{"id":53362,"date":"2024-09-04T11:32:23","date_gmt":"2024-09-04T09:32:23","guid":{"rendered":"https:\/\/www.secuinfra.com\/news\/my-tasks-as-a-cyber-defense-analyst-and-consultant\/"},"modified":"2024-09-23T14:03:23","modified_gmt":"2024-09-23T12:03:23","slug":"my-tasks-as-a-cyber-defense-analyst-and-consultant","status":"publish","type":"post","link":"https:\/\/testing.secuinfra.com\/en\/techtalk\/my-tasks-as-a-cyber-defense-analyst-and-consultant\/","title":{"rendered":"My tasks as a Cyber Defense Analyst and Consultant"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_83 counter-flat ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">[inhalt_uebersetzt]<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/my-tasks-as-a-cyber-defense-analyst-and-consultant\/#What_does_a_cyber_defense_analyst_actually_do\" >What does a cyber defense analyst actually do?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/my-tasks-as-a-cyber-defense-analyst-and-consultant\/#Which_customers_do_you_have_and_why_do_they_need_you\" >Which customers do you have and why do they need you?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/my-tasks-as-a-cyber-defense-analyst-and-consultant\/#What_does_a_typical_working_day_look_like_for_you\" >What does a typical working day look like for you?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/my-tasks-as-a-cyber-defense-analyst-and-consultant\/#How_do_you_become_a_Cyber_Defense_Analyst\" >How do you become a Cyber Defense Analyst?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/my-tasks-as-a-cyber-defense-analyst-and-consultant\/#What_would_you_recommend_to_potential_junior_employees_who_are_interested_in_the_topic_of_cyber_security\" >What would you recommend to potential junior employees who are interested in the topic of cyber security?<\/a><\/li><\/ul><\/nav><\/div>\n\n<p class=\"wp-block-paragraph\">A cyber defense analyst plays a crucial role in the field of <strong>cyber security<\/strong>.\nThey help organizations protect their digital systems and networks from cyberattacks and other security breaches.\nThey also help to improve security policies and procedures to prevent future attacks.\nOne of these specialists at SECUINFRA is <a href=\"\" target=\"\" rel=\"noopener\">\u00d6zg\u00fcr Bagdemir<\/a>, who joined SECUINFRA in 2022.\n\u00d6zg\u00fcr describes himself as a &#8220;cyber security enthusiast&#8221; and answers a few questions about his challenging job here.    <\/p>\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_does_a_cyber_defense_analyst_actually_do\"><\/span>What does a cyber defense analyst actually do?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n<p class=\"wp-block-paragraph\">The tasks are very varied, in fact much more varied than many people think.\nIt&#8217;s by no means the case that you just press buttons in <strong>Security Information and Event Management (SIEM)<\/strong>.\nMy tasks range from onboarding our customers to use case development, content tuning and monitoring.\nI work at SECUINFRA <strong>24\/7<\/strong> in the <a href=\"\">Cyber Detection and Response Center (CDRC)<\/a>.\nOne of my main tasks is to ensure that the incidents reported by customers are dealt with as quickly as possible.\nI therefore accept inquiries by system, telephone and email and investigate them together with my colleagues from forensics.     <\/p>\n\n<p class=\"wp-block-paragraph\">This involves identifying, assessing and mitigating <strong>security threats<\/strong> and incidents &#8211; as quickly as possible, of course.\nTo this end, we monitor our customers&#8217; infrastructure around the clock and keep an eye out for anomalies.\nWith all of our highly specialized analysts working in three shifts, we are able to respond to potential problems, vulnerabilities, security risks, <strong>cyber threats<\/strong> and attacks at any time of day.\nThis is reflected in our modular and flexible <a href=\"https:\/\/testing.secuinfra.com\/en\/news\/second-cyber-detection-and-response-center-berlin\/\">MDR<\/a> (Managed Detection and Response) <a href=\"https:\/\/testing.secuinfra.com\/en\/news\/second-cyber-detection-and-response-center-berlin\/\">services<\/a>, which we tailor individually to our customers.   <\/p>\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Which_customers_do_you_have_and_why_do_they_need_you\"><\/span>Which customers do you have and why do they need you?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n<p class=\"wp-block-paragraph\">To answer this question, you have to bear in mind that setting up and operating your own Security Operations Center (SOC) involves a great deal of effort and high costs.\nMany companies cannot and do not want to afford this.\nTo make matters worse, the required security specialists are very difficult to find on the job market.\nFor these reasons, it is usually much more efficient to outsource these services to highly specialized service providers like us.\nWe have the expertise and the infrastructure to implement the operation of a SOC promptly and cost-effectively for any company.\nSECUINFRA&#8217;s service clearly stands out from the market in terms of quality and scope.\nOur customers confirm this time and again.\nMany of them also assure us that they would hardly have achieved such a high level of cyber security without our support.       <\/p>\n\n<p class=\"wp-block-paragraph\">As a <strong>Managed Security Service Provider (MSSP)<\/strong>, SECUINFRA offers individual <a href=\"https:\/\/testing.secuinfra.com\/en\/managed-detection-and-response\/no-cloud\/\" target=\"_blank\" rel=\"noreferrer noopener\">MDR services<\/a> (Managed Detection and Response) that are precisely tailored to the requirements of the respective customer: Cloud-based, no-cloud or co-managed.\nThanks to this flexible approach, we have customers of all sizes from many different industries.\nThe big advantage for our customers is that they are free to decide what they take on themselves and what they hand over to us.\nThis allows them to outsource only certain or large parts of their security operations to us.\nAccordingly, our cyber defense analysts fill different roles &#8211; depending on the customer.\nI, for example, have regular calls with my customers &#8211; sometimes weekly, sometimes daily.\nI also advise them, as I am now not only an analyst but also a <a href=\"https:\/\/testing.secuinfra.com\/en\/cyber-defense-consultant-faq\/\" target=\"_blank\" rel=\"noreferrer noopener\">cyber defense consultant<\/a>.\nFor example, I show them tuning options or inform them about the latest trends and threat situations.       <\/p>\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_does_a_typical_working_day_look_like_for_you\"><\/span>What does a typical working day look like for you?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n<p class=\"wp-block-paragraph\">We always work as a team &#8211; around the clock, every day of the year, of course.\nAfter all, we have to be able to react to SECURITY events at any time &#8211; and very quickly.\nThis is the only way we can prevent major damage from occurring.\nIn order to guarantee this 24\/7 operation, we work in three shifts, as mentioned, which start at 8:00, 16:00 and 0:00.\nThere is an hour&#8217;s overlap between each shift so that everyone can exchange information about registered incidents and other important information.    <\/p>\n\n<p class=\"wp-block-paragraph\">These expert meetings, which take place three times a day, are very important to me and have a high priority at SECUINFRA.\nThis is because the entire team comes together and discusses all anomalies, attacks and threats.\nOur customers benefit enormously from this, as everyone is on the same page and can react even faster.\nWe can also pass on information, discuss news and distribute tasks in these meetings.\nSo we have a regular transfer of knowledge, which I personally really appreciate.    <\/p>\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_do_you_become_a_Cyber_Defense_Analyst\"><\/span>How do you become a Cyber Defense Analyst?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n<p class=\"wp-block-paragraph\">Typically, a cyber defense analyst has completed <strong>vocational training in the IT sector<\/strong> with appropriate further training or a degree in (business) informatics or even cyber security.\nBut that doesn&#8217;t always have to be the case.\nIf I look at my team or my own career, I notice that this role is increasingly being filled by lateral entrants.\nFor example, I have a background in political science.\nThis diversity is a great advantage in my day-to-day work because it brings together different perspectives.\nApart from that, it would not be possible to hire only IT specialists, for example, because then we would be short of skilled workers.\nThe enormous growth of IT in general and the cyber security sector in particular has meant that conventional training paths are not producing enough <strong>IT specialists<\/strong>.\nThe demand is simply higher than the labor market can provide.\nThis is a recurring theme, not only from the Federal Employment Agency, but also from the Federal Office for Information Security (BSI) and industry associations.        <\/p>\n\n<p class=\"wp-block-paragraph\">At SECUINFRA, we tackle this problem by offering motivated career changers who are willing to learn the opportunity to prove themselves and develop into security experts.\nOf course, all candidates must have the necessary basic knowledge in areas such as IT or networks.\nHowever, we do not expect them to already be cyber defense professionals.\nOur company offers excellent induction and ongoing training to impart and deepen the necessary knowledge.\nAfter all, we want to ensure that every new employee meets SECUINFRA&#8217;s high quality and competence standards.\nI myself have now been certified several times and benefit from the fact that SECUINFRA attaches great importance to product-neutral training and teaching content such as SANS and OffSec in addition to a wide range of product training courses, such as those for Microsoft, Elastic and Splunk.     <\/p>\n\n<p class=\"wp-block-paragraph\">To avoid any misunderstandings: Not everyone has to be able to do everything or even the same thing.\nOn the contrary, our team benefits from the diversity and different backgrounds of its members.\nFor example, cryptography experts meet proven practitioners who have extensive knowledge as Linux or Windows administrators.\nHardware specialists are also part of our team.\nThese different experiences help us because, after all, the threats are also very diverse.\nAnd they are constantly changing.     <\/p>\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_would_you_recommend_to_potential_junior_employees_who_are_interested_in_the_topic_of_cyber_security\"><\/span>What would you recommend to potential junior employees who are interested in the topic of cyber security?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n<p class=\"wp-block-paragraph\">To put it in two words: Be curious!\nCuriosity is a deeply human trait that has not only greatly advanced our culture and knowledge, but is also of great benefit to the field of cyber defense.\nAfter all, the IT landscape and technologies are constantly changing &#8211; as are the threats posed by cyber attacks.\nIt is therefore important to keep up to date and to keep abreast of new technologies and all the associated changes.\nI also recommend gaining a lot of practical experience in your free time.\nYou can do this alone or in a team.\nCyber security learning platforms, for example, are suitable for this, as are CTF (Capture The Flag) events, where you have to find the cleverest possible solutions together with your teammates.      <\/p>\n\n<p class=\"wp-block-paragraph\">If you are thinking about starting a degree course, we would also like to draw your attention to the possibility of an internship or work-study program with us.\nIt should be noted that our students are not assigned to monotonous tasks or marginal hours, but are actively involved in exciting tasks and projects.\nSECUINFRA is a cooperation partner of Darmstadt University of Applied Sciences and offers young professionals the opportunity to gain initial experience in a highly interesting job as part of a <a href=\"\" target=\"\" rel=\"noopener\">dual study program<\/a>.\nThere you can see very clearly how exciting and diverse the topic of cyber security is.\nMy role as a cyber defense analyst and consultant is just one of many.\nIf you want to find out more about other professional fields, I recommend the article on <a href=\"\" target=\"\" rel=\"noopener\">SIEM use case developers<\/a> from our &#8220;Job Insights&#8221; series, for example.\nThis also shows very clearly how diverse and varied the work at a leading cyber defense specialist like SECUINFRA is.      <\/p>\n\n<p class=\"wp-block-paragraph\">Sounds exciting?\nIt is!\nIf you would like to become part of our Cyber Defense team and work on new SIEM use cases, take a look at <a href=\"https:\/\/testing.secuinfra.com\/en\/news\/dual-study-program-at-secuinfra\/\" target=\"_blank\" rel=\"noreferrer noopener\">SECUINFRA\/Careers<\/a> or apply directly to us: <a href=\"\" target=\"\" rel=\"noopener\">karriere@secuinfra.com.<\/a>  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>A cyber defense analyst plays a critical role in the field of cyber security.<br \/>\nThey help organizations protect their digital systems and networks from cyberattacks and other security breaches.<br \/>\nThey also help to improve security policies and procedures to prevent future attacks.<br \/>\nOne of these specialists at SECUINFRA is \u00d6zg\u00fcr Bagdemir, who joined SECUINFRA in 2022.<br \/>\n\u00d6zg\u00fcr describes himself as a &#8220;cyber security enthusiast&#8221; and answers a few questions about his challenging job here.    <\/p>\n","protected":false},"author":37,"featured_media":53360,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[248,81],"tags":[734],"dpc_coauthors":[],"class_list":["post-53362","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-security-career","category-techtalk","tag-job-insights-en"],"acf":[],"_links":{"self":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/53362","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/users\/37"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/comments?post=53362"}],"version-history":[{"count":0,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/53362\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/media\/53360"}],"wp:attachment":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/media?parent=53362"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/categories?post=53362"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/tags?post=53362"},{"taxonomy":"dpc_coauthors","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/dpc_coauthors?post=53362"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}