Organizational Systems Security Analyst
The Organizational Systems Security Analyst™ (OSSA) is an international Enterprise-level, IT-Security Certification designed by experienced IT Security practitioners.
With its emphasis on the use of practical methodologies and technical tools to achieve the objective of network, server and web-application security for organizations, the Organizational Systems Security Analyst™ teaches a vendor independent approach to practical issues surrounding IT security and is geared towards equipping participants with the knowledge and skills necessary to secure their organizations from both internal and external threats.
Unlike those who focus on IT-Security tools which can become ineffective very fast in the real world, the Organizational Systems Security Analyst™ first looks at security from a methodological perspective and draws lessons from Sun Tzu's "Art of War", introducing the practicalities of IT-Security and not just theory. It then populates the framework with resources and tools by which various security aims and objectives can be met.
For these technical portions, although there is practical coursework, the aim is not to teach about the tool itself but about the category of usefulness that the tool falls into so that the course attendees can select, on their own, the “best-of-breed” for the task at hand. Give a man a tool and he’ll protect himself for a day. Give him methodology in conjunction with resources and he’ll be able to protect his organization for a lifetime.
And, of course, because IT-Security does not exist in a vacuum, the Organizational Systems Security Analyst™ covers legal and operational issues that will be faced both locally and in a multinational setting. Programme participants will come away with the following:
- A top-to-bottom practical understanding of the real-life issues facing the IT-Security Professional today, augmented by workbook-based lab work setting up a complete enterprise defensive network overlay.
- The ability to advise their organizations about the various IT-Security risks and how to mitigate them.
- An understanding of the need to ensure that policies, procedures, people and platforms are executed and established in a secure manner.
- The ability to conduct incident response and basic computer forensics.
- An appreciation of the legal framework in which all organizations operate in and its impact on the organization.
- IT-Security Practitioners and Technical Professionals
- IT-Security Penetration-Testers and/or Technical Auditors
- IT Network Designers
- IT Network Administrators / Engineers
- IT System Administrators / Analysts / Engineers
- Application Designers / Specialists and anyone who needs or wants to know how to secure their organization's infrastructure, information and assets against internal and external threats.
- Understand networking protocols and principles such as TCP/IP, 802.3, HTTP, etc, and how they work in detail.
- Understand basic IT-security principles and concepts such as CIA, defence-in-depth, etc.
- Attendees should preferably be in technical and/or practitioner roles/positions/jobs.
- Strong interest in IT-security