Last Friday I wrote to this list:
> I'm a long-time lurker on this list and an independent consultant whose
> practice seems to involve more firewalls all the time.
> One of my clients is a large organization and seems to be comitted to
> doing firewalls right. They intend to hire a few staff members to
> manage and monitor their firewalls (they expect to be dual-connected to
> the Internet) and to develop new, secure firewall applications specific
> to their business.
> I'm looking for some boilerplate that describes firewall (and related
> systems) management tasks and skills as input to this staffing process.
> If any of you have such text that you wouldn't mind sharing, please send
> it to me by private mail. (If it's *really* good, send it to the list,
> too, but I'm willing to do more editing and integration of fragments
> than the average reader of this list.)
> Please don't send your resume (unless it contains useful input for a
> position description)! I'm not the one who will be doing any hiring, and
> I won't be forwarding prospective names to anyone who will.
> Thanks in advance for any input you can provide!
I received the expected response: six folks who'd like a copy of
whatever I come up with and no input! So I'll be undertaking to write
such a beast. When it's done, I'll send it to this list, to the folks
who send me explicit requests for it, and to anyone else who
The position description will be oriented to a large company with a
highly developed IS infrastructure and very high security needs. Among
the requirements is "separation of duties"--that is, it should be
impossible for a single individual, including a firewall manager, to
subvert the purpose of the firewall. Also, my client requires
connections to multiple Internet service providers, 100% up time with
two firewall sites in different states, and all alerts forwarded to a
remote 7x24 operations group for escalation and dispatch. If you have
less complex requirements, you better not hold off writing your own
position description until mine is done, as it might not be so helpful
Contributions are still welcome, if only in the nature of "Don't forget
that the firewall manager must be able to...". I'd like to get this
together in a format I not embarrased to post within 2-3 weeks.
"Steve" Stephen L. Arnold, Ph.D., Principal, Arnold Consulting
Address 4138 Iroquois Drive, Madison, Wisconsin 53711-3701 U.S.A.
Telephone +1 608 238 4850 Facsimile +1 608 238 4855
Internet Stephen .
Com BITNET ARNOLD @
Pager (800) Sky-Page, PIN 238-4850