Great question. In a small company you have the "daily review" of hot & new issues. There are always surprises and those long-standing complex issues. This part of the job requires high collaboration plus secret keeping.
In addition, we are always busy testing, buying and rolling out new tools and security controls. This is project-based with clear goals and deadlines.
Finally, we read, tinker and code to understand new and old security topics and improve our specializations in both depth and breadth. Usually solo, or wit one or two belping, this might be nights & weekends for junior positions. As you have more to contribute at the job or on open source projects this is often the most rewarding work.
ROBERT recommends the following next steps:
If we are talking Cyber Security, a typical day in this field is as follows: Review threat detection reports or logs for all attempted (successful or unsuccessful) attacks, then assess those attempted attacks for impact to the company/individual, work on mitigating the attacks from high-risk to medium to low, use all that information for post-analytics and to develop new mitigation controls. By the way, this applies to most industries since Cyber Security touches most industries (i.e. technology, financial, medical, transportation, manufacturing, government, law enforcement, entertainment, etc.)