So I've been made an offer to move from B2B security consulting into an in-house role as a technology consultant with a critical national infrastructure.
They're on a 7 year cloud migration journey (the usual flavours--Azure, AWS, GCP) and basically want someone to come in to help with infrastructure security standards. My job would mostly be around obsolescence and security (ISO and NIS controls or alignment mapping, threat modelling, etc).
Stepping into OT/ICS cyber security is a big one or a huge deal for me as this sort of place can be very different and I'm humble enough to accept that. I see it as a huge move for my career and I don't want to get hung up as from my experience it is the CISOs or someone higher's role to usually dictate strategy and tools available, besides, IT vs OT realisation are 2 different things to protect.
Just wondering if anyone here has been on this sort of journey and in this space before and can point at some resource and or some good advice going forward. I'd very much appreciate it ... submitted by /u/KwekuObeng
[link] [comments]
http://dlvr.it/T1fPFr
Full width home advertisement
Blog Archive
-
▼
2024
(231)
-
▼
January
(55)
- Project Manager without technical experience? I wo...
- Clicker — HackTheBox Machine Simple Writeup by Kar...
- IT, IS, Cybersecurity and/or InfoSec Audit
- Your Life in the Crosshairs of Cybersecurity Threats!
- Is hacking getting boring
- 5.7 Lab: Weak isolation on dual-use endpoint | 2024
- Top cybersecurity stories for the week of 01-22-24...
- How do you do Detection-as-Code?
- The art of learning bug bounty.
- SQL Injection on PostgreSQL
- How do you actually find bugs? (My 2 year experience)
- Does anyone know of a 3rd party vendor risk *monit...
- Making My First 10K by Hacking Open Source Targets
- Pivoting to pentesting/red teaming
- Login DoS — That requires simply sending a lot of ...
- Technology Consultant - Obsolescence and Security
- 52% of IT leaders will adopt GenAI tools for cyber...
- Top cybersecurity stories for the week of 01-15-24...
- Hydra Tryhackme: Walkthrough/Writeup
- AI is making cyber criminals dangerous with tools ...
- question for the younger folks in the 'biz, about ...
- Security tools behind Okta?
- Web Security Academy — Business Logic Vulnerabilit...
- The problem with most file encryption tools. A cas...
- SMTP Server (JAMES SMTP Server 2.3.2)
- Despite A Rise in Cyber Attacks, Many Users Still ...
- Aussie Small Business Owners – Join Our New Cybers...
- 3.2 Lab: File path traversal, traversal sequences ...
- Common obstacles to exploiting path traversal vuln...
- Seeking Insights from UK Businesses Conducting Cyb...
- Windows Exploitation Learning Path in TryHackMe
- Few consumers adopt cybersecurity tools, despite p...
- A Beginner’s Guide to Bug Hunting: Your Passport t...
- How AI Tools Are Revolutionizing Cybersecurity in ...
- Automating the Detection of Malicious URLs
- Subdomain Bruteforce Tool
- New York State Plans to Give Some Cities Free Cybe...
- Blind boolean-based SQLi, by manipulating url
- How to build a DLP program from the ground up?
- Paid Subscriptions Resources which will be useful ...
- Week in review: 15 open-source cybersecurity tools...
- Massive Data Breach Unveiled by Orrick Law Firm, A...
- The Art of Shodan
- Cybersecurity posture for AI app: a viable busines...
- My first bugs in 2024
- Survey Surfaces Lack of Confidence in Existing Cyb...
- Adding mTLS to legacy tools?
- 2.6 Lab: Broken brute-force protection, IP block |...
- 15 open-source cybersecurity tools you'll wish you...
- Inventory of assets - what tooling do you use?
- My First Bug Bounty: Lessons Learned and Money Earned
- Cybersecurity Toolbox: 10 Essential Tools for Ever...
- From Disclosure to High Severity: Leveraging Dyte ...
- Penetration testing?
- Simple Subdomain Takeover
-
▼
January
(55)
Advertisement
LIVE CYBERTHREAT
Latest Trends
Contact Form
amcat question search
search Pentest tools
Total Pageviews
Search Blog
Copyright 2017, " Vpentest ". All rights Reserved.
| Designed by Colorlib
No comments:
Post a Comment