April 30, 2021

If I work in cybersec, what should I expect?

Hello, I want to get an education in cybersecurity. I know there are a lot of different jobs in that category, but what I mostly want to do I think is blue teaming and protecting whatever companies servers from vulnerabilities. My question is, how do these jobs work? What should I expect? Is there a routine? Im sorry, but this isn’t like becoming firefighter or teacher where you know what that jobs does and Im just really curious and also a bit anxious if I should really choose it as my profession.

Comments

westleyb

Best blue team experience probably comes from a SOC. Find one around you ask if you can intern for a bit. Get to know the people and ask them these questions. This gets you answers, experience, and connections moving forward.

Second best is a security analyst. Same scenario. If an internship isn’t available one either, ask about shadowing for a day or two.

Now my opinion on blue teaming, really depends on where you work. But you have to attempt to block every attack (an attacker needs only one point if entry), get baselines, monitor, check triggers, resolve findings to true positive or false positive, remediate true positives, threathunt, update systems, ask admins about unusualness, it’s a very broad field. If you have any specifics, PM me. I just typed this all out on my phone, so I apologize for any misspellings/grammatical errors.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.