SKILLS

Posted by on Apr 11, 2025 in | Comments Off on SKILLS

Here are three essential cybersecurity skills, along with three artifacts associated with each skill that I am interested in acquiring:

1. Threat Hunting

Threat hunting involves proactively searching for indicators of compromise (IOCs) and malicious activities within an organization’s systems. Since my background is in Research I would be interested in developing this skill as it pertains to Cybersecurity.

Artifacts:

  • Network-based Artifacts: Logs of TCP/UDP port activity, such as SMTP or HTTP traffic, which can reveal unauthorized connections.
  • Host-based Artifacts: Registry keys and file system changes that indicate malware presence or configuration tampering.
  • Memory Dumps: Captured snapshots of system memory used to analyze active processes and identify malicious code.

2. Programming

Programming is critical for developing secure systems, automating tasks, and analyzing vulnerabilities. I have some experience in SAS and Epi-Info so I would be honing my skills as it pertains to Cybersecurity programming.

Artifacts:

  • Python Scripts: Used for tasks like log analysis, security audits, and automating incident response.
  • C/C++ Code: Exploit development and system-level programming for securing operating systems and applications.
  • Bash Scripts: Automates routine security checks, such as scanning networks for intrusion attempts or monitoring system health.

3. Incident Response

Incident response focuses on detecting, analyzing, and mitigating cyber threats to minimize damage. This skill set is extremely important in Cybersecurity for financial institutions and health systems.

Artifacts:

  • Forensic Reports: Documentation of digital evidence collected during breach investigations.
  • System Logs: Records of system activity that help trace the origin and scope of an attack.
  • Incident Playbooks: Predefined procedures for responding to specific types of cyber incidents.

These skills and their associated artifacts are vital for maintaining robust cybersecurity defenses and responding swiftly and effectively to evolving threats.