In this video I talk about my job working as a Senior Information Security Analyst working at a bank. I go over my job duties and my day-to-day activities in order to shed light on what an actual job in Cybersecurity might be like.
🙇♂️ – Patreon – 🙇♂️
▶ – Any support greatly appreciated!!
⌨️ – Coding – ⌨️
▶ My favorite coding tutorials (CodeWithMosh):
⭐️ – Social Media – ⭐️
▶ Instagram:
▶ LinkedIn:
▶ Patreon:
▶ Twitter:
▶ Facebook:
🎥 – Equipment – 🎥
▶ Camera (Sony a6600):
▶ Mic (Blue Yeti):
▶ Capture Card (Camera to PC):
▶ Chair (AKRacing):
▶ Lighting (Lamp):
📄 – Sample Resumes – 📄
▶ Software Engineering:
▶ Cybersecurity:
▶ Information Technology:
Intro
In today’s video I’m going to talk about my typical day working as a
Senior Information Security Analyst at American Savings Bank in Hawaii
This job was pretty interesting because first of all, it was in hawaii,
Also I was a TEKsystems contractor working for the bank when I got this job.
If you want to hear a bit more about this job, you can check out this video at the 0:00 mark.
ASB
When I got hired, the bank had a bunch of security solutions
but they weren’t really configured or setup properly
The security solutions were a SIEM, a DLP solution, and a web filtering/proxy solution.
IF you don’t already know, A SIEM is a security information and event management system
It’s a super common tool and I have a really cool video about one here
There were kinda “phases” of my employment here where the majority of my day
was spent setting up these security solutions.
I spent most of my time in this role setting up the SIEM.
Bear in mind I had no training and prior experience working with this,
or any security tools really, I got hired based on some of my personal security projects
and prior IT knowledge
so it was a lot of reading the documentation, working with the SIEM vendor,
and a lot of effort and trial and error on my part.
A big part of getting the SIEM setup was
working with /MANY/ other teams within the bank to get ingest logs into SIEM
The SIEM needs logs in order to inspect them, make correlations, and trigger alerts
Another huge chunk of what I did after the initial configuration of the SIEM
was to setup the DLP solution
If you didn’t know already, DLP stands for Data Loss Prevention
and the point of DLP is to prevent sensitive information from being
leaked, lost, or otherwise disclosed in some way.
Sensitive data might include financial account numbers, SSNs, or any other kind of PII
I won’t go into this too deep, but our particular solution would intercept
web traffic, attempts to print, removable devices, and corporate email
I would make configure matches and thresholds to stop/alert when someone
try to do anything too sus that might be indicative of data leakage
For example, someone sent a document with a thousand SSNs on it and everyone’s salary
The DLP solution I setup flagged this and alerted me
And that’s how I learned how much the COO and CEO made
So, my day-to-day for the most part was just setting up these security tools
I was either reading documentation, working with ForcePoint or LogRhythm support staff
Working with other IT personnel within the bank to gather logs from their systems
Or working with the deployment team to push out portions of the DLP solution.
This job was a lot of fun because I would use the SIEM and create dashboards
to find out who the biggest slacker was (Facebook/reddit usage). It was hilarious
0:00 Intro
0:14 Overview of job’
1:00 What I Did
2:20 Working with the SIEM
4:39 Misuse dashboard
5:50 Working with the DLP Solution
8:00 DLP profanity filter
8:40 Mass SSN exfiltration story
9:40 Day-to-Day summary
10:30 Outro
DISCLAIMER: This video description has some affiliate links and I may receive a small commission. I only share stuff that I use and believe in. Thanks so much for your support 🥺
