3 answers
3 answers
Updated
Vineeth’s Answer
The main use for IT Security and the main role of an IT Security Specialist is to: Protect computer systems by creating barriers deterring external access to them. Recognize problems within systems by identifying uncharacteristic activity. Assess current situations with network security and carry out audits. Responsibilities include Set and implement user access controls and identity and access management systems. Monitor network and application performance to identify and irregular activity.
Updated
Jeffrey’s Answer
If you are in the Security Operations Center you can be doing a variety of technical security-related tasks such as Vulnerability Scanning and Research, Security Events Monitoring from automated analysis of event logs from the network, or Research and Development of Security Systems that you implement.
If you are more into Risk Management, you would be talking with different teams in the company talking about identifying risks within business processes and implementing controls to lower those risks.
There are a whole lot more things you could be doing depending on the team you belong to or the specialty you would like to focus on.
If you are more into Risk Management, you would be talking with different teams in the company talking about identifying risks within business processes and implementing controls to lower those risks.
There are a whole lot more things you could be doing depending on the team you belong to or the specialty you would like to focus on.
Updated
Christa’s Answer
For Information Security in general, our number one goal every day is to protect our systems and data! Depending on the role, they may be focused on:
- Prevention - Establishing security requirements and security best practices for employees, implementing effective controls to protect our systems/data, (as Jeffrey mentioned) identifying security risks and how to address them, providing security awareness and training to employees, providing security advice to developers
- Detection - Monitoring for suspicious activities, scanning for vulnerabilities, performing assessments (security assessment, penetration test)
- Response - Responding to detected events, implementing business continuity and disaster recovery plans
...and many, many more roles!
- Prevention - Establishing security requirements and security best practices for employees, implementing effective controls to protect our systems/data, (as Jeffrey mentioned) identifying security risks and how to address them, providing security awareness and training to employees, providing security advice to developers
- Detection - Monitoring for suspicious activities, scanning for vulnerabilities, performing assessments (security assessment, penetration test)
- Response - Responding to detected events, implementing business continuity and disaster recovery plans
...and many, many more roles!