With this new community, I figured it would be interesting to get a gauge on if there are any security professionals within the community, and what roles everyone holds?
I personally specialize in GRC, but have also worked in network engineering in the past.
I am a developer that shakes my fist every time my job gets harder when I have to follow one of your sane yet annoying rules.
Wait… these stupid IT security tests are now following me onto lemmy? The really obvious trying to be funny fake security emails are bad enough at work!
Oops! You clicked on a simulated phishing test.
It’s surprising how many people still fall for those tests.
I was tired one morning and fell for one :(
It happens. Better to fall for a fake one.
I remember back in 2000 or 2001 sitting at my desk and all of sudden my work e-mail client started going nuts with notifications filling with random emails. That was followed by people yelling “who clicked on that?!” Note: it wasn’t me. Good times.
What is your security role within your organization?
CISO
Unfortunately I need to just know a lot of things and point the company into the correct direction. The more I know the better decisions I can make. Also the guy that @[email protected] is complaining about since I’m the enforcer of those rules (yes my devs hate me for it sometimes… but I’d rather be hated by devs than sitting in court).
I have an active part in product selection and security reviews as well as system’s architecture and integration.
The easiest answer is: Yes. I started at my current location as a Security Engineer. Now I’m a Security Architect. Whenever there’s a question I have the opportunity to make up a convincing sounding answer. In the past I followed the Network road from ops, to engineer, and eventually got to CIO. Then I realized I didn’t know enough about security and started over in Security ops.
Not a professional just yet, will be someday. At the moment just a hobbyist.