I snoozed my alarm and suddenly I am running late, pop into the shower, have my brekky and I am on the first bus into town.
Usually takes around 50minutes to get to work so I spend this time catching up on the most recent cyber news.
Start off the day by grabbing a Mocha downstairs, fill up my water bottle and head to the SOC (security operations centre) which is sectioned off from the rest of the building due to the nature of the job.
Work always starts with going through the emails of myself and then also the team’s inbox to check for anything that might be urgent, this is one of the many regular checks that is assigned to me.
By now I have checked all my emails and it is time to start my daily tasks, our team looks after a variety of customers and I am assigned a couple of them specifically to monitor. I open each clients dashboard where I can get an overview of the detections within their environment and can see if they have new detections from one of the End-point Detection and Recovery (EDR) and Security Information And Event Management (SIEM) technologies we use.
Most of the alerts I see are false-positive so far, confirmed through checking the hashes and the processes that are associated with each detection. But one of the detections is a true-positive on something called Adware/PUP (Potentially Unwanted Program), so I take a bit longer investigating this, checking for anything that looks suspicious and creating a hypothesis on what the reason for the detection is.
In this case it is a program that has been downloaded in a bundle with a legitimate software so after picking my more experienced colleagues brains for a while I create an email making a request that the IT administrator of this client remove said file from their computer, inform the person who downloaded it of the IT policies and best practice, and where to download a legitimate version without the bundled Adware/PUP.
It is time for another coffee, so I head downstairs with my colleague and we grab one from the machines in the communal kitchen area.
11am means stand-up time with my teammates across Auckland, Wellington, and Brisbane. This consists of me checking in on the current projects happening within our team, asking each member of the team how they are currently going and if there is anything that they could get some help with.
I have a meeting with some of the other analysts to go over one of our newer clients I have been helping with. We use the “War Room” for privacy to review and refine anything we’ve observed to improve their environment. No customer environment is ever the same so being able to adapt and cover the customers’ security is key, which we can achieve through meetings like this.
Time for lunch – the hardest decision of the day for everyone as being down near the waterfront there are so many options for food. Recently I’ve started having Pita Pit so me and one other analyst head over there planning to meet back at the cafeteria downstairs with the others to eat and chat together.
I continue one of my regular tasks, checking for tickets that need to be addressed, creating a parent ticket for one of the analysts so they can more efficiently resolve one chain of tickets and assigning the unassigned tickets to the analysts looking after the tickets corresponding customer.
Another meeting – today, I get to catch up with my manager to see how I am faring. I recently completed my professional development plan (PDP) we have a serious discussion and he gives me some good ideas on how I can reach the goals I have outlined for myself.
Another coffee (did not realise until writing this down that I am already becoming addicted) - this time it is not a sweet mocha but a flat white to give me more focus for the rest of the afternoon.
By 3pm I have finished all the daily tasks required of me. I start looking at things I can improve or learn, and I decide to do a bit of study as we are given a few hours each week when we’re not too busy with BAU, focusing on one of the technologies we use as I will be taking an exam for it later this month or next to add to my certifications.
Working with the Brisbane side of the team to make sure they are aware of anything that needs attention before I head home. Something cool about this role is that there is always something new happening or to learn about, so no day has ever felt the same since I have started, and as long as you are completing the jobs that are assigned to you, you can use the extra time to build on yourself.
I’ve entered my timesheet for the day, packed up my stuff, put on my Discover Weekly on Spotify and hopped on the first bus home. Right now I am doing some extra study as well (something that is never ending in this field) and use a flashcard app on my phone to make the most out of my long bus ride home.
Luckily, I’m not cooking tonight and come home to some freshly home-made nachos, then I’m straight into a call with my Fiancé who is currently stuck in Japan (not for long). Later, I will jump back onto the computer to talk and game with my mates.
Time for bed!