Establishing and maintaining a patch schedule, maintaining current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation, and documenting all associated procedures.
Maintain PCI compliance, to include all tasks leading up to and including the annual on-site audit.
Monitor their organization’s networks for security breaches and investigate a violation when one occurs
Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
Develop security standards and best practices for their organization
Recommend security enhancements to management or senior IT staff
Help computer users when they need to install or learn about new security products and procedures
Develop and document technical processes and procedures as needed.
Make recommendations to purchase hardware, software, system components.
Create metrics and measures showing progress and reporting it to upline management.