ITSEC: IST SOLL Matrices: huh?
I'm hoping for some assistance from the European members.
I'm looking for documentation on IST SOLL matrices. I have found a little info by searching the interwebs, but no good documentation IN ENGLISH. I found some in German, but translating is a time-consuming pain.
It appears to be a practice that is used in the US for IT security, but nothing so formalized. I really like the concept but need a little more info like software packages used, companies that use it, actual training, any book or reference that mentions it would be helpful.
I'm working on learning German, but don't have the time to delve into the technical jargon until after I finish WGU.
I'm looking for documentation on IST SOLL matrices. I have found a little info by searching the interwebs, but no good documentation IN ENGLISH. I found some in German, but translating is a time-consuming pain.
It appears to be a practice that is used in the US for IT security, but nothing so formalized. I really like the concept but need a little more info like software packages used, companies that use it, actual training, any book or reference that mentions it would be helpful.
I'm working on learning German, but don't have the time to delve into the technical jargon until after I finish WGU.
Comments
-
lordy
Member Posts: 632 ■■■■□□□□□□
I am not quite sure what an IST SOLL matrices is. However, IST describes the situation that something IS in right now, SOLL describes what it SHOULD be. Does that help you in any way?
I am german so maybe I can help you in summarizing some of the things. Send me a PM, if I can help you.Working on CCNP: [X] SWITCH --- [ ] ROUTE --- [ ] TSHOOT
Goal for 2014: RHCA
Goal for 2015: CCDP -
swild
Member Posts: 828
Jr. Security Specialist
Contract
We are currently searching for a Jr. Security Specialist to work in ... for 3 months plus extensions. This is a fantastic contract opportunity for a large multi-national client.
Role of the Jr. Security Specialist is to perform daily authorization reviews on administrative account by executing IST-SOLL comparisons.
Ensure IT Security by performing authorization life cycle management.
Execute IST-SOLL comparisons and communicate/report deviations.
Extraction of IST information from infrastructural IT systems
Review of SOLL matrices
Comparison of IST-SOLL information.
Reporting of deviations to Security Incident Management
The ideal candidate must have the following skills:
Basic knowledge of DBMS (Oracle, DB2, MS-SQL) Active Directory, LDAP and use of MS Excel and reporting.
Degree in IT and preferable CISSP.
Proficient in use of Microsoft Office with speed and accuracy
Knowledge and experience with IT Security operations
Strong communicator (verbally and in writing), including experience with communicating with IT Specialists.
Pragmatic approach, with eye for detail
Security focused
language English
...
Location:
...
Start Date:
ASAP
Rate:
negotiable
Contact:
...
This is an example of a job listing, slightly censored, since I have applied. I don't think that not having this experience would make you not eligible, but I will see.
I have seen this listed in many other job postings as well.