I recently spoke to the CISO of my company and even though I don’t have the job experience required (only the cybersecurity degree) recommended that I should apply for this job as a cybersecurity analyst. Im well aware that im in over my head but I figured at worst it wouldn’t hurt to get them familiar with my face and at best land me my dream job.
The position has preference for experience in: cybersecurity detection, identification, and prevention techniques. Metrics for measurement of success and failure of IT prevention and detection software, & published security frameworks.
The position focuses on risk assessment & intrusion detection activities, implementing policies, practices, procedures and various technologies. It also partakes in cyber response activities including forensic lab procedures and root cause analysis.
I’m reading up on NIST documents such as the RMF & SP 800-37 R.2. Ive also made notes about several PKI for metrics for success and failure such as: “How many devices on the network have been fully patched and up to date?”. I have also listed identification, detection, prevention techniques such as firewalls, anti-malware software, etc. I have also been studying for the SEC+, creating a virtual homelab, and keeping up with news via cyber podcasts and websites.
Is there anything else I should focus on?