Re: Operational vs project time

[Steve Schuster <sjs74 () CORNELL EDU>]

I have a staff of 4 full time security engineers, a deputy and
myself.  The security engineers rotate primary operations
responsibilities weekly while the others are then able to concentrate
on project work or overflow of operations.  My deputy and I throw
ourselves in as needed.  With all that said, I'd estimate the at
least 40% of our time is spent on operations with the remaining on
projects.

What is changing this mix right now, however, is the new changes to
Federal Rules of Civil Procedure.

sjs

Steve Schuster
Director, IT Security Office
Cornell University
sjs74 () cornell edu




On Oct 30, 2006, at 3:36 PM, Gary Flynn wrote:

> Hi,
>
> We're undergoing some internal analysis and were wondering what
> security groups were seeing as the proportion of time spent on
> operational work vs project work.
>
> By operational work, I mean recurring things like responding to
> calls, access requests, infections, incidents, training and
> presentations, daily monitoring and response tasks, tuning,
> upgrades, and the like.
>
> By project work, I mean things like providing new internal or
> external services and development.
>
> Projects may be internal projects to improve security functions
> ( e.g. network anomaly detection ), external projects providing
> security services to external parties ( e.g. WSUS server ), or
> interdepartmental projects where security personnel participate
> in the project planning, design, management, and possibly
> implementation on an ongoing basis ( e.g. portal, identity
> management, new university system rollouts ).
>
> We're currently estimating 60-70% of our time going to
> operational tasks and wondered what others were seeing.
>
> --
> Gary Flynn
> Security Engineer
> James Madison University
> www.jmu.edu/computing/security