Here is Cyber Careers Number 14 as we continue our series exploring a variety of Cyber positions. Today we are back in the United States, in my own state of North Carolina. Today’s participant is also an ISSA member. The idea with this project is to give you a broad sampling of cybersecurity options. If you’re new to the cyber community it might help you decide which direction you’d like to go in your career. If you’re already working in security you might want to compare your path to another’s, or decide you want to move towards a different path. The whole point of this project is to provide information for you to use the way it works best for you.

Name? Mark Nakamura

Where are you located? Fayetteville, NC

No alt text provided for this image

JOB

Who do you work for? a DoD contracting company

Your job title? Senior Information Assurance Analyst

How many years have you worked in cybersecurity? 2 years

What do you do in your job?

  • Incident response/management – use various security products to receive alerts when things happen, need to know who to contact and what actions need to happen in order to respond appropriately incident. For example, the port on a network switch might need to be disabled and the system disconnected from the network. Make sure to track the incident’s progress from identification all the way to closure.
  • Vulnerability scanning – scan the devices on the network to determine what kind of attack surface is being presented. There are many types of vulnerability scanners, such as Qualys and Nessus.
  • Host-based system security – monitor endpoints like laptops to ensure they are operating in a secure manner.
  • Accreditation & Authorization – understand the change process and how to assist customers in either bringing in new software/hardware or upgrading existing software/hardware to meet their business requirements.
  • Systems administration – as a cyber security professional, I use many different types of systems. Knowing how to administer servers such as Windows or Linux is a critical skill set – especially if I can automate things!
No alt text provided for this image

What do you like most about your job? I am enabled to be able to learn and use more tools to do my work more efficiently, such as Powershell and BASH. I also have a lot of schedule and time flexibility, which is very important to me.

Least? Accreditation & Authorization – paperwork. So much paperwork.

What work did you do prior to this position? Risk assessments and compliance

What do you see as your next step? Continuing to learn new skills and tools, pursuing education goals, and begin venturing into the world of digital forensics. Not necessarily in that order 🙂

Salary range for your position? $75,000 – $85,000-ish

EDUCATION & GROWTH

Degree? Bachelor’s Degree, IT Security: Information Security

Certifications held? A+, Net+, Sec+ 401, Sec+ 501, ITILv3 Foundations, Windows 7 680, Windows 7 685, SSCP, CISSP, CEH, GCIH

What do you do to stay up-to-date or grow in cyber? Read news and how-tos on social media like Facebook and LinkedIn; continue to develop basic skills like systems and network administration to better perform cyber security tasks (Linux, Cisco, Windows Server, automation, command line kung-fu, etc.); Null-Bytes (https://null-byte.wonderhowto.com/) has tons of awesome tutorials!

Favorite cyber news source and/or podcast? LinkedIn, as it shows me news from a lot of different sources; from those sources, I am really enjoying Infosec Institute and The Cyber Security Hub.

View the original post here: https://www.linkedin.com/pulse/cyber-careers-14-senior-information-assurance-karen/

If you are interested in contributing to this project you can contact Karen on LinkedIn or send an email to KarenTCyber@gmail.com.