{"schemaVersion":"1.0","exportedAt":"2026-05-15T12:51:50.665Z","occupation":{"soc":"15-1299.05","title":"Information Security Engineers","group":"Computer & Mathematical","sector":"54","jobZone":4,"jobZoneInferred":false},"framework":{"version":"v.26.05","description":"","contextCovered":"This framework covers information security engineering practice across enterprise on-premise and cloud environments, spanning vulnerability assessment, penetration testing, incident response, security architecture, and organizational governance from entry-level execution through executive leadership.","levels":{"emerging":{"label":"Emerging","statements":["Vulnerability assessment tools — operate under direct supervision to scan enterprise networks and document identified weaknesses in structured reports.","Security breach indicators — recognize and escalate potential intrusion signals while monitoring network dashboards in a supervised SOC environment.","Penetration testing methodologies — assist senior engineers in executing scripted tests against defined system targets within an authorized lab or staging environment.","Firewall and encryption software — install preconfigured security tools on workstations and servers following established procedures and change-control protocols.","Security policies and standards — study and apply organizational information security guidelines when completing assigned tasks under engineer oversight.","Incident response playbooks — follow documented recovery steps to support breach containment activities under the direction of a lead security engineer.","Security control performance indicators — collect and log metrics from monitoring platforms to assist in periodic quality assessments of existing controls.","Technical security documentation — read and interpret vendor advisories, CVE reports, and configuration guides to inform assigned remediation tasks.","Operating system security configurations — apply baseline hardening checklists to Windows and Linux systems within a supervised enterprise IT environment.","Risk management software — enter vulnerability scan results and asset data into designated platforms to support team-level risk tracking workflows."]},"developing":{"label":"Developing","statements":["Network vulnerability scans — plan and execute recurring assessments using tools such as Nessus or Qualys, interpreting results to prioritize remediation across a mid-size enterprise.","Security breach investigations — conduct structured analyses of detected incidents, correlating log data and forensic artifacts to identify attack vectors and scope of damage.","Penetration test engagements — perform end-to-end tests against web applications and internal network segments with limited oversight, documenting findings in professional reports.","Firewall rule sets and encryption configurations — develop and deploy updated policies for perimeter and cloud-based security controls in alignment with organizational risk posture.","Security awareness training sessions — deliver structured instruction to staff on information security standards and acceptable-use policies across departmental teams.","Incident response strategies — draft and refine response and recovery procedures for common breach scenarios, coordinating containment actions with IT operations teams.","Security control quality assessments — evaluate control effectiveness using defined performance indicators and recommend improvements based on gap analysis findings.","Switch and router security configurations — harden network device configurations and review access-control lists to reduce attack surface in production environments.","Database query tools — interrogate security event databases to extract threat intelligence and produce trend reports for management review.","Cloud-based security management platforms — configure and maintain monitoring policies for hybrid cloud environments, adapting settings as workloads evolve."]},"proficient":{"label":"Proficient","statements":["Enterprise penetration testing programs — independently design and lead comprehensive red-team exercises across complex multi-cloud and on-premise infrastructures, producing executive and technical findings.","Security monitoring architecture — autonomously evaluate and tune SIEM rules, IDS signatures, and alert thresholds to ensure accurate detection across high-volume enterprise networks.","Advanced breach investigations — lead forensic examination of sophisticated security incidents, reconstructing attack timelines, quantifying damage, and coordinating evidence preservation for legal proceedings.","Security software development — architect and implement custom security tooling, scripts, and automation pipelines that integrate with existing DevSecOps workflows to enforce continuous compliance.","Response and recovery frameworks — design organization-wide incident response plans covering containment, eradication, and business-continuity restoration for diverse threat scenarios.","Security control effectiveness analysis — apply systems evaluation techniques to assess end-to-end control performance, identifying systemic gaps and driving targeted remediation roadmaps.","Information security policy authorship — draft comprehensive security standards, baselines, and procedures that align technical controls with regulatory requirements such as NIST, ISO 27001, or SOC 2.","Telecommunications and network security design — engineer secure network segmentation, VPN architectures, and zero-trust access controls for geographically distributed organizations.","Expert system and risk management platforms — configure and leverage risk-scoring tools to model threat scenarios, producing quantitative risk assessments that guide investment decisions.","Cross-functional security consultation — advise product, DevOps, and legal teams on security trade-offs during system design reviews, integrating security requirements into project lifecycles from inception."]},"advanced":{"label":"Advanced","statements":["Organizational security strategy — define and champion a multi-year information security roadmap that aligns enterprise risk appetite, regulatory obligations, and emerging threat landscapes at the executive level.","Security engineering capability development — establish centers of excellence for penetration testing, threat intelligence, and incident response, setting technical standards that elevate team competency organization-wide.","Enterprise risk governance frameworks — design and institutionalize risk management programs that integrate vulnerability data, business impact analysis, and board-level reporting into cohesive governance structures.","Security culture and training programs — architect enterprise-wide security awareness and professional development curricula, measuring behavioral change through performance indicators and maturity assessments.","Incident response leadership — command organizational response to major security incidents, coordinating across legal, communications, operations, and executive leadership to minimize impact and meet disclosure obligations.","Security vendor and technology strategy — evaluate, select, and oversee deployment of enterprise security platforms and managed services, negotiating contracts and holding partners accountable to SLA and performance benchmarks.","Regulatory and compliance leadership — represent the organization before auditors, regulators, and industry bodies, shaping internal control frameworks to satisfy evolving compliance mandates across multiple jurisdictions.","Secure architecture governance — establish architectural review boards and security-by-design principles that ensure all new systems and cloud migrations meet organizational security standards before production deployment.","Threat intelligence program direction — lead intelligence-sharing relationships with ISACs, government agencies, and peer organizations, translating strategic threat data into actionable defensive priorities for engineering teams.","Security investment and resource allocation — build and defend security budget proposals at the C-suite and board level, demonstrating ROI through quantitative risk reduction metrics and benchmark comparisons."]}}},"sources":{"onet":"v30.2 (CC BY 4.0)","crosswalk":"https://skillscrosswalk.com","generator":"LER.me"},"attribution":"© EBSCOed"}