Identify Security issues based on analysis of vulnerabilities – apply cybersecurity and privacy principles to organizational requirements
Application vulnerabilities, data backup and recovery, host/network access control mechanisms, system administration, network, and operating system hardening techniques.
Detecting host and network intrusions
Conduct vulnerability scans and recognize vulnerabilities in security systems.
Keep up on new technologies and attack vectors – use online training and other training techniques
Certifications addressing new attack vectors Security engineering
Knowledge of traffic flows across the network(TCP/IP – OSI model and ITIL (Information Technology Infrastructure Library).
Can you understand a presentation from Red Sky Alliance on a backdoor attack with the Log4J vulnerability?
A botnet can be created that is inside your systems and connects to Command and Control servers(for attackers) which communicate with encrypted or DNS communications
Vulnerability management might require a lot of skill sets.
CISA.gov webpagehttps://www.cisa.gov/critical-infrastructure-sectors discussing the critical infrastructure sectors that need to be defended