Christian
What do jobs in Cyber Security do on a daily basis?
Is there down time or is there constantly things to be done? #cyber-security
5 answers
Jeffrey Graham
Jeffrey’s Answer
Hello Christian..... Great question.... A good amount of time is spent monitoring systems for fraudulent activity. In most organizations there will be intelligent analytics in place, real-time monitoring dashboards and systematic alarms to alert of potential attacks. The cyber security worker would then respond to the attacks/computer security breaches whether the attack was unintentional or malicious. It really depends on the specific role of the cyber security worker. They may also be involved in implementing, upgrading, and monitoring security measures for the protection of computer networks and information as well as activity to insure appropriate security controls are in place to safeguard digital files and the electronic infrastructure of the network. Probably on a daily basis, the cyber security worker may be monitoring for unauthorized or suspicious access to corporate web pages on servers or respond to outbound transmission of compressed files from a corporate network. And as with any job, cyber security workers are often dealt daily, routine administrative tasks, and will have some down time which is filled with training and activity to try and get ahead of the potential cyber threats (researching, reading white papers, etc.). There is a ton of information about this on the web, but a very good source of information is the U.S. Dept. of Homeland Security (DHS) website for Cyber Security as it gives some good information on cyber security, including Insider Threat which is a developing area . (https://www.dhs.gov/homeland-security-careers/dhs-cybersecurity). Hope this was helpful, and good look in your studies !
Joshua Majors
Joshua’s Answer
Short answer: there's ALWAYS something to do, read, or check out. Security is an ever-changing landscape. If there's no corporate work currently on the docket to get done, there's always personal development (learning new stuff). One of my favorite things about CyberSecurity is that everyone is always pushing the bar. There is always the next new thing.
Things in addition (my recommendations) to normal workload to check out would be:
- conferences (there's a plethora of events covering any and every topic you can think of)
- certifications ( same deal, depending on where you want to go in your cybersecurity career, there's a cert that will help you out)
- blogs, articles, etc (as you progress through your career you will collect a laundry list of sites, blogs, rss feed, and twitter feeds that you constantly check for new updates, that keep you upraised of new, cool happenings within the cybersec community
Vartika vartjais@cisco.com
Vartika’s Answer
Cyber security professionals, or information security analysts, have a wide range of responsibilities, but the crux of their job is to protect online data form being compromised. As more of our personal information is stored online, the more important it becomes to step up security.
Cyber security careers are complex and many roles can be found with banks, retailers and government organizations. On the job, you can expect to safeguard an organization's files and network, install firewalls, create security plans and monitor activity. If a breach occurs, you'll be responsible for identifying the problem and finding a solution quickly.
Jim Mcconnell
Jim’s Answer
Hey Christian, one way to summarize if you are passionate about Cyber Security is: "Something Different". As Cliff Stoll said, sometimes you are a scientist, sometimes an engineer, and sometimes a technician. He also said computer security is kind of boring. The boring point, I believe is a self-created point of being okay with just monitoring or just forensics and not having initiative to explore all the areas of cyber security. (Cyber) Security is such a wide and broad field. From, IAM on a Mainframe, to building a firewall for a farm based IoT network. One day, I am on calls doing consulting for a new project, another day (or in the same day), I am exploring new threat analytics, then another day, I'm traveling to a site to do a security assessment, then another day, I teaching or attending training. Go narrow and be the best, or go broad and be a great resource to your clients.
Chad Eckles
Chad’s Answer
Great question! Cyber security has become an incredibly large career field, and is therefore split into multiple focus areas. I can think of a few off the top of my head: Cyber, Engineering, Incident Response/Forensics, Auditing/Compliance. That is not a complete list by any means, but I do see a large amount of jobs in those areas, so I will briefly describe them.
Cyber usually involves looking for malicious activity and/or finding and remediating vulnerabilities on the system. This focus area usually revolves around the world of hacking and the protection of key assets, so many jobs include components of vulnerability scanning, network traffic analysis, log monitoring, insider threat identification etc. A typical job might be working in a Security Operations Center or working on a penetration testing team.
Engineering has to do with the people architecting, designing, and implementing the tools that the cyber security teams will need to effectively do their jobs. A firewall or Intrusion Detection System doesn't just walk in the door and set itself up, so these people are essential to ensure that tools, technologies, and networks are functioning at an optimal level.
Incident Response / Forensics personnel heavily overlap with Cyber, but these people usually focus on activities that occur after a major data breach or security incident. This is a very important role because in order to contain a data spill or protect the organization, time and the proper skills are everything. This focus area leverages cyber tools to gain insight into what happened on the network, and take it a step further with tools like EnCase, FTK, etc. to see what activity happened on a server or on a particular computer. Usually, this group of personnel has a tie to law enforcement, and are essential in providing key details and evidence to prove/disprove a case.
Auditing and compliance roles ensure that organizations protect their data and information according to various laws and standards. PCI/DSS, NIST, HIPAA are all industry standards that pertain to this group depending on if you work in the banking industry, government sector, or healthcare sector, respectively. You will typically be conducting system audits to ensure that controls are in place and that risks are properly being mitigated.
Hopefully that helps! If you have follow-up questions, please let me know and I would be happy to answer as I have dabbled in each area over the last decade or so.
Thanks,
Chad Eckles