12)
- RE: Network Engineer vs. Network Security Engineer (UNCLASSIFIED) Natividad, Victor E Mr CTR USA (Jan 11)
- Re: Network Engineer vs. Network Security Engineer gig (Jan 11)
- Re: Network Engineer vs. Network Security Engineer ron (Jan 12)