Community Security Engineer

Community Development Best Practices edit

The Community Security Engineer (CSE) is a role in the Community Development process. The primary responsibility of the CSE is to oversee that information security risks are managed during community development projects.

CSE Responsibilities

The CSE is responsible for overseeing information security in community projects, and in helping to identify, communicate, and assist the community project team in mitigating the most important security risks.

  • Integration and risk assessment: Engage directly with project teams to identify security risks and convey security requirements. A CSE takes part in project requirement discussions to identify security risks and provide security requirements to help mitigate those risks.
  • Consulting: Provide professional security and compliance consulting and documentation to help Community Developers and the Community Development Coordinator mitigate security risks. They verify that requirements and standards are met.
  • Testing: The CSE May discover and exploit vulnerabilities in Community Development applications using properly-licensed tools and ethical means. Per assessment guidelines, test scope and timing is defined in a Rules of Engagement document and agreed to by the Program Manager and the IT Security Risk Liaison before testing may commence.
  • Reporting: The CSE shares security test results with the IT Security Risk Liaison to ensure consistency and adequate coordination. After receiving any feedback, the engineer shares these results with the project team in a professional manner.
  • Follow-Up: The Program Manager ensures that confirmed vulnerabilities are tracked as bugs. The Program Manager is responsible for ensuring that all significant security code defects are addressed before the product is deployed to production.
  • Escalation: Serious pushback on imperatives should be communicated to the community development liaison (full-time Church employee) to take up with management.

Other Responsibilities



This page was last modified on 31 August 2011, at 15:51.

Note: Content found in this wiki may not always reflect official Church information.