DIFFERENT AREAS OF CYBER SECURITY TO WORK IN

Afterall, in the world of physical security, you have mall cops, FBI agents, personal security, etc. right? People in these positions help to defend..

DIFFERENT AREAS OF CYBER SECURITY TO WORK IN

Hello,

For this Newsletter I will attempt to describe the different genres of cyber-security.

I always like to compare virtual environments with the real world because the virtual world sometimes feels like a different universe. Kind of like the matrix movie where even the programs and malware had a persona. Well, IT professionals perform tasks in the virtual world that is comparable to the real one:

  • The network admins create network routes similar to how construction workers build roads and highways.
  • The programmers are the manufacturer of the digital world. In the real world, they are the people who create the building materials.
  • The system/server admin operate and configure servers, so they function properly. I compare them to general contractors who make sure the buildings are properly assembled with the right structure and foundation. They are there to make the building livable.
  • The service desk techs provide tier 1 support work. These are technical tasks that do not require high level expertise. I compare them to plumbers and electricians working on minor day to day repairs and maintenance work.
  • AND THEN you have US! The real heroes, THE SECURITY PROFESSIONALS.
Superhero on Google just kidding…

We are the security guard at the gate to the building and the highway patrol officers. We essentially make sure only authorized people are using the resources that we are tasked with protecting. Security professional defend computers, networks and data from threats.

*Disclaimer, I am providing you with a personal viewpoint, My analysis does not necessarily apply to ALL IT Professionals

I will now take a deeper dive into the different types of information security professional. Afterall, in the world of physical security, you have mall cops, FBI agents, personal security, etc. right? People in these positions help to defend but their skills and contribution to society are not the same.

Our breakdown of cyber-security categories is not universal, but we believe most cyber security jobs should fall into one of the categories listed below*.

  • Defense – Security engineers/SOC analyst
  • Offense – Ethical hackers/Penetration testers
  • Policy – Security Compliance Specialist
  • Forensics – Cyber-security forensics specialist

  • Defense – Security engineers/SOC analyst:
    In this role, your job is to work as part of a team that monitor, analyze and defend an organization's network against malicious activities and attacks. This position is technical and require attention to details. In this position, you use tools to keep aware of activities that traverse your system(s). You are also trying to find a way to increase defenses so as to prevent or mitigate future attacks. There are 3 tiers of SOC analyst; Tier 1,Tier 2 & Tier 3.EC Council wrote a blog that detailed the differences between the 3 tiers and also everything about a SOC analyst. To get into a security engineering position, you should master two popular security tools and learn how to effectively use 3 more. PJCourses.com also offer an excellent Security Engineering Course for only $10/month.
  • The Good:
    • This is a technical position so it can feel pretty exciting when there is action. Your day will go by quickly when you’re active.
    • You are usually quite busy working with your tools. You don’t have to deal/socialize with too many people… this is good if you’re an introvert.
  • The Bad:
    • If there is a major issue on the network, there’s a lot of pressure on you to perform. This can make you want to crawl under your desk and hide… but don’t worry, most security engineers survive this experience.
    • You may have to come in on the weekends to work when the network is going through routine/major maintenance work.
    • If there is a major issue, expect to have to work overtime.
 

Get 1Month FREE on our online cyber security course. Use Cyber2020 as the coupon code to Register.

  • Policy – Security Compliance Specialist:
    In this role, it is your job to research industry security best practice and determine if your organization is meeting those benchmarks. The items that your organization does not comply with are security risks. You will then present your findings to executive leadership and they will decide if they will accept the risk or spend company time and money to fix them. It is also your job to draft organization documents like security policies, procedures and guidelines. . You are in charge of tracking all of these things and holding the admins and mgmt. accountable to their security related tasks.  You will need to be good at digesting and analyzing technical documents and be a good writer in order to be proficient at this job.
  • The Good:
    • 40-hour week with opportunity to telework on some days.
    • You do not need to be highly technical or master security tools, just need to be good at critical thinking.
    • Your job requires you to speak with and obtain information from many people within your organization (great for extroverts).
    • I believe this position is the fastest track to management because you’re always engaging upper management. PJCourses.com has a best-selling security compliance course for $10/month.
  • The Bad:
    • Paperwork, paperwork and more paperwork.
    • If you’re introverted, you may not like speaking with people. This job requires you to ask questions and communicate with others to obtain information.
  • Offense – Ethical hackers/Penetration testers:
    As a penetration tester, your job is to perform security test on networks and try to break into or find exploit in computer system or software. You design tests and tools that uncover vulnerabilities in security-protected network and applications. You will need to be in tune with the latest exploits in the industry and master testing platforms used to deploy them like Kali Linux. A detailed explanation about this position can be found here.
  • The Good:
    • One of the fastest growing careers in the tech industry.
    • A lot of penetration testers are freelancers. This is good for those seeking a flexible lifestyle.
    • Being an established hacker is seen as a “cool” job – it can be fun and exciting to Hack a system.
  • The bad:
    • You need to be very technical...
    • The best hacker know programming. You’ll have to study 1-2 languages (Mainly Python).
    • This area of work has the most freelancers… in my opinion, this area has the least amount of job security.

  • Forensics – Cyber-security forensics specialist:
    In this role, you are to investigate computer-related crimes(cyber crimes). You are responsible to detect, harvest and analyze data linked to criminal activities from computers, networks and related associate information and IT equipment. Your investigation can be based on range of crimes where computer is used as object of the crime. This type of cyber-security work is very sensitive because you are essentially collecting evidence. Using specialized software, you will need to prove that the digital evidence have not been tampered with. Some digital evidence are temporary and can disappear (aka “volatile”). So you will need to take special care to collect all evidence in time. Here is a good video link to learn more: https://www.youtube.com/watch?v=aWJQQJkSjZw
  • The Good:
    • A challenging profession that can sharpen your critical thinking skills
    • It requires you to interact with people and remain technical (great for extroverts)
  • The Bad:
    • Might require showing up in court as an expert witness and give evidence
    • Might have to view distressing information or images
    • High pressure trying to meet client deadlines
SECURITY ANALYST OF THE MONTH: KENLEY!

Congrats to our security analyst of the month: Kenley!

⭐⭐⭐⭐⭐

I need to interrupt your regularly scheduled browsing to brag about another outstanding team member of ours: Kenley, our security compliance subject matter expert.

Kenley, helps our company by reviewing and auditing several system security authorization packages. I don’t know how he does it, but he can blaze through an SSPs and SARs very quickly and provide high quality feedbacks. If Kenley says he will deliver by a certain date and time, that is exactly what he did. He is also an excellent threat analyst with his sec+ cert and he recently secured his CEH certification through our hands on – rigorous boot camp program. To add he accomplished all this while working towards his Cyber-Security Masters at Cap-Tech, an award-winning program! The only bad thing I can say about this guy is that he's an Eagles fan😂

Kenley, I can’t thank you enough for all you’ve done for our company as we continue to grow. When you came on board, I told you we had a lot of work to do, and you embraced the challenge with positive attitude and determination. Your handprints are forever laminated as our company is pushed through its humble beginnings. I can confidently say I have the best team in the world because of cyber-warriors like you. Cheers to your continued success!

 

  • Coming Soon!
    • Splunk App for Windows Infrastructure:
      This course will teach students how to configure the SPLUNK-app for windows infrastructure. This is an intuitive tool that will provide every security analyst with the visibility they need for their network.
    • PJ Cybersecurity Awareness Training Program:
      PJ Pros will soon release a comprehensive security awareness training course very soon. This will be a free course for employers to use to train their staff and meet their annual security awareness training requirements.
  • Changes on PJ Courses:
    Courses on our learning platform, PJCourses.com is currently going through some re-organization. Some videos will be updated as needed and all online classes will be based on $10/month membership payments (no more single class payments). In addition, quizzes will now reveal correct answers, however you will only have one attempt at them instead of three. All quizzes will also come with 10 questions instead of 5. The questions have been redesigned to be more thought provoking. I think you all will like the re-organization as it will provide career seekers with a more modular and informative approach to learning.

Categories: : Blog, Cyber basics, cyber security, How To Tutorials