How to Survive Your First Week as a Cybersecurity Analyst

How to Survive Your First Week as a Cybersecurity Analyst was originally published on Springboard.

As a newly hired cybersecurity analyst or engineer, it’s important to make sure you’re fully prepped to tackle your first real week on the job. Follow the tips in our guide to your first week to gracefully maneuver your new position with confidence.

Study the stats to help keep your cool

Taking on the responsibility for the security of a company’s new application—or maybe even an entire network—can be stressful. It might feel overwhelming, but it helps to remember you were hired for a reason. The number of significant attempted data breaches increases annually and so does the demand for skilled and dedicated cybersecurity engineers.

Whether you are working alongside the IT risk analysis teams of a larger company, or directly underneath the CISO of a more modestly sized business, you can expect to handle a diverse list of data protection needs. A quick hitlist of what you’ll be doing: 

• Risk assessment
• Remediation plan implementation 
• Security system development, management, and monitoring 
• Protecting the organization’s data, systems, and networks

Sounds like a lot right?

It is important to keep in mind just how vital a part you play in keeping every bit of hardware, software, and data safe from potential threats. That’s why the unemployment rate for cybersecurity technicians reliably hovers around zero percent—and you’re just the keen-eyed type that is needed. According to data reported by The New York Times, there will be almost 3.5 million available unfilled cybersecurity positions by 2021.

Cybersecurity engineering and procedures related to data security are rapidly evolving every day. When we asked Dustin Loeffler, J.D., a cybersecurity expert and a Springboard mentor, about the trends in cybersecurity for the next year, he mentioned that “as a result of Covid-19, companies have been challenged to create what would typically take 10 years of innovation in just one year.”

Get connected, and get comfortable

Before any genuine security analysis can take place, take the time to make yourself at home with the operating systems and apps used by your new team. 

The way in which teams are staying in touch has changed a lot recently, but even when your morning commute wasn’t a stroll past the coffee maker on your way to the kitchen table, you likely had some experience with one of the many cross-office communication platforms such as Google Hangouts or Slack, which Loeffler echoed to be a definite must-have for the cybersecurity industry.

Many large companies prefer the similar functionality offered by closed paid services like Microsoft Teams. 

Regardless of what co-op tools your team prefers you’ll want to become comfortable with using their tool of choice and staying on top of any emails, messages, or updates that may have come through from your team members, your CTO or CSO, each morning. You can further set yourself up for success by preemptively organizing your computer, operating system, and home office setup according to your new company’s SOPs so that the nitty-gritty does not distract you from the bigger picture of the task at hand.

Preparation pays off

When you join a new team, you should expect to adjust to a new set of OS and security appliances. Here are a few ways to do so:

• Be prepared. Brush up on the latest in SIEM (security information and event compliance) systems to prepare to hit the ground running from day one.
• Don’t hesitate to do your homework. There is no substitute for preparation. Familiarize yourself with the systems that you are taking responsibility for, and what type of daily administrative tasks you are likely to face in your first month.
• Know your tools. What Firewall kits has the team been using? How is their IDS/IPS protection? As the black hat threats to data information systems become more complex, the tools being constructed to defend against them grow more diverse. Specifically, Loeffler recommends getting comfortable with using Splunk, ServiceNow, and Phantom.
• Stay up to date. In 2018 there were an average of 80,000 cybersecurity attacks every day, and those numbers are only growing. Present the most value that you can by having your finger on the pulse of the field.

Manage your meetings

At the start of the week, you can expect a full team planning meeting or a series of smaller team briefs where you will be introduced to the current risk analysis team and get a background of the breach threats and system changes from the past quarter.

“Always make sure to talk to the relevant stakeholders who were on the project before you,” Loeffler suggests. Familiarizing yourself with past ways your team has found success will save you time and potentially introduce methods you didn’t know about previously. There will be direct discussions, either with your firm’s client or with your company’s head Security Officer regarding goals and strategies moving forward. 

• Make a good impression. These first few planning meetings are a great opportunity to make a good first impression on your team, listen to how your company’s culture approaches web-based security, gain some insight into existing infrastructure, and begin the important process of building relationships.
• Collaborate closely. Collaboration between cybersecurity analysts and engineers is another key part of the industry. “Oftentimes, you’ll find yourself as the security engineer who will be working with a customer who is a cybersecurity analyst,” Loeffler says. “It will be vital for you in your role as an engineer to understand the ways you can make their lives easier in their analysts’ function because they’re often burdened. They’ve got all these events being thrown at them on a day in and day out basis.”
• There’s no such thing as a “safe system”—only safer systems. Cybersecurity data breaches are inevitable in this day and age. Your team members should discuss with you any major security setbacks they have managed in the past quarter, and there will be retrospective meetings to discuss these challenges. Always be professionally curious, forthright, and inquisitive.

Ask questions

When you approach these preliminary meetings with your teammates, come prepared with specific questions about their previous operations, defenses, and threats. Here are a few examples:

1. What programming languages and frameworks are being used by the current IT Risks team? Ruby? Python? Java? What anti-malware, spyware, counter-threat programming should I be familiar with? Cisco VPN, Palo Alto VPN, Cisco ACS, Cisco ISE, NGFW, Solarwinds, IP Management tools, WireShark,…etc.?
2. What category of security threat has posed the most consistent threat to the security of the company’s network- and what has been done to mitigate it?
3. When was the most recently conducted Security Audit on the company’s networks? Did it reveal any particular weak spots in the team’s strategy?
4. What are the current team’s routing protocols? Is the CISO open to suggestions about future changes to the prevention systems?

Curiosity is the greatest form of flattery. Don’t be afraid to ask questions. Use your fresh viewpoint to your advantage to improve latent weak spots in your employer’s security. You may feel uncomfortable with posing too many questions, but it is crucial that you have an understanding of your team’s prior security history so that you can help improve it in the future.

3 tips to ace your first week

If you are working for a small startup, you may be solely responsible for the entirety of your employer’s AppSec, IT infrastructure, troubleshooting security, and network problems, responding to all system and/or network security breaches on an individual basis.

You may be a security analyst for a large private data security firm, or work within an in-house department at a private big tech company, focusing on specific ongoing infrastructure development or application R&D.

Regardless of your position, follow these tips to optimize your first days on the job:

• Be social. The cybersecurity community is rapidly growing. Loeffler recommends to “start building those meaningful conversations and that’ll help kind of build your roadmap on what you’re going to do over the next 30, 60, 90 days.” Attend meetups, conferences, and take invitations. Join Reddit. The tech industry is one big club, and beyond talking shop, the landscape is ripe for professional/personal development.
• Find a mentor. We stand on the shoulders of giants. Finding an experienced senior member of your team to give you guidance on how to approach your responsibilities is a great way to get advice and build rapport. You may know a lot, but you don’t know everything. Gaining the perspective of a security engineer who has been around longer than you can be invaluable. Springboard’s new Cyber Security Career Track will match you with a personal mentor, who will guide you through the curriculum as well as offer expert tips and advice on the industry.
• Think like a bad guy. As a cybersecurity engineer, you are personally responsible for stopping ransomware, data breaches, and overall weaknesses to network threats. Many experienced security analysts say that it is important to “think like a bad guy” when you are approaching how to improve a closed security system. 

Your first week is going to be a storm of onboarding events, network overview, corporate company literature, and sit-downs with any relevant coordinators in your department to get you up to speed on the current security measures being taken.

By the end of the week, you’ll be exhausted, but it won’t be anything you can’t handle. There will be an overflow of information, and the whirlwind of change that comes with taking on a new position. It is important not to stress. Ask questions as they arise and do not wait to ask for help. Manage your self-expectations and focus on placing the foundations of good working relationships to foster a healthy transition to a new community. 

And, most importantly, be humble. “Be comfortable with the idea that you might not know everything,” Loeffler says.“You may know the technology—but you won’t always know how the technology is implemented within the organization.”

Cybersecurity is often a high-pressure and challenging environment. It is important to know your limits and try to improve on them gradually. Mistakes will happen. If you learn from them you can avoid them in the future.

Is cybersecurity the right career for you?

According to Cybersecurity Ventures, the cybersecurity industry is expected to have 3.5 million high-paying, unfilled jobs this year. With Springboard’s comprehensive Cyber Security Career Track, you’ll work 1:1 with an industry-mentor to learn key aspects of information technology, security software, security auditing, and finding and fixing malicious code. Learning units include subject-expert approved resources, application-based mini-projects, hands-on labs, and career-search related coursework.

The course will culminate in a multi-part capstone project that you can highlight on your resume for prospective employers or use to demonstrate your technical knowledge in your job interview. The learning materials will also help prepare you to pass the globally-recognized CompTIA Security+  certification so you stand out when applying for cybersecurity roles.

Learn more about Springboard’s Cyber Security Career Track here.

The post How to Survive Your First Week as a Cybersecurity Analyst appeared first on Springboard Blog.