Demonstrate the ability to utilize tools and techniques within the department / organization for protecting information against potential risks and adopting strategies protecting sensitive information from unauthorized activities, including inspection, modification, recording, and any disruption or destruction.
Ministry of Electronics and Information and Technology Meity
Know the legal and regulatory requirements that may affect the departmental security policies. Comply with all relevant personal data protection laws and regulations. Understands and practices appropriate digital behaviour in relation to sharing media, downloading data, etc.
Is able to determine if the online source of data is reliable or not.
Understanding of the different types of cyber attacks such as phishing and malware and their impact. Follow departmental/organizational information security policies, standards, and processes based on recognized standards. Conducting periodic assessments of information security risks to eliminate potential risks. Assessing the level of assurance provided by a security mechanism in accordance with multiple methodologies and standards.
Has a thorough understanding of data privacy regulations. Understands the procedure to follow in the event that a device is under attack online.
Establishing frameworks to develop and maintain appropriate information security expertise.
Developing information risk management strategies to reduce the risk.
Defining and implementing processes to verify on-going conformance to security requirements.
Providing advice on the interpretation of policy standards associated to Information Security.
Knows & stays updated about latest cybersecurity tools & measures to combat online threats. Understands & practises to best professional knowledge & practices on cybersecurity trends.
Encourage an information risk awareness culture within a Department / organisation.
Recognises potential strategic application of information security and initiate examination.
Establish Information security framework for maintaining the security of departmental / organizational information throughout its lifecycle.