Security Team

Definition

Security Team

the team that establishes and enforces the endeaver’s security policies by performing the security engineering and security testing tasks

Classification

As illustrated in the preceding figure, Security Team is part of the following inheritance hierarchy:

• Type: Concrete
• Superclass: Engineering Team
• Subclasses:
  • None

Responsibilities

The typical team-specific responsibilities of a Security Team are to:

• Engineer the security of one or more of the following:
  • Business enterprise.
  • Program of related projects.
  • Endeavor.
  • Contact center.
  • Data center.
  • Application.
  • Framework.
  • Reusable component.
• Specify security policy and associated procedures and practices.
• Perform security risk analysis.
• Perform security testing.
• Follow-up identified security vulnerabilities to closure with the owners of the affected applications, facilities, or components.
• Perform security testing.
• Investigate all potential secuity violations and recommend corrective and/or disciplinary actions.
• Consult with senior management, internal and external audit functions, and with external clients, Federal and State regulatory, legal and law enforcement agencies to investigate, report and/or resolve security issues.
• Reporting the security status of the endeavor to the appropriate stakeholders.

A security team typically inherits the general team responsibilities from the team process component.

Roles

A security team typically consists of persons playing the following roles:

• Security Analyst, who engineers an application's security requirements and leads the team.
• Security Architect, who architects an application's security mechanisms.
• Security Engineer, who engineers components, applications, and data centers to meet their security requirements and be consistent with the security mechanisms.
• Technical Writer, who documents the security policy.

Tasks

A security team typically performs the following team-specific tasks in an iterative, incremental, parallel, and time-boxed manner:

• Security Engineering:
  • Security Risk Assessment
  • Security Policy Production
  • Security Threat Prevention
  • Security Threat Deterrence
  • Security Auditing
  • Security Threat Detection And Analysis
• Security Testing:
  • Test Planning
  • Test Reuse
  • Test Design:
    • Perform security review of major software components and their code.
    • Perform security review of hardware architecture (production environment) for hardware placement, network addressing and segment, and application distribution.
  • Test Implementation
  • Test Execution:
    • Test physical security.
    • Perform network, client, and server penetration tests.
    • Scan ports to identify host-level and network-level vulnerabilities.
    • Analyze traffic to identify IP information about potential attackers.
    • Perform regression testing
  • Test Reporting

A security team typically inherits the common team tasks from the team process component.

Work Products

A security team typically produces the following work products:

• Security Risk Assessment
• Security Policy
• Security Audit Report

Guidelines

• This team is critically important for any endeavor involving the production of a data center, contact center, or application that involves significant security risks.
• This team collaborates closely with the:
  • Requirements team to establish security requirements.
  • Architecture team to determine proper security mechanisms.
  • Independent test team to coordinate the overlap between the different kinds of system testing.
• A security team typically inherits the common team guidelines from the team process component.