For this assignment, I was tasked to visit this website to determine certain areas that I
would want to focus my career on. I have found which areas would appeal most to me and which would appeal the least.
Of the areas listed, the ones I would want to focus my career on are “Operate and Maintain”, “Protect and Defend” and “Securely Provision”. Each of these skills are essential in the cyber security world and represent what I would like to focus on most. In the operate and maintain domain, many foundational services are involved, such as network administration. Security starts with information technology, and I believe almost every decision can be made with security in mind. Building a network mindful of security risks and vulnerabilities are a great benefit to an organization, and a wonderful aspect to focus on. It is important to have a secure foundation, which I hope to learn more about by working in information technology throughout university.
The “Operate and Maintain” area appeals to me because it is very foundational. As of September 2023, I currently work at a foundational level job, Desktop Support. Through this, many foundational services are provided including hardware troubleshooting, network troubleshooting, and systems analysis. Maintaining security starts from the very foundation of hardware, even down to the cabling. I enjoy learning and working with the roots of cyber security. The “Protect and Defend” area comprises of several different defensive roles, including “Incident Response”, and “Vulnerability Management”. I enjoy this area as it utilizes quick responses, assessments, maintenance and analysis of many essential parts of security. From practicing incident response exercises, creating disaster recovery plans, to monitoring and managing vulnerabilities, this is a wonderful area to focus on. In “Securely Provision”, several positions such as Risk Management, System Architecture and Systems Development appeal to me. These positions utilize development, assessment, and evaluation to complete their tasks. It is very exciting to determine all of the contributing factors that go into maintaining good risk management, and how several daily decisions tie into this concept. Systems development and architecture are very interesting as well. Not only do they focus on security, but they also focus on the systems development life cycle. Technology is constantly evolving; these positions keep up with that fact by ensuring their security systems are at the forefront phases of their life cycle.
The area that appeared the least to me would be “Collect and Operate”. This section appeals to me the least because it involves lots of data analysis and collection. The information collected is vital to almost every other position, as they provide a collection of information that can be used to mitigate threat actors. Feedback, network and wireless collection, and system operations can all help determine if a threat is in place. In my opinion, every skillset listed in the framework is vital and worth developing. Each skillset can somehow intertwine with the other, as it seems that just about every job in the field of cyber security utilizes a portion of each skillset. I enjoyed reading over the various tasks each specialty area has, as well as how my current position ties into this spectrum. Thank you!