Policy Making 

When creating a policy, there are different elements that are required to make sure that everything is running smoothly and is protected. To do that we have to make sure the policy sectors are updated and implemented. Those sectors include company policy, awareness of risk, training criteria, education, and technology.

In each sector, employees are obligated to follow all of the policies and stay aware of any updates. Company policy is enforced to make sure that all employees are on the same page and complying with all of the security requirements so that there are no surprise breaches and/or attacks. People are more likely to cause security breaches more than machines. With that in mind, the policy would implement banning all internet and social media usage so that we aren’t vulnerable to any outside threats.

Staying aware of any risk in the company is important so that we can always stay ahead of the problem and it keeps people safe. Monitoring social engineering is a way to stay ahead of that. We review whether employees are demonstrating weak spots when it comes to offering up confidential information. That comes in handy when dealing with dangerous threats that potentially lead to important information being leaked.

In order to make sure there are no breaches/attacks, we have to make sure that all employees are getting the proper training and education. That includes the veterans as well. Refresher courses will be scheduled for employees to stay ahead of any policy changes/updates. Implementing top-to-bottom security audits will help make sure that employees are still confident about security practices and policies.

Along with training, we have to make sure that all systems and software are updated as well. If an employee is not compliant with any of these policies the consequences range from fines to termination, depending on the situation. Any vulnerable spot that we have in the company is a risk that we have to take into consideration when moving forward. 

Job Seeking 

Any job in the Cybersecurity field comes with years of experience in certain education and if need be many certifications. The skillset needed to obtain these jobs are also important because employers want to know if they can trust that you can complete the work and if you have the knowledge to do so. 

The first job I selected is a Security Specialist. To be even considered for the job I would need to have a 4-year college degree in criminal justice or a related field (Cybersecurity included) or a minimum of 5-year experience in Corporate Security or law enforcement. My timeline for this job from the present to the near future would be to complete my degree in Cybersecurity and possibly minor in Criminal Justice. Throughout that time I would have completed internships related to anything in the criminal justice/cybersecurity field to build my knowledge in the field and also relationships. After I graduate I would then strive for a job in law enforcement starting as low as an assistant or intern then build my way up. 

The second job I selected is an Open Source Intelligence Analyst. To be applicable for this job I would need an active TS/SCI Security Clearance and either a Bachelor’s Degree or 7+ years experience in the Cyber field. My plan for this timeline is similar to first, build up knowledge and relationships so that when I am ready to apply for this one my background for the job is more than qualified, and employers will take into consideration an applicant with the training and knowledge. 

The final job I selected is a Senior Information Technology Security Analyst. For this position, I would need a Bachelor’s degree in a Cyber related field, and 5 years of experience in the design, implementation, and support of enterprise-wide IT security programs. Also required are at least 1 year of supervisory experience and the completion of coursework at an accredited college. My timeline is also similar to the first two job selections but this particular selection will take more time because of the number of certifications and background information needed for the position.  Some preferences that the employers are looking for include the Global Information Assurance Certification (GIAC), Certified Ethical Hacker (CEH), and other security certifications. Along with the certifications, I would then need to make sure I have experience with many different software and practices. Those include Palo Alto, data protection, disaster recovery plan (DRP), email security, intrusion detection system (IDS), payment card industry (PCI) compliance, etc. If I wanted to work with the Police System then I would also have to get my CJIS Certification.

All three of these positions need years of knowledge and certifications to be able to even be applicable. A majority of these positions also require background checks and a high amount of security clearance. I hope in the near future, I will have all of the needed requirements and skills to be able to apply to these positions and more. 

Introduction

My name is Michaela Lee, but I prefer to be called Kai. I was born in Washington D.C. and raised in Alexandria, VA. I am a sophomore at ODU and I am studying to receive my Bachelor of Science in Cybersecurity. I have not yet decided what I want to put my concentration in but I am leaning towards Cybercrime or Cyberoperations. In my free time, I enjoy listening to music and playing basketball at the rec. I also have an interest in hair and fashion and I would love to start my own boutique in the future.