Behind the Scenes of the Nanodegree: Security Analyst

Transcript follows below

Hey, I'm Milind Adari.

I'm an Information Security Engineer at The Associated Press. My job consists of me protecting journalists all over the world from cyber espionage, state-sponsored attacks, and poor cyber hygiene.

 

My name is Richard Phung. I work for Simmons University and I'm a member of the infrastructure team.

 

This course is primarily aimed at people who are either working in the technology industry and who want to know a little bit more about security operations or someone who's just graduating and might not have enough experience to, say, start working immediately and

wants to know a little bit more about what the job entails.

 

This course is aimed for information technology professionals who are looking to

segue from their career into security or security analyst looking to learn more.

 

One thing students will love about this course is a final project which consists of you exploring an insecure application, and identifying all the vulnerabilities associated with it.

 

The one thing that I can say about this course is that it gives you a pretty good launchpad to get into this industry. If you have never performed a vulnerability scan before or have done any risk assessment work, this is a great way to get started.

 

As a security analyst, one of the most rewarding experiences can be, to find a malicious threat actor and block them. The most rewarding thing about working in this field is picking up a newspaper and reading about a data breach or some other type of security incident that happened in another organization. What it does is it grounds you, it makes you think, wow, that I am working in the same field as these people or having to scramble the deal with this multimillion dollar incident.

 

It makes you feel very important that, "Hey, I'm doing my part to protect my organization from this type of thing happening."

 

After taking this course, there are really two good career paths. One, you can join a blue team like I am and become like an in-house security person and spend most of your time designing and developing infrastructure to defend against the tags.

 

The other path is to join a red team and become an ethical hacker or penetration tester.

After completing this course, you will have the foundational knowledge to enter many different entry-level roles in security, whether it's a security analyst, a sock analyst,

an IT technician, a system administrator, or a security network engineer.

 

During the hiring process, security managers will be looking for individuals with a strong analytical mindset. If you like problem-solving, then security is the right place for you. The types of skills that hiring managers are looking for when recruiting for jobs that are related to security is someone who can really see the big picture and not just looking at something technical like a computer system, but really looking at the whole organization, its users, how the business is run, and really understanding what the risks are.

 

This course is fantastic because it really takes you through the everyday workflow of a security analyst from identifying threats to mitigating them. People should take this course because it is not just about understanding computer vulnerabilities, but it is also about understanding and managing risks.