CYSE/IT 200T Weekly Freewrite 2

Posted by gdrig001 on

1.) Cyber Security Specialist at Carefirst BlueCross BlueShield

Requirements: College Degree in an Information Security or Technology related field or equivalent experience plus 1 to 3 years related work experience. The incumbent will possess a basic aptitude in information security concepts, information security policies and system architecture concepts and have experience in process definition, workflow design, and process mapping. A basic understanding in multiple areas of Information Security such as networking (TCP/IP, OSI model, network protocols), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, switches, routers, IPSEC, IDS/IPS, etc.), voice technologies (session border controllers, MPLS, VOIP, etc.), authentication technologies, (TACACS, RADIUS, etc.), wireless architectures, encryption key management, and mobile device technologies. The incumbent must also have an ability to quickly and effectively learn Information Security tools in a large, complex multi-platform environment.

For this position, I plan on continuing my education until I graduate to obtain the required degree. To get the certs and experience required, I think it would be best to work on those during the summer months. To this end, I will take online certification courses/tests while also applying for internships local to me that will build my experience in the field. For the things that require basic understanding, I will study those in my free time as I pursue my degree.

2.) Cyber Security SOC and Independent Response Manager at Microsoft

5+ years of experience in either forensics for multiple platforms, security incident response, or investigating and recovering from compromise.

Ability to work effectively in ambiguous situations and respond favorably to change.

Demonstrated sound judgement and follow-through in complex situations.

Excellent interpersonal skills, and effective written and verbal communication skills.

Applicants must have the ability to meet Microsoft, customer, and/or government security screening requirements including:

Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Citizenship Verification: This position requires verification of US Citizenship to meet federal government security requirements

This role will require candidates to maintain the TS/SCI (with full scope polygraph) clearance.

Candidates must have an active TS or TS/SCI and be willing to upgrade to TS/SCI (with full scope polygraph).

For this position, I will bounce off of the previous position discussed. After having been in that position for a number of years and getting the required experience in digital forensics, security incident response, and investigating and recovering from compromise, I will take that experience to this job. To pass background checks I will continue to be an upstanding citizen and avoid committing crimes no matter how big or small so that I maintain my status as a law-abiding citizen.

3. ) Cyber Security Senior Incident Responder

Subject matter expertise in security event identification, known threat validation and analysis, and network vulnerability analysis and reporting.

Demonstrated analytic ability to discover unknown, suspicious or exploitation activity and analyze exploitation opportunities.

Proven ability to evaluate and recommend information security enhancements, product upgrades, and tools to ensure minimal exposures to security incidents while considering business drivers and efficacy.

Experience in malware analysis, penetration testing, red team/blue team exercises and forensics.

Malware analysis/reverse engineering skills.

Exploit research and development skills.

Familiarity with PowerShell, Python and other scripting.

Familiarity with Indicators Of Compromise (IOC).

Familiarity with Threat Actor Tools, Techniques, and Procedures (TTPs).

Familiarity with Restful APIs.

Ability to work independently and as part of a larger group comprised of different technical and business areas.

Proficiency with Windows and Linux operating systems,

Strong understanding of Windows artifact analysis.

Strong analysis and troubleshooting skills.

Understanding of malware and different techniques used for detection and prevention.

Possess strong organizational and project management experience.

Experience with managing projects from design through implementation.

Able to draft, interpret and communicate policies, procedures and technical requirements.

Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively.

Must be extremely flexible and able to manage multiple concurrent tasks and priorities.

Experience and knowledge with Security Information and Event Management (SIEM) system and able to perform log analysis, anomaly detections, use case content creation, alert development.

Experience and knowledge with Zero Day Malware Detection Technologies.

Experience and knowledge with Digital Forensic and Incident Response tools.

Experience and knowledge with web content filtering, vulnerability scanning, and endpoint protection tools (antivirus, disk encryption, host intrusion prevention etc.).

Experience and knowledge with scripting or automation tools.

Understanding of Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Proxies (Web and Email), Data Loss Prevention tools.

Understanding of network analysis tools such as protocol analyzers, LAN/WAN sniffers, packet capture analysis tools.

BS/MS Computer Science or relevant discipline desired.

Comptia Security+ (Sec+) must be obtained within 6 months if not possessed

GIAC Certified Incident Handler (GCIH),

GIAC Certified Forensic Analyst (GCFA),

GIAC Reverse Engineering Malware (GREM),

GIAC Cyber Threat Intelligence (GCTI),

Comptia Cybersecurity Analyst (CySA+) must be obtained within 6 months if not possessed,Certified Information Systems Security Professional (CISSP)

To deal with this position’s massive list of requirements, I will have to adapt my timeline to not only include not only all of the aforementioned things, but I also have to work on learning various coding languages, applications, and protocols in the meantime. With my internships and prior work experience, I would hope that I would get the experience required with the software/hardware being used by the company.

Timeline

Present – Graduation

  • Complete bachelor’s degree in Cyber Security and pursue a master’s if possible.
  • Work on getting certifications and accruing experience through interning over the summer.

First 5 years after Graduation

  • Continue pursuing certifications
  • Get a job in the field that will provide ample experience with various technologies used in Cyber Security
  • Learn various programming languages and applications used in the field
  • Study industry protocols and standards

5 years + after Graduation

  • Pursue a higher up position like the final one listed
  • Finish any required certifications and education
  • Maintain my status as a law-abiding citizen for security clearance
  • Profit

Leave a Reply

Your email address will not be published. Required fields are marked *