Skip to content
ESCO occupation

ICT security administrator

Back to ESCO occupations

ICT security administrators plan and carry out security measures to protect information and data from unauthorised access, deliberate attack, theft and corruption.

2529.6 ISCO 2529 ESCO source
Competences
59
Groups
5
Essential
25
Optional
34

Competences and skills

59 ESCO relations
Essential competences 1 competence

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

0 competences

No competences in this bucket.

Cross-sector

0 competences

No competences in this bucket.

Essential knowledge 13 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

10 competences
cyber attack counter-measures

Methods, technologies and techniques used to defend (detect, monitor and recover) against cyber attacks. These cyber attacks include several attack vectors such as malware, denial of service (DoS) attacks and phishing. Intrusion prevention systems (IPS), firewall, antivirus, intrusion detection systems (IDS), cybersecurity training, backup, Information Security Management System (ISM), multi-factor authentication and employ awareness, are some examples of the methods used.

digital
ESCO source
database development tools

The methodologies and tools used for creating logical and physical structure of databases, such as logical data structures, diagrams, modelling methodologies and entity-relationships.

digital
ESCO source
ethical hacking principles

The set of actions that are carried out to detect vulnerabilities within a computerised system in order to improve security within an organisation. They aim to identify and address data breaches and threats in a network.

digital
ESCO source
ICT network security risks

The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.

digital
ESCO source
internet governance

The principles, regulations, norms and programs that shape the evolution and use of internet, such as internet domain names management, registries and registrars, according to ICANN/IANA regulations and recommendations, IP addresses and names, name servers, DNS, TLDs and aspects of IDNs and DNSSEC.

digital
ESCO source
Internet of Things

The general principles, categories, requirements, limitations and vulnerabilities of smart connected devices (most of them with intended internet connectivity).

digital
ESCO source
mobile device management

The methods for managing the use of mobile devices within an organisation, while ensuring security.

digital
ESCO source
network standards

Regulated standards that provide the technical guidelines, specifications, and requirements to ensure safe and efficient interoperability between devices, software, equipment, and organisations. Networking standards govern the software and hardware which uses them.

digital
ESCO source
operating systems

The features, restrictions, architectures and other characteristics of operating systems such Linux, Windows, MacOS, etc.

digital
ESCO source
organisational resilience

The strategies, methods and techniques that increase the organisation's capacity to protect and sustain the services and operations that fulfil the organisational mission and create lasting values by effectively addressing the combined issues of security, preparedness, risk and disaster recovery.

ESCO source

Cross-sector

3 competences
quality assurance methodologies

Quality assurance principles, standard requirements, and the set of processes and activities used for measuring, controlling and ensuring the quality of products and processes.

ESCO source
security engineering

Interdisciplinary field of study that focuses on the realisation of secure systems and the technology to protect individuals or information from malice, errors, or unauthorized access. It involves defining security protection requirements, processes, and methods to ensure the resilience of systems and data.

ESCO source
system backup best practice

The procedures related to preparing for recovery or continuation of technology infrastructure vital to an organisation.

digital
ESCO source
Essential skills and competences 11 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

7 competences
attend to ICT systems quality

Ensure correct operations which comply fully with specific needs and outcomes in terms of the development, integration, security and overall management of ICT systems.

digital
ESCO source
identify ICT system weaknesses

Analyse the system and network architecture, hardware and software components and data in order to identify weaknesses and vulnerability to intrusions or attacks. Execute diagnostic operations on cyber infrastructure including research, identification, interpretation and categorization of vulnerabilities, associated attacks and malicious code (e.g. malware forensics and malicious network activity). Compare indicators or observables with requirements and review logs to identify evidence of past intrusions.

digital
ESCO source
interpret technical texts

Read and understand technical texts that provide information on how to perform a task, usually explained in steps.

ESCO source
maintain database security

Master a wide variety of information security controls in order to pursue maximal database protection.

digital
ESCO source
maintain ICT identity management

Administer identification, authentication and authorisation of individuals within a system and control their access to resources by associating user rights and restrictions with the established identity.

digital
ESCO source
manage ICT data architecture

Oversee regulations and use ICT techniques to define the information systems architecture and to control data gathering, storing, consolidation, arrangement and usage in an organisation.

digital
ESCO source
manage IT security compliances

Guide application and fulfilment of relevant industry standards, best practices and legal requirements for information security.

digital
ESCO source

Cross-sector

4 competences
apply company policies

Apply the principles and rules that govern the activities and processes of an organisation.

ESCO source
ensure proper document management

Guarantee that the tracking and recording standards and rules for document management are followed, such as ensuring that changes are identified, that documents remain readable and that obsoleted documents are not used.

ESCO source
perform ICT troubleshooting

Identify problems with servers, desktops, printers, networks, and remote access, and perform actions which solve the problems.

digital
ESCO source
solve ICT system problems

Identify potential component malfunctions. Monitor, document and communicate about incidents. Deploy appropriate resources with minimal outage and deploy appropriate diagnostic tools.

digital
ESCO source
Optional knowledge 12 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

12 competences
cloud monitoring and reporting

The metrics and alarms utilizing cloud monitoring services, in particular performance and availability metrics.

digital
ESCO source
cloud security and compliance

Cloud security and compliance concepts, including shared responsibility model, cloud access management capabilities, and resources for security support.

digital
ESCO source
computer forensics

The process of examining and recovering digital data from sources for legal evidence and crime investigation.

digital
ESCO source
cyber security

The methods and best practices that protect ICT systems, networks, computers, devices, services, processes and people against unauthorised access, modification and/or denial of service of assets.

digital
ESCO source
ICT encryption

The conversion of electronic data into a format which is readable only by authorized parties which use key encryption techniques, such as Public Key Infrastructure (PKI) and Secure Socket Layer (SSL).

digital
ESCO source
ICT infrastructure

The system, network, hardware and software applications and components, as well as devices and processes that are used in order to develop, test, deliver, monitor, control or support ICT services.

digital
ESCO source
ICT security legislation

The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.

digital
ESCO source
ICT security standards

Best practices and guidelines established for securing information and communication technology (ICT) systems and data. Standards as is the case of ISO 27000 series, provide a framework for implementing effective security controls, including access control, risk assessment and incident management, as well as to provide compliance of anorganisation.

digital
ESCO source
information confidentiality

The mechanisms and regulations which allow for selective access control and guarantee that only authorised parties (people, processes, systems and devices) have access to data, the way to comply with confidential information and the risks of non-compliance.

digital
ESCO source
information security strategy

The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.

digital
ESCO source
telecom regulations

Code of rules to protect telecommunication consumers, ensuring high standards of communication services such as equivalent and affordable access, connectivity, transparency of contracts or security against malware. The regulation covers web-based and traditional services.

digital
ESCO source
web application security threats

The attacks, vectors, emergent threats on websites, web applications and web services, the rankings of their severity identified by dedicated communities such as OWASP.

digital
ESCO source

Cross-sector

0 competences

No competences in this bucket.

Optional skills and competences 22 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

15 competences
assess ICT knowledge

Evaluate the implicit mastery of skilled experts in an ICT system to make it explicit for further analysis and usage.

digital
ESCO source
execute ICT audits

Organise and execute audits in order to evaluate ICT systems, compliance of components of systems, information processing systems and information security. Identify and collect potential critical issues and recommend solutions based on required standards and solutions.

digital
ESCO source
execute software tests

Perform tests to ensure that a software product will perform flawlessly under the specified customer requirements and identify software defects (bugs) and malfunctions, using specialised software tools and testing techniques.

digital
ESCO source
implement a firewall

Download, install and update a network security system designed to prevent unauthorized access to a private network.

digital
ESCO source
implement a virtual private network

Create an encrypted connection between private networks, such as different local networks of a company, over the internet to ensure that only authorized users can access it and that the data cannot be intercepted.

digital
ESCO source
implement anti-virus software

Download, install and update software to prevent, detect and remove malicious software, such as computer viruses.

digital
ESCO source
implement cloud security and compliance

Implement and manage security policies and access controls on cloud. Differentiate between the roles and responsibilities within the shared responsibility model.

digital
ESCO source
implement ICT security policies

Implement statements, assertions or rules that specify the appropriate use and protection of the ICT assets and systems from an organisation. These ICT security policies cover topics such as data classification, password management, access control and incident response.

digital
ESCO source
lead disaster recovery exercises

Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.

digital
ESCO source
manage cloud data and storage

Create and manage cloud data retention. Identify and implement data protection, encryption, and capacity planning needs.

digital
ESCO source
manage ICT virtualisation environments

Oversee tools, such as VMware, kvm, Xen, Docker, Kubernetes, and others, used to enable a virtual environments for different purposes such as hardware virtualization, desktop virtualisation, and operating system level virtualisation.

digital
ESCO source
manage keys for data protection

Select appropriate authentication and authorization mechanisms. Design, implement and troubleshoot key management and use. Design and implement a data encryption solution for data at rest and data in transit.

digital
ESCO source
perform backups

Implement backup procedures to backup data and systems to ensure permanent and reliable system operation. Execute data backups in order to secure information by copying and archiving to ensure integrity during system integration and after data loss occurrence.

digital
ESCO source
respond to incidents in cloud

Troubleshoot issues with the cloud and determine how to restore operations. Design and automate disaster recovery strategies and evaluate a deployment for points of failure.

digital
ESCO source
use scripting programming

Utilise specialised ICT tools to create computer code that is interpreted by the corresponding run-time environments in order to extend applications and automate common computer operations. Use programming languages which support this method such as Unix Shell scripts, JavaScript, Python and Ruby.

digital
ESCO source

Cross-sector

7 competences
address problems critically

Identify the strengths and weaknesses of various abstract, rational concepts, such as issues, opinions, and approaches related to a specific problematic situation in order to formulate solutions and alternative methods of tackling the situation.

ESCO source
build business relationships

Establish a positive, long-term relationship between organisations and interested third parties such as suppliers, distributors, shareholders and other stakeholders in order to inform them of the organisation and its objectives.

ESCO source
manage database

Apply database design schemes and models, define data dependencies, use query languages and database management systems (DBMS) to develop and manage databases.

digital
ESCO source
protect personal data and privacy

Protect personal data and privacy in digital environments. Understand how to use and share personally identifiable information while being able to protect oneself and others from damages. Understand that digital services use a “Privacy policy” to inform how personal data is used.

digCompdigital
ESCO source
remove computer virus or malware from a computer

Carry out actions to remove computer viruses or other types of malware from a computer.

digital
ESCO source
store digital data and systems

Use software tools to archive data by copying and backing them up, in order to ensure their integrity and to prevent data loss.

digital
ESCO source
train employees

Lead and guide employees through a process in which they are taught the necessary skills for the perspective job. Organise activities aimed at introducing the work and systems or improving the performance of individuals and groups in organisational settings.

ESCO source