Job description of the leading specialist of the information security department. Job description of a specialist in ensuring information security in key systems of information infrastructure Job description of a specialist in computer security

Job description of the leading specialist of the information security department. Job description of a specialist in ensuring information security in key systems of information infrastructure Job description of a specialist in computer security

I. General provisions

1.1. Information Security Specialist belongs to the category
specialists, is hired and fired from it by order
the head of the enterprise on the proposal of the head of the protection department
information.
1.2. For the position of an information security specialist of the 1st category
a person is appointed who has a higher professional (technical)
education and work experience as an information security specialist II
categories of at least ______ years; as a security specialist
information category II - a person with a higher professional
(technical) education and work experience as a security specialist
information or other positions filled by specialists with higher
vocational education, at least _________ years; for the position
information security specialist - a person who has a higher professional
(technical) education, without presenting requirements for work experience.
1.3. The Information Security Officer reports directly to
________________________________________________________________________.
1.4. In his work, an information security specialist
guided by:
- legislative and regulatory documents on issues
ensuring the protection of information;
- methodological materials related to relevant issues;
- the charter of the enterprise;
- labor regulations;
- orders and orders of the director of the enterprise
(immediate supervisor);
- this job description.
1.5. The Information Security Specialist should know:
- legislative acts, normative and teaching materials on
issues related to ensuring the protection of information;
- specialization of the enterprise and features of its activity;
- production technology in the industry;
- equipping computer centers with technical means,
prospects for their development and modernization;
- organization system comprehensive protection information valid in
industries;
- methods and means of monitoring protected information, identifying channels
information leaks, organization of technical intelligence;
- methods of planning and organization of protection works
information and ensuring state secrets;
- technical means of control and protection of information, prospects and
directions for their improvement;
- methods for conducting special studies and inspections, works on
protection of technical means of transmission, processing, display and storage
information;
- the procedure for using abstract and reference and information
publications and other sources scientific and technical information;
- achievements of science and technology in the country and abroad in the field of
technical intelligence and information protection;
- methods and means of performing calculations and computational work;
- fundamentals of economics, organization of production, labor and management;
- basics of labor legislation Russian Federation;
- rules and regulations of labor protection, safety measures,
industrial sanitation and fire protection;
- _________________________________________________________________.
1.6. During the absence of an information security specialist
(business trip, vacation, illness, etc.) his duties are performed by a person
assigned in due course. This person acquires
relevant rights and is responsible for the proper implementation
the duties assigned to him.

II. Functions

The information security specialist is responsible for following features:
2.1. Ensuring comprehensive information protection, compliance
state secret.
2.2. Participation in the survey, certification and categorization of objects
protection.
2.3. Development of organizational and administrative documents,
regulating the work on the protection of information.
2.4. Determining the need for technical means protection and
control.
2.5. Requirements check normative documents for the protection
information.

III. Job Responsibilities

In order to perform the functions assigned to him, the protection specialist
information must:
3.1. Perform complex work related to the provision of integrated
information protection based on the developed programs and methods, compliance with
state secret.
3.2. Collect and analyze materials from institutions, organizations and
enterprises of the industry in order to develop and adopt decisions and measures to
ensuring the protection of information and efficient use funds
automatic control, detection of possible channels of information leakage,
representing state, military, official and commercial secrets.
3.3. Analyze existing methods and tools used for
control and protection of information, and develop proposals for their
improving and increasing the effectiveness of this protection.
3.4. Participate in the inspection of objects of protection, their certification and
categorization.
3.5. Develop and prepare for approval draft normative and
methodological materials regulating the work on information protection, and
as well as regulations, instructions and other organizational and administrative
documents.
3.6. Organize the development and timely submission
proposals for inclusion in the relevant sections of promising and
current work plans and programs of measures to control and protect information.
3.7. Give feedback and opinions on projects of newly built and
reconstructed buildings and structures and other developments on
ensuring the protection of information.
3.8. Participate in the review terms of reference on the
design, draft, technical and working projects, provide them
compliance with applicable regulatory and methodological documents, as well as in
developing new circuit diagrams control equipment, facilities
automation of control, models and systems of information security, assessment
technical and economic level and efficiency of the proposed and implemented
organizational and technical solutions.
3.9. Determine the need for technical means of protection and
control, draw up applications for their purchase with the necessary
justifications and calculations for them, control their delivery and
usage.
3.10. To check compliance with the requirements of intersectoral and
industry regulatory documents on information security.

IV. Rights

The information security specialist has the right to:
4.1. Get acquainted with the draft decisions of the company's management,
relating to his activities.
4.2. Submit proposals for consideration by management
improvement of the work related to the duties stipulated
this instruction.
4.3. Receive from the heads of structural divisions,
information and documents necessary for the performance of their
official duties.
4.4. Involve specialists from all structural divisions
enterprise to solve the duties assigned to it (if it is
provided for in the structural divisions if not, with
permission of the head of the enterprise).
4.5. Require the management of the enterprise to assist in
performance of their duties and rights.

V. Responsibility

The Information Security Specialist is responsible for:
5.1. For failure to perform (improper performance) of their official
duties set out in this job description
within the limits set labor law Russian Federation.
5.2. For those committed in the course of carrying out their activities
offenses - within the limits determined by administrative, criminal and
civil legislation of the Russian Federation.
5.3. For causing material damage- within the limits
labor, criminal and civil legislation of the Russian Federation.

APPROVE:
Supervisor _____________________
__________________________________
(__________________)
"___"________ ___ G.
M.P.

JOB INSTRUCTIONS for a specialist in ensuring information security in key information infrastructure systems

1. GENERAL PROVISIONS

1.1. This job description defines the functional duties, rights and responsibilities of an information security specialist in key systems information infrastructure _______________ (hereinafter referred to as the Organization).

1.2. An information security specialist in key information infrastructure systems is appointed and dismissed in accordance with the procedure established by labor legislation by order of the head of the Organization.

1.3. The information security specialist in key information infrastructure systems reports directly to _____________ Organization.

1.4. Qualifications to the person appointed to the post:

Specialist in ensuring information security in key information infrastructure systems of the 1st category: higher professional education in the specialty " Information Security"and at least 3 years of experience as a specialist in ensuring information security in key information infrastructure systems of category II.

Specialist in ensuring information security in key systems of information infrastructure of the II category: higher professional education in the specialty "Information Security" and work experience as a specialist in ensuring information security in key systems of information infrastructure or in other positions occupied by specialists with higher professional education, not less than 3 years.

Specialist in ensuring information security in key systems of information infrastructure: higher professional education in the specialty "Information Security" without presenting requirements for work experience.

1.5. An information security specialist in key information infrastructure systems should know:

Laws and other regulatory legal acts of the Russian Federation regulating relations related to the protection of state secrets and other restricted information; regulatory and methodological documents on issues related to information security;

The management, communication and automation structure and the main elements of the Organization's key information infrastructure system;

Access control subsystems, attack detection subsystems, subsystems for protection against intentional influences, information integrity control;

The procedure for creating a secure channel between interacting objects through a public system using dedicated communication channels;

The procedure for performing authentication of interacting objects and verifying the identity of the sender and the integrity of the data transmitted through the public system;

Equipment of the Organization with basic and auxiliary technical means and systems, prospects for their development and modernization;

Prospects and directions for the development of methods and means of technical and software and hardware means of protecting information from destructive information influences;

The procedure for designing and certification of informatization objects; monitoring the effectiveness of information protection at informatization objects;

The procedure for monitoring the use of open radio communication channels;

Methods and tools for identifying threats to information security, methods for identifying information leakage channels;

Methods for conducting scientific research, development on the technical protection of information;

The procedure for examining key information infrastructure systems, drawing up inspection reports, test reports, instructions for the right to operate special means of ensuring information security, as well as regulations, instructions and other organizational and administrative documents;

Powers on information security issues, the possibilities and procedure for using standard technical means of ensuring information security and monitoring their effectiveness;

Methods for analyzing the results of inspections, accounting for violations of information security requirements;

Methodology for preparing proposals, methods and means of performing computational work in the interests of planning, organizing and carrying out work to ensure the security of information and ensure state secrets;

Achievements of science and technology in the country and abroad in the field of technical intelligence and information protection;

Methods for assessing the professional level of information security specialists, certification of specialists;

Basics of labor legislation;

Rules on labor protection and fire safety.

1.6. During the period of temporary absence of a specialist in ensuring information security in key systems of the information infrastructure, his duties are assigned to ____________________.

2. FUNCTIONAL RESPONSIBILITIES

Information security specialist in key information infrastructure systems:

2.1. Performs activities to ensure the security of information in key systems of the information infrastructure.

2.2. Identifies possible threats to information security, software and hardware vulnerabilities, develops intrusion detection technologies, evaluates and reassesses the risks associated with threats of destructive information impacts that can damage systems and networks due to unauthorized access, disclosure, modification or destruction of information and information resources. control systems.

2.3. Defines restrictions on entering information, procedures for managing security incidents and preventing their development, the procedure for connecting to open information systems taking into account the provision of security associated with agreements on access and prioritization of resources, requirements for places for backup storage, processing and copying of information, service priorities for the use of basic and backup telecommunication services (services).

2.4. Develops procedures for protecting information carriers, communications and restoring information and control systems after a failure or failure.

2.5. Carries out control over activities to ensure the security of information in key systems of the information infrastructure; informational, logistical and scientific and technical support of information security; monitoring the status of work to ensure the security of information in key systems of the information infrastructure and their compliance with the regulatory legal acts of the Russian Federation.

2.6. Gives feedback and opinions on projects of newly created and modernized facilities and other developments on the issues of ensuring information security in key information infrastructure systems.

2.7. Participates in the review of technical specifications for research and development design work to ensure information security in key systems of the information infrastructure, assesses their compliance with current regulatory and methodological documents.

2.8. Participates in the implementation of new means of technical protection of information.

2.9. Promotes the dissemination of best practices in the Organization and the introduction of modern organizational and technical measures, means and methods for ensuring the security of information in key systems of the information infrastructure.

2.10. Conducts assessments of the technical and economic level and effectiveness of the proposed and implemented organizational and technical solutions to ensure the security of information in key information infrastructure systems.

2.11. Develops lists of personnel access to protected objects, procedures and rules for the behavior of employees, including when they are moved, dismissed and interact with personnel of third-party organizations.

2.12. Provides leadership and training of personnel to act in crisis situations, including the procedure for the actions of managers and other responsible persons of key information infrastructure systems.

3. RIGHTS

An information security specialist in key information infrastructure systems has the right to:

3.1. Require the management of the Organization to assist in the performance of their duties.

3.2. Get acquainted with the draft decisions of the management of the Organization relating to its activities.

3.3. Submit proposals on the issues of their activities for consideration by their immediate supervisor.

3.4. Receive official information necessary for the performance of their duties.

4. RESPONSIBILITY

The information security specialist in key information infrastructure systems is responsible for:

4.1. For failure to perform or improper performance of their duties stipulated by this job description - in accordance with the current labor legislation.

4.2. For offenses committed during the period of its activities - in accordance with the current civil, administrative and criminal legislation.

4.3. For causing material damage - in accordance with applicable law.

5. CONDITIONS AND EVALUATION OF WORK

5.1. The mode of work of an information security specialist in key information infrastructure systems is determined in accordance with the internal labor regulations established in the Organization.

5.2. Job evaluation:

Regular - carried out by the immediate supervisor in the process of execution by the Employee labor functions;

- ________________________________________________________________________. (indicate the procedure and grounds for other types of work)

This job description was developed in accordance with the Order of the Ministry of Health and Social Development of the Russian Federation dated April 22, 2009 N 205 "On approval of the Unified qualification handbook positions of managers, specialists and employees, section "Qualification characteristics of positions of managers and specialists in ensuring information security in key information infrastructure systems, countering technical intelligence and technical information protection".

____________________________ ________________ ___________________________ (Position name (Personal signature) (Signature transcript) of the head of the structural unit) "___" __________ ____ AGREED (indicate all interested parties and their signatures) ____________________________ ________________ ___________________________ (Personal signature) (Signature transcript) "___"__________ ____ d. I am familiar with the instructions: ________________ ___________________________ (Personal signature) (Signature decoding) "___" __________ ____ d.

I. General provisions

1.1. An information security specialist belongs to the category of specialists, is hired and dismissed by the order of the head of the enterprise on the proposal of the head of the information security department.
1.2. A person who has a higher professional (technical) education and at least ___ years of experience in the position of an information security specialist of category II is appointed to the position of an information protection specialist of category I; as a security specialist
information of category II - a person with a higher professional (technical) education and work experience in the position of an information security specialist or other positions filled by specialists with higher professional education for at least ____ years; for the position of an information security specialist - a person with a higher professional (technical) education, without presenting requirements for work experience.
1.3. The Information Security Officer reports directly to __________________.
1.4. In his work, the information security specialist is guided by:
- legislative and regulatory documents on the issues of ensuring the protection of information;
- methodological materials related to relevant issues;
- the charter of the enterprise;
- labor regulations;
- orders and orders of the director of the enterprise
(immediate supervisor);
- this job description.
1.5. The Information Security Specialist should know:
- legislative acts, regulatory and methodological materials on issues related to ensuring the protection of information;
- specialization of the enterprise and features of its activity;
- production technology in the industry;
- equipment of computing centers with technical means, prospects for their development and modernization;
- a system for organizing the complex protection of information operating in the industry;
- methods and means of controlling protected information, identifying information leakage channels, organizing technical intelligence;
- methods of planning and organizing work to protect information and ensure state secrets;
- technical means of control and protection of information, prospects and directions for their improvement;
- methods for conducting special studies and inspections, work to protect the technical means of transmission, processing, display and storage of information;
- the procedure for using abstract and reference publications, as well as other sources of scientific and technical information;
- achievements of science and technology in the country and abroad in the field of technical intelligence and information protection;
- methods and means of performing calculations and computational work;
- fundamentals of economics, organization of production, labor and management;
- fundamentals of the labor legislation of the Russian Federation;
- rules and norms of labor protection, safety measures, industrial sanitation and fire protection;
1.6. During the absence of an information security specialist (business trip, vacation, illness, etc.), his duties are performed by a duly appointed person. This person acquires the appropriate rights and is responsible for the proper performance of the duties assigned to him.

II. Functions

The Information Security Specialist is responsible for the following:
2.1. Ensuring comprehensive protection of information, observance of state secrets.
2.2. Participation in the survey, certification and categorization of objects of protection.
2.3. Development of organizational and administrative documents regulating the work on information protection.
2.4. Determining the need for technical means of protection and control.
2.5. Verification of compliance with the requirements of regulatory documents on information protection.

III. Job Responsibilities

To perform the functions assigned to him, the information security specialist must:
3.1. Perform complex work related to ensuring comprehensive information protection based on developed programs and methods, observing state secrets.
3.2. Collect and analyze the materials of institutions, organizations and enterprises of the industry in order to develop and make decisions and measures to ensure the protection of information and the effective use of automatic control tools, detect possible channels for leaking information representing state, military, official and commercial secrets.
3.3. Analyze existing methods and tools used to control and protect information, and develop proposals for their improvement and increasing the effectiveness of this protection.
3.4. Participate in the examination of objects of protection, their certification and categorization.
3.5. Develop and prepare for approval draft regulatory and methodological materials governing the work on information protection, as well as regulations, instructions and other organizational and administrative documents.
3.6. Organize the development and timely submission of proposals for inclusion in the relevant sections of long-term and current work plans and programs of measures to control and protect information.
3.7. Give feedback and opinions on projects of newly built and reconstructed buildings and structures and other developments on issues of information security.
3.8. Participate in the review of technical specifications for design, draft, technical and working projects, ensure their compliance with current regulatory and methodological documents, as well as in the development of new circuit diagrams of control equipment, control automation tools, models and information security systems, assessment of the technical and economic level and the effectiveness of the proposed and implemented organizational and technical solutions.
3.9. Determine the need for technical means of protection and control, draw up applications for their purchase with the necessary justifications and calculations for them, control their supply and use.
3.10. Verify compliance with the requirements of intersectoral and sectoral regulatory documents on information security.

The information security specialist has the right to:
4.1. Get acquainted with the draft decisions of the management of the enterprise relating to its activities.
4.2. Submit proposals for improvement of the work related to the responsibilities provided for in this instruction for consideration by the management.
4.3. Receive from the heads of structural divisions, specialists information and documents necessary for the performance of their duties.
4.4. Engage specialists from all structural divisions of the enterprise to solve the duties assigned to it (if it is provided for by the regulations on structural divisions, if not, with the permission of the head of the enterprise).
4.5. Require the management of the enterprise to assist in the performance of their duties and rights.

V. Responsibility

The Information Security Specialist is responsible for:
5.1. For non-fulfillment (improper fulfillment) of their official duties provided for by this job description, to the extent determined by the labor legislation of the Russian Federation.
5.2. For offenses committed in the course of carrying out their activities - within the limits determined by the administrative, criminal and civil legislation of the Russian Federation.
5.3. For causing material damage - within the limits determined by the labor, criminal and civil legislation of the Russian Federation.

Job description and job responsibilities

chief information security officer.

1. GENERAL PROVISIONS

1.1. This job description defines the functional duties, rights and responsibilities of the Chief Information Security Specialist of the enterprise (options: OJSC, CJSC, LLC, institution, organization).

1.2. The chief information security specialist is appointed to the position and dismissed in accordance with the procedure established by the current labor legislation by order of the director of the enterprise.

1.3. The chief information security specialist reports directly to the director of the enterprise (options: OJSC, CJSC, LLC, institutions, organizations).

1.4. A person with a higher professional (technical) education and work experience in information security is appointed to the position of Chief Information Security Specialist.

1.5. The Chief Information Security Officer must know:

— legislative and regulatory legal acts on state (official, commercial) secrets; regulatory and methodological materials on issues related to information security; development prospects, specialization and activities of an institution, organization, enterprise (options: OJSC, CJSC, LLC, institutions,
organization) and its divisions; the nature of the interaction of departments in the process economic activity enterprises (options: OJSC, CJSC, LLC, institutions, organizations) and the procedure for passing official information; complex protection organization system
information valid at the enterprise (options: OJSC, CJSC, LLC, institution, organization); prospects and directions of development of technical and software-mathematical means of information protection; methods and means of control of protected information, detection
information leakage channels, organization of technical intelligence; methods of planning and organization of scientific research, development, performance of work on information protection; the procedure for concluding contracts for special studies and inspections, work on the protection of technical means of transmission, processing, display and storage
information; domestic and foreign experience in the field of technical intelligence and information protection; fundamentals of economics, organization of production, labor and management; rules and regulations
labor protection.

1.6. During the temporary absence of the Chief Information Security Specialist, his duties are assigned to ___________________.

2. FUNCTIONAL RESPONSIBILITIES

Note. The functional responsibilities of the Chief Information Protection Specialist are determined on the basis and to the extent of the qualification characteristics for the position of the Chief Information Protection Specialist and can be supplemented, clarified when preparing the job description based on specific circumstances.

2.1. Manages the implementation of work on the integrated protection of information in the industry, at the enterprise (options: OJSC, CJSC, LLC, institution, organization), ensuring the effective application of all available organizational and engineering measures for protection,
constituting a state secret.

2.2. Participates in the development of technical policy and determination of the prospects for the development of technical means of control, organizes the development and implementation of new technical and software-mathematical means of protection, excluding or significantly complicating unauthorized access to official information constituting an official, state or commercial secret.

2.3. Participates in the review of technical specifications for product designs, research and development work to be protected, monitors the inclusion in them of the requirements of regulatory, technical and methodological documents on
information security and compliance with these requirements.

2.4. Prepares proposals for inclusion in the plans and work programs of organizational and engineering measures to protect information systems.

2.5. Participates in the development of secure information technologies meeting the requirements of complex information protection.

2.6. Organizes research work in the field of improving information security systems and increasing their efficiency.

2.7. Performs the whole complex (including especially complex) of work related to the control and protection of information, based on the developed programs and methods.

2.8. Organizes the collection and analysis of materials on possible channels of information leakage, including through technical channels, in the course of research and development related to the creation and production of special products (products) necessary for carrying out
work to ensure the protection of information.

2.9. Ensures the coordination of ongoing organizational and technical measures, the development of methodological and regulatory materials and the provision of the necessary methodological assistance in carrying out work on protecting information, assessing the technical and economic
the effectiveness of the proposed and implemented organizational and technical solutions.

2.10. Organizes work on the collection and systematization of the necessary information about the objects to be protected and protected information, provides methodological guidance and control over the work on assessing the technical and economic level and effectiveness of the developed information protection measures.

2.11. Leads the work on summarizing data on the need for technical and software-mathematical means of protecting information, control equipment, drawing up applications for the manufacture of these means, organizing their receipt and distribution among the objects of protection.

2.12. Promotes the dissemination of best practices and the introduction of modern organizational and technical measures, means and methods of information protection in order to increase their effectiveness.

2.13. Provides control over compliance with the requirements of regulatory and technical documentation, over compliance with the established procedure for performing work, as well as current legislation when resolving issues related to information security.

2.14. Coordinates the activities of departments and specialists in information security in the industry, at the enterprise, in the institution, organization.

3. RIGHTS

The Chief Information Security Officer has the right to:

3.1. To give instructions to subordinate employees and services, tasks on a range of issues included in his functional duties.

3.2. Control the implementation of planned targets and work, the timely execution of individual orders and tasks of subordinate services.

3.3. Request and receive necessary materials and documents related to the activities of the Chief Information Security Specialist, his subordinate services and divisions.

3.4. Engage in relationships with departments of third-party institutions and organizations to resolve operational issues production activities within the competence of the chief information security specialist.

3.4. Represent the interests of the enterprise in third-party organizations on issues related to the production activities of the enterprise.

4. RESPONSIBILITY

The Chief Information Security Officer is responsible for:

4.1. The results and efficiency of the enterprise's production activities in terms of compliance with information security measures.

4.2. Failure to fulfill their functional duties, as well as the work of the enterprise services subordinate to him on issues of production activities.

4.3. Inaccurate information about the status of execution of work plans of subordinate services.

4.4. Failure to comply with orders, orders and instructions of the director of the enterprise (options: OJSC, CJSC, LLC, institutions, organizations).

4.5. Failure to take measures to suppress the identified violations of safety regulations, fire safety and other rules that pose a threat to the activities of the enterprise, its employees.

4.6. Failure to ensure compliance with labor and performance discipline by employees of subordinate services and personnel subordinate to the Chief Information Security Specialist.

5. RIGHT TO SIGN. WORKING CONDITIONS

5.1. The exclusive area of ​​activity of the Chief Information Security Specialist is to ensure the planning and organization of the production activities of the enterprise.

5.2. To ensure his activities, the chief information security specialist is given the right to sign organizational and administrative documents on issues that are part of his functional duties.

5.3. The mode of operation of the Chief Information Security Specialist is determined in accordance with the Internal Labor Regulations established at the enterprise.

5.4. Due to operational needs, the Chief Information Security Specialist may go on business trips (including local ones).

5.5. To resolve operational issues related to the provision of production activities, the Chief Information Security Specialist may be assigned a company vehicle. The job description of the chief information security specialist has been developed in accordance with:
______________________________________

(name, number and date of the document)

The chief information security specialist is familiar with the job description: ___________ ___________

(signature) (full name)

Collection of job descriptions

Approximate form

I approve

___________________________________ (initials, surname)
(name of company, __________________________
enterprise, etc., his (director or other
legal form) official,
authorized to approve
job description)

"" ____________ 20__

Job description
information security specialist

______________________________________________
(name of organization, enterprise, etc.)

"" ______________ 20__ N_________

This job description has been developed and approved for
on the basis of an employment contract with __________________________________________
(name of the position of the person for whom
______________________________________________________ and in accordance with
this job description has been drawn up)
the provisions of the Labor Code of the Russian Federation and other regulatory
acts regulating labor relations in the Russian Federation.

I. General provisions

1.1. Information Security Specialist belongs to the category
specialists, is hired and fired from it by order
the head of the enterprise on the proposal of the head of the protection department
information.
1.2. For the position of an information security specialist of the 1st category
a person is appointed who has a higher professional (technical)
education and work experience as an information security specialist II
categories of at least ______ years; as a security specialist
information category II - a person with a higher professional
(technical) education and work experience as a security specialist
information or other positions filled by specialists with higher
vocational education, at least _________ years; for the position
information security specialist - a person who has a higher professional
(technical) education, without presenting requirements for work experience.
1.3. The Information Security Officer reports directly to
________________________________________________________________________.
1.4. In his work, an information security specialist
guided by:
- legislative and regulatory documents on issues
ensuring the protection of information;
- methodological materials related to relevant issues;
- the charter of the enterprise;
- labor regulations;
- orders and orders of the director of the enterprise
(immediate supervisor);
- this job description.
1.5. The Information Security Specialist should know:
- legislative acts, normative and methodological materials on
issues related to ensuring the protection of information;
- specialization of the enterprise and features of its activity;
- production technology in the industry;
- equipping computer centers with technical means,
prospects for their development and modernization;
- a system for organizing the comprehensive protection of information operating in
industries;
- methods and means of monitoring protected information, identifying channels
information leaks, organization of technical intelligence;
- methods of planning and organization of protection works
information and ensuring state secrets;
- technical means of control and protection of information, prospects and
directions for their improvement;
- methods for conducting special studies and inspections, works on
protection of technical means of transmission, processing, display and storage
information;
- the procedure for using abstract and reference and information
publications, as well as other sources of scientific and technical information;
- achievements of science and technology in the country and abroad in the field of
technical intelligence and information protection;
- methods and means of performing calculations and computational work;
- fundamentals of economics, organization of production, labor and management;
- fundamentals of the labor legislation of the Russian Federation;
- rules and regulations of labor protection, safety measures,
industrial sanitation and fire protection;
- _________________________________________________________________.
1.6. During the absence of an information security specialist
(business trip, vacation, illness, etc.) his duties are performed by a person
assigned in due course. This person acquires
relevant rights and is responsible for the proper implementation
the duties assigned to him.

II. Functions

The Information Security Specialist is responsible for the following:
2.1. Ensuring comprehensive information protection, compliance
state secret.
2.2. Participation in the survey, certification and categorization of objects
protection.
2.3. Development of organizational and administrative documents,
regulating the work on the protection of information.
2.4. Determining the need for technical means of protection and
control.
2.5. Verification of compliance with the requirements of regulatory documents on protection
information.

III. Job Responsibilities

In order to perform the functions assigned to him, the protection specialist
information must:
3.1. Perform complex work related to the provision of integrated
information protection based on the developed programs and methods, compliance with
state secret.
3.2. Collect and analyze materials from institutions, organizations and
enterprises of the industry in order to develop and adopt decisions and measures to
ensuring the protection of information and the efficient use of funds
automatic control, detection of possible channels of information leakage,
representing state, military, official and commercial secrets.
3.3. Analyze existing methods and tools used for
control and protection of information, and develop proposals for their
improving and increasing the effectiveness of this protection.
3.4. Participate in the inspection of objects of protection, their certification and
categorization.
3.5. Develop and prepare for approval draft normative and
methodological materials regulating the work on information protection, and
as well as regulations, instructions and other organizational and administrative
documents.
3.6. Organize the development and timely submission
proposals for inclusion in the relevant sections of promising and
current work plans and programs of measures to control and protect information.
3.7. Give feedback and opinions on projects of newly built and
reconstructed buildings and structures and other developments on
ensuring the protection of information.
3.8. Participate in the review of technical specifications for
design, draft, technical and working projects, provide them
compliance with applicable regulatory and methodological documents, as well as in
development of new circuit diagrams of control equipment, means
automation of control, models and systems of information security, assessment
technical and economic level and efficiency of the proposed and implemented
organizational and technical solutions.
3.9. Determine the need for technical means of protection and
control, draw up applications for their purchase with the necessary
justifications and calculations for them, control their delivery and
usage.
3.10. To check compliance with the requirements of intersectoral and
industry regulatory documents on information security.

IV. Rights

The information security specialist has the right to:
4.1. Get acquainted with the draft decisions of the company's management,
relating to his activities.
4.2. Submit proposals for consideration by management
improvement of the work related to the duties stipulated
this instruction.
4.3. Receive from the heads of structural divisions,
information and documents necessary for the performance of their
official duties.
4.4. Involve specialists from all structural divisions
enterprise to solve the duties assigned to it (if it is
provided for by the provisions on structural divisions, if not - with
permission of the head of the enterprise).
4.5. Require the management of the enterprise to assist in
performance of their duties and rights.

V. Responsibility

The Information Security Specialist is responsible for:
5.1. For failure to perform (improper performance) of their official
duties set out in this job description
within the limits determined by the labor legislation of the Russian Federation.
5.2. For those committed in the course of carrying out their activities
offenses - within the limits determined by administrative, criminal and
civil legislation of the Russian Federation.
5.3. For causing material damage - within the limits determined
labor, criminal and civil legislation of the Russian Federation.

The job description was developed in accordance with ________________
(Name,
_____________________________.
document number and date)

Head of structural (initials, surname)
subdivisions _________________________
(signature)

"" _____________ 20__

Agreed:

Head of the legal department

(initials, surname)
_____________________________
(signature)

"" ________________ 20__

I am familiar with the instruction: (initials, surname)
_________________________
(signature)



Popular in category:
How should a leave arrangement be made?
How should a leave arrangement be made?
read
Audio fairy tale urfin jus and his wooden soldiers listen online
Audio fairy tale urfin jus and his wooden soldiers listen online
read
What should I do if they did not conclude an employment contract with me or did not hand it over to me?
What should I do if I have not signed an employment contract or...
read
What is the difference between a hare and a rabbit?
What is the difference between a hare and a rabbit?
read

Latest Articles
Where can I leave a complaint about the Fix Price store ...
read
New Year's cards: how to create and send ...
read
Crossword "Wintering birds"
read
First oil well drilling
read
Priobskoye field Priobsky region
read
Priobskoye oil field Yuzhno...
read
Unified system of labor protection and...
read
gas in itself. Salaries in Gazprom. True and...
read
Top