4 answers
Asked
643 views
For people working Cyber Security or a related field, what is your day to day work life like, what are some of your duties and responsibilities?
#technology #computer-science #science #career #cyber-security #computer
Login to comment
4 answers
Wayne Archibald
Cybersecurity Associate Director here to share knowledge!
221
Answers
Annapolis Junction, Maryland
Updated
Wayne’s Answer
Hi Iryanna,
My typical days includes:
- Investigating/Reviewing critical security incidents
- Meetings to collaborate with other teams
- Responding to user requests
- Creating and implementing security initiatives
My duties include:
- Leading the remediation of application vulnerabilities
- Coordinating vulnerability remediation with application teams
- Providing threat and vulnerability analysis
- Collaborating with application teams to lead in the development/adoption and enforcement of Information Security policies, procedures and standards
In the field of Cybersecurity, typical duties may include:
- Monitoring, testing, and troubleshooting the security system
- Analyzing and defining security requirements for an organization’s systems
- Identifying which abnormal events should be reported as threats
- Designing security audits
- Providing technical support to colleagues
Hope this helps.
Good luck!
My typical days includes:
- Investigating/Reviewing critical security incidents
- Meetings to collaborate with other teams
- Responding to user requests
- Creating and implementing security initiatives
My duties include:
- Leading the remediation of application vulnerabilities
- Coordinating vulnerability remediation with application teams
- Providing threat and vulnerability analysis
- Collaborating with application teams to lead in the development/adoption and enforcement of Information Security policies, procedures and standards
In the field of Cybersecurity, typical duties may include:
- Monitoring, testing, and troubleshooting the security system
- Analyzing and defining security requirements for an organization’s systems
- Identifying which abnormal events should be reported as threats
- Designing security audits
- Providing technical support to colleagues
Hope this helps.
Good luck!
Thank you for the in-depth answer, it gave me a lot to consider, and helped me tremendously!!!
Iryanna
Updated
Diego’s Answer
In Cybersecurity you will find different profiles and job responsibilities, if you are considering a career in cybersecurity, I would suggest searching for an intern position where you can get in touch with different teams and become familiar with the daily tasks, roles and responsibilities, keep in mind that in cybersecurity you'll find hardcore technical people and other roles that focus on a soft skill like organizing and following projects.
On the other hand, as a Security Engineer focused on the incident response/forensics area (IR), my daily tasks include:
- Actively search for technologies, methodologies and procedures to improve the company IR
- Involve many stakeholders in decision making especially when this may lead to a big change in how we do things, which leads me to have many calls daily
- Closing technology gaps identified during the Ir process
- Provide technical support to colleagues
- Create documentation about almost I am doing
- Learn from different systems from documentation and training
Search an intern position to learn
read about work and roles in cybersecurity
On the other hand, as a Security Engineer focused on the incident response/forensics area (IR), my daily tasks include:
- Actively search for technologies, methodologies and procedures to improve the company IR
- Involve many stakeholders in decision making especially when this may lead to a big change in how we do things, which leads me to have many calls daily
- Closing technology gaps identified during the Ir process
- Provide technical support to colleagues
- Create documentation about almost I am doing
- Learn from different systems from documentation and training
Diego recommends the following next steps:
Thank you!!!
Iryanna
Updated
Melanie’s Answer
Hi Iryanna,
There are many ways to work in the Cybersecurity domain, so on the very bright side you'll find that for the most part they will always be pretty dynamic. There are not many positions that I've working as/with that do a more steady, normal thing day in and day out. The cyber field requires us to be able to constantly learn, work on new and evolving things, as well as both internal or customer-facing roles.
As a Cybersecurity Engineer for a managed security service, I have a lot of different tasks and my day is always different. Daily activities usually include some normal recurring meetings like 'stand-ups' with my team (short check-ins on escalations for the day), customer calls, and always a ton of emails. My tasks include assisting customers to provision their various security and other environment log/data sources to log to our SIEM solution, provide guidance on security settings and compensating controls for overall protection from what we see in their logging, as well as create documentation to help make these processes more efficient. I will also be involved in provisioning other services (such as deploying and monitoring endpoint solutions on laptops/servers/etc.), product development testing and validation, as well as be a member of the Incident Response team to assist customers when they encounter a breach or potential breach.
There are many ways to work in the Cybersecurity domain, so on the very bright side you'll find that for the most part they will always be pretty dynamic. There are not many positions that I've working as/with that do a more steady, normal thing day in and day out. The cyber field requires us to be able to constantly learn, work on new and evolving things, as well as both internal or customer-facing roles.
As a Cybersecurity Engineer for a managed security service, I have a lot of different tasks and my day is always different. Daily activities usually include some normal recurring meetings like 'stand-ups' with my team (short check-ins on escalations for the day), customer calls, and always a ton of emails. My tasks include assisting customers to provision their various security and other environment log/data sources to log to our SIEM solution, provide guidance on security settings and compensating controls for overall protection from what we see in their logging, as well as create documentation to help make these processes more efficient. I will also be involved in provisioning other services (such as deploying and monitoring endpoint solutions on laptops/servers/etc.), product development testing and validation, as well as be a member of the Incident Response team to assist customers when they encounter a breach or potential breach.
Thank you for taking the time out of your day to answer my question!!!
Iryanna
Updated
CJ’s Answer
It really depends on your position e.g. operations, sales, etc. For sales there are two broad categories; first is a company that sales a “single” product e.g. crowdstrike, palo, etc. All though these companies have multiple offerings, the sales team is only required to know their own technology, but must know it in detail. The second is a company that incorporates all the technologies into their offerings or resales, e.g. Verizon, ATT, etc. These individuals will have to know something about all the technologies to utilize them based on a customer’s needs. When it comes to operations, Melanie's and Wayne's (answer above) provided a good overview on the day to day. I would recommend for you first step figuring out what position you want to start with. Do you like talking with people or being on your own? Do you want to deep dive into one technology or know a little about many technologies? Do you want to travel or do you want to work at a single location? Do you want to do coding? Do you like to read and write a lot?