Regardless of how well you think Uni might prepare you for your post-degree work ventures, one can only truly learn by being exposed to an actual work environment.
I’ve just recently obtained my master’s degree in IT with a dual specialisation in Business Analysis and Cyber Security, and here I am, sitting at ‘my desk’ on my first day as a Business Analyst and Security Analyst Intern – sounds fancy, I know!
In this blog post, my intention is to share my expectations, the scope of, and exposure to the work I will be doing at Managed Services Australia. Essentially, the goal is to explain what it is that I bring to the table and how I am to transition from my university studies into this internship role.
I shall start with what I’ve observed in these first couple of hours and having been assigned this task. I think it’s important to understand what is expected of me, as well as it is vital for me to know what my expectations are, so that by the end of the internship, I will have clearly gained sufficient knowledge and training to be able to perform well in whatever is to come after.
Having said that, I think this is a great segue to the initial understanding I have for what will be expected of me in this role. Namely, the main project I will be working on has to do with Security Operations Centre (aka SOC). We will kick things off with a meeting which will cover the project plan for SOC and what it is that the team do for their clients. My role will be to gain as much insight as I can, especially being a fresh pair of eyes, so that I can gather, categorise, visualise and establish a model which will clearly outline and identify the processes that MSA use to provide their clients with their services.
The good thing about being an intern is knowing you have come to a company which understands that you have just finished your studies and that the way to learn as a post-grad is by being exposed to hands-on projects. And so, in that respect, I can see this will be a challenging yet rewarding journey over the next ninety days as I will have gained much knowledge not only by attending team meetings, but also by having the ability to ask when I need clarification (which is how all my lecturers from Uni remember me anyway).
There is a big unknown in the field of IT and there is no doubt I will face insecurities as I intend to best perform throughout my internship. However, I know for a fact that all challenges are just learning curves and that one can only learn more from them. I’ve demonstrated times before during my studies that I can process information and perform tasks if only I ask and am pointed in the right direction (when needed). In saying so, I hope to learn exactly how businesses operate, what services all of them require, what security implementation standards are, how MSA ensure their clients are met with best results and solutions. I also hope to bring as much value as is expected of me, and more, by creating content that will hopefully stick around as intellectual property long after my internship is done.
My master studies have shown me what modern workplaces require – from project management to IT Fundamentals, information security, database systems, object modelling, and systems analysis. My earlier customer service roles have taught me customer requirements – people skills, communication, understanding and support. So, if I combine the two, I should be able to create workflows, write documents, outline processes, and be able to present brochures, print and digital content for MSA’s clients in respect to their SOC.
The main aim of the project is for me to review and improve current programs Managed Services Australia have. I am going to work with the team to identify processes and strategies which are already in place, and I will be looking at latest frameworks to ensure the appropriate communication strategy is developed. Managed Services Australia are well-versed in cyber threat prevention and have been providing security to their customers since 2016.
Deep Dive into Technicalities
Presenting the SOC model will certainly require thorough planning and research just to be able to piece all relevant elements together.
We’ll consider the Australian Cyber Security Centre (ACSC)’s Essential Eight Maturity Model with the following mitigation strategy:
- Application control
- Patch applications
- Configure Microsoft Office macro setting
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
- Regular backups
We will focus on the five core functions of the National Institute of Standards and Technology (NIST)’s cybersecurity framework:
- Identify
- Protect
- Detect
- Respond
- Recover
We will take a closer look at the Computing Technology Industry Association (CompTIA)’s list of tasks a SOC team member would do:
- Proactive monitoring
- Incident response and recovery
- Remediation activities
- Compliance
- Coordination and context
Research on all aforementioned aspects will then help in the planning, analysing, and auditing of existing processes and tools set up, to later structure and refine the SOC framework for MSA.
As a result, the below steps will be assessed to revise the SOC:
- Re-developing the strategy
- Re-designing the service
- Re-developing the processes, policies, and procedures
- Maintaining and evolving
Now that the first article is out of the way (phew!), it is time to roll up these sleeves. To my dear readers, thank you for making it to the end of this post. Please feel free to keep an eye out and stay tuned for new developments!