The original post: /r/cybersecurity by /u/Oompa_Loompa_SpecOps on 2024-11-12 20:21:57.
Hi Folks,
tl;dr: What are things you did not know (about yourself, the team, the subject whatever comes to mind really) but in hindsight would have prederred to know when / before getting into cybersecurity in general and incident Response in particular?
Long story: I have some 13 years experience in varying disciplines under my belt, starting with project management and consulting in the Oracle middleware realms, which in the recent years converged more and more on infrastructure and security. The past two-ish years I have been at an operator of critical infrastructure with some 50.000 employees, not in Security directly, but working as a key liaison between cybersecurity and the rest of the IT department. During that time I also became part of the IT crisis team and spent a very long weekend as part of the team responding to a certain bird (ahem) crapping on thousands of endpoints and servers.
I’ve always felt somewhat drawn to the security realm, though more out of personal interest than professional ambition. Anyways, that changed and recently I started thinking about in what ways I could add value in our cyber sec teams, with the goal of eventually pitching that to someone high Up the chaon there whom I get along with very well in a personal level.
Well that didn’t exaxtly happen as planned because he called me Out of the blue the other day and asked me, If I wanted to lead the incident Response Team in our SOC. Apparently, the current team lead gave His notice and I was the first person internally he thought of as a suitable replacement. Focus would be functional leadership and further developing standards and Toolchain, not regularly digging into active incidents myself
We’ll have a call next week to discuss further. In order to prepare myself and ask myself the right questions, I would appreciate your Help:
What are things you did not know (about yourself, the team, the subject whatever comes to mind really) but in hindsight would have prederred to know when / before getting into cybersecurity in General and incident Response in particular?
Thanks!