2 hours 35 minutes
All right. Welcome to our last lesson in this module. Lesson to dot For this this is going to talk about require technical skills and different roles within the vulnerability management process.
So are learning objectives. Uh, we're really gonna talk about different technical skills that you need tohave a well rounded, vulnerability management team. We touched down in a little bit of module one. We're going to dig a little deeper here and talk about some individual roles a zealous the different skull skills, job positions
that we might need to really give us that knowledge that education around vulnerability management.
So first, our security analyst thes they're gonna be our first responders to any incidents or threats. Uh, they're going to be the ones that are actually detecting. They're investigating. They're responding. So they're gonna be like we mentioned the boots on the ground. People that are gonna be able to understand really what's going on in the environment. Um,
you know, and they're gonna have data analysis skills as well as technical skills.
I mean, these They're highly skilled people, you know? I know. Um, I came from a nightie background and that really helped me in my security position being able to understand those technical controls and the technology why we have it to then be able to secure it.
And then they're also gonna be implementing any security measures that management teams necessary. Eso anything that security, management or executive may say. You know what? This The priorities. Today we're gonna focus on this. They may be the ones helping with that.
Uh, they may also have additional responsibilities when it comes to disaster recovery. You know what we're talking about, You know, from the enterprise level. Hey, who is gonna be involved? You probably want your security analysts involved in your d our plans to make sure that they understand. You know what processes? What procedures? What data?
Let's secure the data so that we can bring it back up.
Um, and you might have a 24 by seven role might be on call rotation just depends on how larger organization is or what You're what you're really looking to get out of your sick your sock.
So your security engineer there will. They may be the ones maintaining the current security tools. Some of your security analyst may help Teoh again. It depends on how big your teams are. You may have people that are filling both of these roles. Um, they're gonna help to recommend and implement new tools. So they're gonna be the ones that are,
you know, really looking in the environment to try to figure out
Hey, you know what? This tool maybe doesn't work as well. I found this new tool it may be cheaper on it might help to improve our process. They might even specialize in SIM or even network engineering. Uh, so they also have kind of a specialty and data analysis as well.
They could look through logs. Um, you know, look through history's things like that so they can get a really good picture of the environment.
Um, they're probably gonna be involved in security, architecture, er and development as well.
And work with operations teams to ensure systems air patched, insecure eso They may be the ones also helping to give recommendations. You know, what do we need to dio a swell as documenting requirements and procedures related to the security team.
So a systems administrator,
the's air kind of jack of all trades responsible for managing systems in the enterprise could be anything from Windows to Linux. They could have a specialty and applications anything like that. But typical. Your systems administrator are going to be responsible for patching whatever their respective systems. Maybe
so. They're probably gonna report to either the CEO or team management again, depending on the size of the organization.
Um, and like a said, where a lot of hats jack of all trades, they're going to be working with the users and the security team. So it's really important to have them involved in vulnerability management because it can be difficult. If you're just, like, install these patches and then really understand why
they're doing this. It's like, Why am I constantly installing his patches? It's great to have them involved in the vulnerability management process
so they can understand the importance of the work that they're doing every day.
A network engineer, um, similar to saseidx men's asses faras. You know, being responsible for probably patching their systems, making sure they're secure, but they're gonna be focused on network administration and management on a lot of network. Engineers are also security network engineers. They understand securing those systems as well.
Um, and they they typically focus on one type of network technology, you know so well, maybe Cisco based or or you know, some other variation, but they're gonna be focused on, you know, specifically their devices.
Um, I've seen play of great network engineers who are skilled in security practices. So may not be, but there are lots of great training and tools out there to help if they don't. But it's great for them to help work with the security engineers to help to design secure networks.
So it's again having that communication having the ability for these teams to work together.
Everybody brings a different skill set to the table, and they can help to create a more secure environment if we all work together.
Um and so they're probably working on from deployments. They might be working in, uh, some other type of deployment, but typically on prem or maybe disaster recovery on work for I t management.
So, security leadership,
um, they're gonna have a deep understanding of regulations, laws, anything that's gonna be relevant to their organization, whether private or public, they might be the security manager of the sock or says so again. It depends on the size of your organization. What kind of leadership you have in your security team?
Um, and they're super proficient in all areas of cybersecurity. Usually reports the C i o r c e o just depends on. And they're gonna have that combo of really technical skilled and security expertise. So the ability to blend both,
which I think is so important, um, you know the first security leadership to have,
um and of course, the ability to communicate those complex problems all the way up the management chain. You know, in a meaningful way to say,
Hey, I'm not gonna give you the nuts and bolts But here's what's important. And here's why. You know, so that ability to communicate with executive management eyes also really important on and can help understand why security is important.
So today we talked about, uh, all the different roles within, you know, a vulnerability management program, different people that should be involved. So security analysts are engineers or CIS sacraments, network engineers, security, leadership and why it's so important for them to work together to really help improve security and practices throughout the organization.
We talked about what a troll means to the organization separately and in the Vulnerability Management program. And then how each individual can work together to create that cohesive program.
Ah, here in my references. And I will see you in the next lesson.