The iTRS’ Post

🔒 Experienced IT Professional Specializing in Cybersecurity & System Administration🔧 With 4 years of hands-on experience in *information security , system administration, and L1 technical support within Security Operations Centers (SOCs) , I bring a comprehensive skill set to the table. I have expertise in: - Network and System Security - Vulnerability Management and Remediation - Troubleshooting and IT Infrastructure Optimization I am proficient in using tools like SentinelOne and CrowdStrike EDR/XDR for endpoint security, along with managing Sophos and SonicWall firewalls for network protection. I have a proven track record of investigating security incidents and effectively providing solutions. With a passion for advancing my career in cybersecurity and System Administration or SOC Level 1 roles. I'm committed to continuous learning and staying ahead in the ever-evolving field of IT infrastructure and security. Let's connect if you're looking for a detail-oriented professional who is dedicated to securing your systems and networks! 🚀 #InformationSecurity #SystemAdministration #SOC #Cybersecurity #EDR #XDR #SentinelOne #CrowdStrike #Firewall #VulnerabilityManagement #ITSupport #EndpointSecurity #CyberDefense #ITInfrastructure

Are you looking to prepare for Cyber Security related jobs in 2024? Look no further. Here are some key roles and responsibilities that you should consider exploring: - Blue team: responsible for defending against cyberattacks and ensuring the security of an organization's systems. - Red team: responsible for testing the effectiveness of an organization's defenses by simulating attacks. - Cloud security: responsible for securing cloud-based systems and data. - GRC (Governance, Risk and Compliance): responsible for ensuring an organization's policies and procedures comply with laws and regulations. - Identity and Access Management: responsible for managing user access to an organization's systems and data. By understanding these key roles and responsibilities, you can better prepare yourself for a successful career in Cyber Security. Stay ahead of the game and start exploring these opportunities today. #Cybersecurity #JobRoles #blueteam #redteam #cloudsecurity #grc #identityaccessmanagement

Because we are all in a world of hurt due to many people in sys admin and NOC roles currently having a knowledge gap on the basic principles and core concepts of security in general. The words "skills gap" come to mind. Entry level candidates being more aware of cybersecurity basics, or even more advanced knowledge, only strengthens the entire industry. It's a good idea and helps those in positions with an extreme amount of access into very serious systems make better choices and be aware of things that they will face. Knowledge is power. Someday people will outgrow their entry level status. Having a strong foundation of hands on training, certs, and experience allows us to move past entry level positions. Also a huge training money grab, but ultimately it's better to learn this stuff independently than the way the corporations are going to put it in there yearly click through training sessions. Just think, a person working for a noc, entry level, and they get scammed into dropping an entire corporate network because they didn't understand phishing. Or maybe it is really because cybersecurity should be several classes in High School by now. My name is Stephen and I work the NOC, I support Security+ and CySA+ type certifications for these type of roles. A Network+ or equivalent not bad either for those without networking experience.

🌐 What Are the 7 Categories of NICE Cybersecurity Framework? 🌐 The NICE Cybersecurity Workforce Framework (NIST SP 800-181) is a comprehensive guide to understanding the key roles in the cybersecurity workforce. It organizes cybersecurity work into 7 categories, each critical in the fight against cyber threats. Here's a quick breakdown: 1️⃣ Securely Provision Focuses on conceptualizing, designing, and building secure IT systems. It includes roles like software developers and cybersecurity architects. 2️⃣ Operate and Maintain Ensures smooth functioning of IT systems by managing, monitoring, and maintaining them securely. This includes system administrators and network operations specialists. 3️⃣ Oversee and Govern Involves leadership roles responsible for setting policies, managing risk, and ensuring compliance with cybersecurity laws. Think CISOs, compliance officers, and policy advisors. 4️⃣ Protect and Defend Centered around detecting, analyzing, and responding to cyber threats and incidents. It includes roles such as security analysts and incident responders. 5️⃣ Analyze Roles focused on highly specialized research and analysis to improve cybersecurity. This category includes cyber threat analysts and forensic experts. 6️⃣ Collect and Operate Involves conducting specialized operations and gathering cybersecurity information to support security efforts. Professionals here include intelligence analysts and cyber operators. 7️⃣ Investigate Deals with conducting investigations to detect cybersecurity breaches, understand the source, and take appropriate action. Cybercrime investigators and digital forensic specialists fall under this category. 🚀 Cybersecurity is more than just coding—it’s a multidisciplinary field with various pathways! Understanding these categories helps individuals and organizations navigate their cyber defense needs. #Cybersecurity #NICEFramework #CyberJobs #TechCareers #CyberAwareness

Careers in Cybersecurity Cybersecurity is a rapidly growing field, with a variety of roles that cater to different skills and interests. Here’s a list of common career paths in cybersecurity: Security Analyst Monitors networks for security breaches. Analyzes security incidents and implements measures to prevent future breaches. Penetration Tester (Ethical Hacker) Conducts simulated attacks to identify vulnerabilities. Works to strengthen defenses based on findings. Security Engineer Designs and implements security systems. Works on firewalls, intrusion detection systems, and other protective measures. Incident Responder Responds to security breaches and incidents. Analyzes and mitigates threats, often working in real-time to protect assets. Chief Information Security Officer (CISO) Oversees the entire cybersecurity strategy for an organization. Manages teams, budgets, and policies related to security. Network Security Specialist Focuses on securing an organization’s network infrastructure. Implements protocols to protect data in transit. Security Consultant Provides expert advice to organizations on best practices in cybersecurity. May work independently or as part of a consulting firm. Malware Analyst Studies and analyzes malicious software to understand how it operates. Develops strategies to defend against malware attacks. Forensic Analyst Investigates cybercrimes and security breaches. Gathers evidence and prepares reports for legal actions. Compliance Officer Ensures that organizations adhere to security regulations and standards. Develops policies to meet compliance requirements. Cloud Security Specialist Focuses on securing cloud-based services and applications. Implements controls and monitors for vulnerabilities in cloud environments. Application Security Engineer Works on securing applications during the development process. Conducts code reviews and security testing. #snsinstitions #snsdesignthinkers #designthinking

🛠️ Balancing Multiple Roles in IT Support In smaller organizations, Help Desk Technicians often wear multiple hats—networking, system administration, or even cybersecurity. Being adaptable and multi-skilled is key to delivering comprehensive support. What other roles do you juggle besides IT support? #MultiSkilledTech #ITSupportChallenges #AdaptabilityInTech #HelpDeskLife

🛡️𝐄𝐥𝐞𝐯𝐚𝐭𝐞 𝐘𝐨𝐮𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐆𝐚𝐦𝐞 𝐰𝐢𝐭𝐡 𝐚 𝐌𝐨𝐝𝐞𝐫𝐧 𝐖𝐨𝐫𝐤𝐩𝐥𝐚𝐜𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐧𝐬𝐮𝐥𝐭𝐚𝐧𝐭!🌟  In today's interconnected world, cybersecurity is not just a priority—it's a competitive advantage. Hiring a contractor for your security project ensures: 🔒 Implementation of cutting-edge security solutions like Microsoft Defender for Endpoint and Azure AD Identity Protection to fortify your digital fortress.    🚀 Agile execution with rapid integration of advanced threat detection and response capabilities into your IT infrastructure. 📊 Cost-efficiency and flexibility in scaling resources as per project needs, optimizing your security investment.   Ready to transform your security strategy into a business enabler? Let's discuss how a Modern Workplace Security consultant contractor can safeguard your future. #CyberSecurity #ModernWorkplace #BusinessSecurity #HiringNow #ITConsulting #ContractorAdvantage

What do you need to know to work in "Cyber Security"? If you think you're ready to for a Cyber security position just because you know how to do a PEN test, you're probably never going to get hired. To have VALUE in the field of Cyber security you need to have a deep understanding of: Desktop operating systems (Windows 10, Windows 11, MAC OS). Server Operating Systems (Windows Server 2016, 2019, 2022 and Linux). Advanced Layer3-7 networking concepts. VLAN setup and mangement. Network switch configuration and management. Host-based firewall configuration. Active Directory. Group Policy. LDAP. Radius authentication. Network firewall configuration and management. Firewall policies. Secure IPSec tunnel setup. SSL VPN setup and security. 2-factor authentication. Single Sign-On. Network micro-segmentation strategies. Malware lateral-movement prevention strategies. Endpoint protection via Group Policy, local security policies, and ML-based agent deployment. The list goes on. I put this out there because I see "Cyber security" job hunters complaining (constantly) about not getting hired, yet the entirety of their "experience" is in "threat hunting", but they have nearly ZERO experience in any of the above areas of protection. It's one thing to tell someone they are vulnerable - which they already know. If you don't know how to "fix" those vulnerabilities, you are no more valuable than a paid subscription to Tenable's Nessus scanner software (which is $3,990 per year) or a SIEM/XDR product subscription (Wazuh is FREE). It's FAR more valuable to assist someone with implementing proven tactics and strategies that help PREVENT malware infection and ensure rapid detection, remediation, and recovery. If you don't know how to actually help a company protect itself, you're really not ready for a job in "Cyber Security".

Same Program, Another one❤️ Flaw: Bypassing Rate limit via IP rotation to account takeover. Severity: P2 Tips: Use Tor Browser to bypass the Ratelimit, cause for every request your IP changes. for further escalation use burp IP rotator extension by configuring via AWS currently searching for job in UK in Cybersecurity, Penetration testing, & digital Forensics Investigation. #opentowork #bugbounty #bugbountytips #cybersecurity #penetrationtesting #webpentest #ethicalhacking #UK #jobs #jobsearch