Category: What Can I Do

What can I do highlights transferable skills that people have that can be used in Information Security

Posted on

Red or Blue… or Maybe Purple

While security conferences typically host capture the flag competitions where you are tasks with completing a set of tasks in order to find hidden treasures or flags within their systems, traditional businesses model their security with colored teams where each team is responsible for a certain aspect of the organization’s security. Blue Teams for example are white hat defenders; they are the people who work for the company and is responsible for defending the organization’s assets. While Intrusion Detection systems are typically responsible for identifying attacks on an organization’s assets, it is the Blue team that takes actionable steps to mitigate the attack and prevent further damage. To help ensure that the Blue team stays ready, many companies also employ the services of a Red Team. Red teams are independent groups that determine the effectiveness of an organization’s security by assuming the role of the attacker. They use the same tools and techniques as hackers and are considered ethical hackers. With the organization’s permission, Red teams spend several weeks to months performing security testing with specific objectives and reporting on any issues or findings with the Blue team. Red teams are often mistaken for Penetration testers whose job it is to provide a security assessment of an organizations network and report on flaws or vulnerabilities. Penetration testers, red teams, and blue teams all are trained like adversarial attackers but are provided permission and do so within the scope of their duties.

Posted on

What Can I Do? Information Systems Security Manager

Information Systems Security Manager

Entry Level Education – Bachelor’s degree

2019 Median Pay – $ 146,360 per year($70.37/hr)

Job outlook – 10%

What they do: They are responsible for the cybersecurity of a program, organization, system, or enclave. They are responsible for the planning, coordination and the direction of computer related activities in an organization.

Where do they fall in the NIST[2] – Information Systems Security Managers work in the Cybersecurity Management specialty area.

Where do I start: Information Security Managers typically have advanced level certifications such as the CISSP, PMP, or GIAC. Because they are managing organizations they typically have 5 or more years of experience.

[1] https://www.bls.gov/ooh/management/computer-and-information-systems-managers.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Posted on

What Can I Do? Trainers and Educators

Cyber Instructor or Trainer

Entry Level Education – Bachelor’s degree

2019 Median Pay – $61,210 ($29.43/hr)

Job outlook – 9%

What they do: Trainers lead training activities and design and develop training or education of personnel within the cyber domain.

Where do they fall in the NIST[2] – Trainers fall under the Training, Education and Awareness (TEA) Specialty area and they can have jobs such as Cyber Instructor, or Cyber Instructional Curriculum Developers.

Where do I start: Learn something new and teach someone. In addition to a bachelor’s degree, training specialists need work experience in teaching, tutoring, or educating others.

[1] https://www.bls.gov/ooh/business-and-financial/training-and-development-specialists.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Posted on

What Can I Do? Network and Computer Systems Admin

Network and computer systems administrators are responsible for the day-to-day operation of computer networks.

Entry Level Education – Bachelor’s degree

2019 Median Pay – $83,510 ($40.15/hour)

Job outlook – 4%

What they do: Network and computer systems administrators are responsible for the day-to-day operation of computer networks. Network and computer systems administrators work with the physical computer networks of a variety of organizations and therefore are employed in many industries[1].

Where do I start:

Certifications: Network+, CCNA

Where do they fall in the NIST[2] – Network systems administration fall under the Network Services Specialty area. They most closely align to the Network Operations Specialist in the NICE Framework.

[1] https://www.bls.gov/ooh/computer-and-information-technology/network-and-computer-systems-administrators.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Posted on

What Can I Do? Web Developers

Web developers design, create and maintain websites [1].

Entry Level Education – Associate’s degree

2019 Median Pay – $73,760 ($35.46/hr)

Job outlook 8%

What they do: Web developers design, create and maintain websites. They can work in design, publishing, management consulting or advertising to name a few.  

Where do I start: Learn HTTP, Javascript and CSS.

Where do they fall in the NIST[2] – T0195 Provide a managed flow of relevant information (via web-based portals) , T0380 Plan instructional strategies such as web-based courses T0601 Collaborate with other team members to develop a diverse program of information materials (e.g web pages) are all tasks identified in the NICE Framework. These skills can be used by Cyber Instructional Curriculum Developers

[1] https://www.bls.gov/ooh/computer-and-information-technology/web-developers.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Posted on

What Can I Do? Software Developers

Software developers create the applications or systems that run on a computer or another device. [2].

Entry Level Education – Bachelor’s degree

2019 Median Pay – $107,510 ($51.69/hour)

Job outlook 22%

What they do: Software developers create applications using programming languages to solve complex problems.  They work in computer design and services and create programs that fix problems or that can be used to fix problems.

Where do I start: Programming languages such as Java, C++, Python, Cobol, C#, and Go

Where do they fall in the NIST[2] –Software Developers fall under the Software Development Specialty Area.

[1] https://www.bls.gov/ooh/computer-and-information-technology/software-developers.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Posted on

What Can I Do? Information Security Analysts

Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. [2].

Entry Level Education – Bachelor’s degree

2019 Median Pay – $99,730 ($47.95/hour)

Job outlook 31%

What they do: Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems.

Where do I start: Security+ shows foundational security knowledge

Certifications: CEH, Certified Information Security Manager, Security+, Certified Information Systems Security Professional (CISSP)

Where do they fall in the NIST[2] –Information System Analysts can fall in the Systems Development and Systems Analysis Specialty Areas

[1] https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Posted on

World Domination Plan – CEH

Today’s world domination plan topic is Ethical Hacking. I’ve been fake studying for this forever. (maybe your judgement will lead to motivation, bring it on). Out of all the things Cyber I learn about, I’m most interested in Ethical Hacking so I spend a lot of time on EH related things. I’ve got a lot of resources (and enthusiasm) on this topic so here goes.

  • Matt Walker’s All In One CEH Exam Guide
  • Pentester Labs
  • Udemy CEH Exam Questions
  • Udemy Penetration Testing
  • Udemy (Linux and Windows Privilege Escalation)
  • Udemy Advanced White Hat Hacking
  • ITPro.tv CEH
  • tryhackme
  • hackthebox

Posted on

What Can I Do? Computer Programmer

Computer programmers write and test code that allows computer applications and software programs to function properly.[1]

Entry Level Education – Bachelor’s degree

2019 Median Pay – $86,550 ($41.61/hour)

Job outlook – 9%

What they do: Computer programmers or Software Developers write and test code that allows computer applications and software programs to function properly.[1] Computer programmers also create apps and help to create and maintain systems.

Where do I start: Learn a program

Certifications: There are several developer related certifications but the best way to show your work is a portfolio such as a GitHub page or other collection of your work

Microsoft Technology Associate Developer

Microsoft Certified Solutions Developer

Scrum Alliance Certified Scrum Developer

Where do they fall in the NIST[2] – Software Developers fall under the Software Development Specialty Area

[1] https://www.bls.gov/ooh/computer-and-information-technology/computer-programmers.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Posted on

What Can I Do? Database Administration

Database administrators (DBAs) use specialized software to store and organize data.[1] They develop and administer databases and or data management systems [2].

Entry Level Education – Bachelor’s degree

2019 Median Pay – $93,750 ($45.07/hour)

Job outlook  10%

What they do: Database administrators (DBAs) use specialized software to store and organize data.[1] Data can be stored in a local network or in the cloud but regardless of where the data is stored it needs to be secured.

Where do I start: Learn about a database

Certifications:

IBM Certified Database Administrator – DB2

Microsoft SQL Server database certifications

Oracle Certified Professional, MySQL Database Administrator

Oracle Database 12c Administrator

Where do they fall in the NIST[2] – DBAs fall under the Operate and Maintain and Data Administration specialty areas.

[1] https://www.bls.gov/ooh/computer-and-information-technology/database-administrators.htm

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

Proudly powered by WordPress