So I’m taking a new role as a Security Engineer but it is more focused to insider threat detection and mitigation (knucklehead & intentional).
My previous experience has been more of a generalist, whereas I do alot of things a little bit at a time. I have performed phishing campaigns, participated in end-user cyber security awareness training and compliance.
I want to start my first day (post onboarding) in the drivers seat, ready to go. With a good tool kit, templates, playbooks etc. Can anyone recommend a course/top to brush up on? A good resource for campaigns?
Here are the responsibilities from the job descrip:
• Create and manage ongoing security and privacy training and awareness exercises
• Ensure necessary training is completed by all staff to ensure compliance with internal policies and regulatory requirements.
• Measure effectiveness of awareness tools such as the phishing campaigns
• Conduct custom social engineering exercises
• Monitor social networks and the Internet for indicators of compromise and risky information disclosures
• Work with multiple business units to ensure security policies and procedures are being adhered to