right now I’m a sysadmin for a manufacturing company, I also run the security program here. Worked with a 3rd party to set up event log/network monitoring. Create Security polices. Implemented new client AV. Audit active directory/security groups. I have also given presentations about supply chain cyber security, CMMC, and tried to explain how to get there. Right now we’re a small team an I basically do it all, implementing new controls, responding to alerted traffic/logs etc.. by investigating, updating firewall rules, investigating possible incidents. I did talk my company into signing an IR retainer as I explained i am not an IR guy.

First off how does my experience sound?

Second I know most people find compliance boring and paperwork boring but I find it cool and think auditing/compliance would be a good route for me, any advice how to get there?

​

also studying for CISSP.

Share This Discussion

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.