9 answers
Asked
1103 views
What does the typical work day look like for someone working in the Cyber Security/Network Security field?
#information-technology #cyber-security #network-security
Login to comment
9 answers
Wayne Archibald
Cybersecurity Associate Director here to share knowledge!
229
Answers
Annapolis Junction, Maryland
Updated
Wayne’s Answer
Hi Jacob,
I'm a Threat Intelligence Analyst and these are some of my daily duties:
- Lead the remediation of application vulnerabilities
- Coordinate vulnerability remediation with application teams
- Provide threat and vulnerability analysis
- Collaborate with application teams to lead in the development/adoption and enforcement of Information Security policies, procedures and standards
A typical day for most job is cybersecurity is 8-10 hours made up of customer development, working on security vulnerabilities or incidents, meetings to collaborate with other teams, technology learning, relationship building and problem-solving.
Good luck!
Hope this helps.
Good luck!
I'm a Threat Intelligence Analyst and these are some of my daily duties:
- Lead the remediation of application vulnerabilities
- Coordinate vulnerability remediation with application teams
- Provide threat and vulnerability analysis
- Collaborate with application teams to lead in the development/adoption and enforcement of Information Security policies, procedures and standards
A typical day for most job is cybersecurity is 8-10 hours made up of customer development, working on security vulnerabilities or incidents, meetings to collaborate with other teams, technology learning, relationship building and problem-solving.
Good luck!
Hope this helps.
Good luck!
Updated
S’s Answer
The cybersecurity and network security typically involve proactively identifying gaps in current security architecture, responding hardening network security infrastructure due to newly discovered vulnerabilities, and responding to actively exploited (hacked) areas of your company's infrastructure. Often times you may not be the SME on the infrastructure itself but you will need to be able to identify risk of any gaps in security and pull together the right SMEs into a room to remediate the issue.
Updated
Alexander’s Answer
A typical workday in the Cyber Security or Network Security field is dynamic and can vary significantly based on the specific role, company size, and industry. However, many core activities remain consistent across most positions. Here’s an overview of what a day might entail for a professional in this field:
Morning:
Check Security Alerts and Updates
Review overnight reports: Cybersecurity professionals often start their day by checking reports and alerts that came in overnight for any signs of unauthorized access, malware activity, or other security threats.
Update software and systems: Ensuring that all security tools and systems are up-to-date with the latest security patches and definitions is critical and usually performed early in the day.
Team Briefing
Meet with the team: Daily stand-up meetings to discuss priority issues, ongoing projects, and distribute tasks among team members.
Coordinate with other departments: Communication with other departments such as IT, operations, and development to align on security practices and address any concerns.
Midday:
Ongoing Monitoring and Maintenance
Continuous monitoring: Throughout the day, cybersecurity experts monitor networks and systems using sophisticated tools to detect, analyze, and respond to threats in real-time.
Incident response: Respond to security incidents by following established protocols which may involve isolating affected systems, conducting forensic analysis, and implementing remedial actions.
Security Assessments and Audits
Conduct assessments: Regular vulnerability assessments and penetration testing on networks, applications, and other systems to identify and mitigate potential security weaknesses.
Review and update security policies: Evaluating the effectiveness of existing security policies and procedures and updating them as necessary.
Afternoon:
Project Work
Implement security projects: Work on ongoing security enhancement projects, such as deploying new security solutions, enhancing existing defenses, or integrating security considerations into business processes and IT developments.
Security training and awareness: Developing and delivering training sessions for other employees on security best practices and new threats.
Documentation and Reporting
Prepare reports: Documenting incidents, threats, and false positives to improve future threat response and to comply with regulatory requirements.
Compliance and regulatory reporting: Ensuring all cybersecurity practices meet legal and regulatory standards, preparing for audits, and reporting to regulatory bodies if necessary.
Evening:
Planning and Strategy
Strategic meetings: Participating in planning sessions with senior management or the cybersecurity leadership to discuss strategic security initiatives, budgeting, and resource allocation.
Research and development: Staying updated with the latest cybersecurity trends, tools, threats, and innovations by reading journals, attending webinars, or participating in professional forums and discussions.
Cybersecurity professionals need to be vigilant and proactive, as the landscape of threats is constantly evolving. Their workday involves a blend of technical tasks, strategic planning, and continuous learning to protect their organizations from existing and emerging threats effectively. The role demands a high level of adaptability, problem-solving skills, and a keen eye for detail to manage the multifaceted challenges of network and cybersecurity.
Morning:
Check Security Alerts and Updates
Review overnight reports: Cybersecurity professionals often start their day by checking reports and alerts that came in overnight for any signs of unauthorized access, malware activity, or other security threats.
Update software and systems: Ensuring that all security tools and systems are up-to-date with the latest security patches and definitions is critical and usually performed early in the day.
Team Briefing
Meet with the team: Daily stand-up meetings to discuss priority issues, ongoing projects, and distribute tasks among team members.
Coordinate with other departments: Communication with other departments such as IT, operations, and development to align on security practices and address any concerns.
Midday:
Ongoing Monitoring and Maintenance
Continuous monitoring: Throughout the day, cybersecurity experts monitor networks and systems using sophisticated tools to detect, analyze, and respond to threats in real-time.
Incident response: Respond to security incidents by following established protocols which may involve isolating affected systems, conducting forensic analysis, and implementing remedial actions.
Security Assessments and Audits
Conduct assessments: Regular vulnerability assessments and penetration testing on networks, applications, and other systems to identify and mitigate potential security weaknesses.
Review and update security policies: Evaluating the effectiveness of existing security policies and procedures and updating them as necessary.
Afternoon:
Project Work
Implement security projects: Work on ongoing security enhancement projects, such as deploying new security solutions, enhancing existing defenses, or integrating security considerations into business processes and IT developments.
Security training and awareness: Developing and delivering training sessions for other employees on security best practices and new threats.
Documentation and Reporting
Prepare reports: Documenting incidents, threats, and false positives to improve future threat response and to comply with regulatory requirements.
Compliance and regulatory reporting: Ensuring all cybersecurity practices meet legal and regulatory standards, preparing for audits, and reporting to regulatory bodies if necessary.
Evening:
Planning and Strategy
Strategic meetings: Participating in planning sessions with senior management or the cybersecurity leadership to discuss strategic security initiatives, budgeting, and resource allocation.
Research and development: Staying updated with the latest cybersecurity trends, tools, threats, and innovations by reading journals, attending webinars, or participating in professional forums and discussions.
Cybersecurity professionals need to be vigilant and proactive, as the landscape of threats is constantly evolving. Their workday involves a blend of technical tasks, strategic planning, and continuous learning to protect their organizations from existing and emerging threats effectively. The role demands a high level of adaptability, problem-solving skills, and a keen eye for detail to manage the multifaceted challenges of network and cybersecurity.
James Nagata, CISSP
Senior Director, Information Security & IT Operations
3
Answers
San Ramon, California
Updated
James’s Answer
A typical day would be based on the level of expertise. Most cybersecurity careers begin with basic triage or investing incidents from malware to patching vulnerable software. As an analyst gains experience, they'll get more exposure to forensic analysis and identifying the root cause. Overall, this is a very rewarding career since there continues to be a huge deficit in the cybersecurity industry.
Miguel C
Director - Cloud Information Security, Data Privacy and IT Operations
5
Answers
Chicago, Illinois
Updated
Miguel’s Answer
Typical day is dependent on many things such as: organization size, team size, role, cloud or on premise network security, and the network security capabilities you have available at the company. Activities include: vulnerability identification and remediation, Security Information Event Management (SIEM) monitoring, access management and vendor management.
Updated
Robert’s Answer
It depends Security in a way is a cathc all pahse and has many pathways in and of itself that will determine your focus within that area For example if you pursue security Operationas role your day will be utlizing various monitoring and ananalytics tools to detect and determine course of actions of potential attack vectors If risk/Governance or audit focus then a more policy andcompliance typr activity will be followed Once more if Cporporate or Physical security is the desired path way then various building access methodologies, perimeter security techniques and the like can be your focus There are many avenues within the security framework and once you find the focus area of interest it will guide you towrd the activities accordingly
read a security plus book and see the various tenants of security to help decide where intial interest and field may be you can always transistion afterwards if desired
Robert recommends the following next steps:
Updated
Robert’s Answer
The network in many companies have become the center of all digital transmissions and unfortunatly the target of many hackers. As a network security specialist a typical day can vary greatly from reviewing and analyzing various vulnerability reports and working with security partners as well as business professionals to assit in the remediation efforts of these vulnerabilities to continually lower the rsik to the company. In addition you are often called in at the design pahse of a new project to insure best prectices of security are employed in the design from the beginning and to eduacate the users of this technology toward continual security hygene It is a challenging yet rewarding field and hardly ever boring
Updated
brian’s Answer
A typical work day look for someone working in the Cyber Security/Network Security field, really depends on what your role is, and how success in that role is measured. As an example, I am work for a software vendor, in the sales organization. My role is to support the account teams in exceeding their sales quotas. This can only be accomplished by exceeding our Customers expectations in terms of selection and use of the most appropriate cyber security solution (software and or services). Therefore in my case, I spend a large amount of time preparing for those Customer interactions. Typical activities include completing product training and certifications, internal meetings with fellow account team members to plan and strategize on activities to achieve our goal, managing proof of concept activities, meeting with Customers to understand their challenges and proposing viable solutions. I have held many roles within the cybersecurity industry, both as individual contributor (IC) and as a leader. It is a very rewarding industry to be part of, but like with many roles there is a certain amount of mundane work interspersed with bursts of high drama (e.g. security incident).
Updated
David’s Answer
That is a very good question and it really depends on where you land in cyber/network security. First off, definitely consider the security field as a career. I did 36 years ago by volunteering to do Information Security for Digital Equipment. At the time, they needed staff to do the work and I have always raised my hand to take on new challenges in any company. In fact, that has been my secret to sucess over the years so I highly encourage you to volunteer for many different projects in your career. I currently work in global Risk Management and Governance team and I have worked from home since 2009 in Verizon. My typical work day involves attending virtual meetings to review and approve the security controls for global projects, planning cyber exercises, developing security awareness training, editor of security documents, and mentoring staff to get into the security field within my company. The special part of reviewing projects is that you learn a lot about the business and the cool things that they are planning. That also means that you will need to train yourself or take classes to learn many new areas (e.g. Cloud computing, new security tools, Virtualized Network Functions, etc.). If you are not in a security field, I would recommend getting an internship while in college in this space. That allows you to experience the field and even sample a company that could be your next job. If you are out of college and working in a company, I would talk to your boss and let them know you want to get more involved in the security field for your career growth. Then plan to take courses to better understand the security topic areas that interest you the most. Finding a mentor in your company is well worth the time. It is like trying to teach yourself how to sing or play an instrument. You could progress over time. However, if you took lessons, you would become more proficient so much faster. The same goes for having a security mentor to help guide you along your path efficiently over a shorter time frame.