Are you a Defender?
A Defender could work in a Global Security Operation’s team who are responsible for monitoring security and managing security incidents across the globe. The team’s aims are to minimise risk exposure and handle security incidents. A Defender will protect the confidentiality, integrity and availability of all assets and systems through monitoring, analysis and detection activities derived from security log feeds, security systems and reports.
Links with the CyberEPQ Modules:
3. & 4. Vulnerability Assessment and Pen-Testing
5. Information Security Vulnerability Concepts
6. Intrusion Detection and Analysis, Incident Investigation and Analysis
9. Information Security Identity and Access Management
What does a Defender do?
A Defender operates within a team that takes responsibility for the security monitoring of key technologies whilst helping to provide effective analysis and triage and handling of security information and events. A Defender also, assists in updating/developing, implementing and operating requisite processes and procedures as well as helping to develop and configure use cases, and alerting rules within Security Information and Event Management (SIEM) technologies.
Helping to develop and present appropriate Key Performance Indicators (KPI) and Key Risk Indicators (KRI) and Read more