Network Security

Design, implement, monitor, and continuously improve secure networks by controlling access, segmenting traffic, detecting threats, and ensuring availability and integrity of network services.

Proficiency Level

Level 1 (Follow)

  • Follow network security rules (VPN use, secure Wi-Fi, approved devices) and reports suspicious network behaviour (slowdowns, unusual pop-ups, unknown SSIDs).
  • Apply basic safe practices: does not bypass security controls, uses strong authentication, and protects credentials.
  • Understand the purpose of common controls (firewalls, antivirus, MFA, encryption) and complies with required procedures.

Level 2 (Assist)

  • Perform routine network security tasks under guidance (access provisioning, rule change requests, inventory updates, log checks).
  • Assist with vulnerability remediation (patch coordination, removing unused ports/services, enforcing secure configurations).
  • Support incident handling steps (identify affected endpoints/segments, isolate devices, collect basic information for escalation).

Level 3 (Apply)

  • Implement and maintains core network security controls (firewall rules, ACLs, VPN, IDS/IPS, secure DNS) with proper documentation and approval.
  • Monitor network events/logs, investigates anomalies, and tunes controls to reduce false positives while maintaining protection.
  • Apply segmentation and least privilege principles (VLANs, micro-segmentation, NAC) to protect critical systems and data flows.

Level 4 (Ensure)

  • Design secure network architecture and standards (segmentation strategy, zero trust principles, secure remote access, cloud network security).
  • Lead major changes and security improvements (migration, firewall/IPS refresh, NAC rollout), ensuring risk assessment and minimal downtime.
  • Coordinate response to network-based attacks (DDoS, lateral movement, ransomware spread), aligning IT Ops, Security, vendors, and management.

Level 5 (Strategise)

  • Set enterprise network security roadmap and governance (policies, control framework, KPIs, audits) aligned to business risk appetite.
  • Anticipate evolving threats and drives continuous improvement using threat intelligence, attack simulations, and security maturity assessments.
  • Establish resilient network security operating model (SOC integration, monitoring strategy, vendor management, standardised playbooks, capability building).

Related Technical Competencies

NETWORK ADMINISTRATION AND MAINTENANCE

NETWORK SECURITY MANAGEMENT

NETWORKS CONFIGURATIONS

NETWORKING