loading...
Cover image for What Exactly Do CyberSecurity Professionals Do πŸ€”?

What Exactly Do CyberSecurity Professionals Do πŸ€”?

kgosi_tshepo profile image Kgosi Tshepo ・1 min read

We've heard about them but we know little of what they do.They are often assumed to be the James Bond' of the internet, fighting the bad guys.

James Bond

In this blog post we'll go through some of the different roles typical to a cybersecurity organisation.

  • Chief Information Security Officer(CISO) : A CISO is the head of Information Security Division and they drive the security strategy of the organisation.
  • Information Security Architect : They have a deeper understanding of different layers of the system, security policies to put in place.Their role is very crucial during the early stages of security life cycle.
  • Information Security Analyst : Performs information security assessments, analyses events, alerts and any information that could be useful to identify threats.At the end of the assessment a threat mitigation documentation is created.
  • Information Security Auditor : Their role is to enforce security compliance, reduce risk, and manage potential security threats.
  • Security Software Engineer : They create security software applications and they have extensive knowledge of programming languages and computer networks.
  • Penetration Tester/Ethical Hacker : They simulate cyber attacks on already established security systems and identify vulnerabilities before hackers can exploit them.

We'll leave it at that for now 😊!!

Posted on May 15 by:

kgosi_tshepo profile

Kgosi Tshepo

@kgosi_tshepo

Software Engineer & Cyber Security Analyst. One level-up a digital nomad β›ΊοΈπŸ”­

Discussion

markdown guide
 

We scare boards to maintain our budget secure the, uh, cyber!

And in my case use implicit pessimism in our metaphors, like "blast radius."

Now that I think of it, a surprising number of the questions I use to start security modeling conversations begin with stuff like, "Great! Now, assuming this part gets hacked..."

On a less cheeky note, you might expand on the "appropriate security mechanisms" with how they relate to "security policies."

 

Thanks,I just realised that now --should be security policies.