Provide company orientation and explain job role & duties
2
Introduction to the security infrastructure and platforms used by the company
3
Check and confirm the receipt of secure access credentials
4
Training on cyber threat intelligence and risk management
5
Introduction to network security measures and procedures
6
Approval: Manager
7
Issue necessary equipment, including laptops and security tokens
8
Hands-on training on penetration testing tools
9
Guidance on how to read and interpret security logs and reports
10
Cybersecurity policy briefing
11
Training on security incident management and response
12
Provide list of key security contacts and escalation procedures
13
Guidance on use of encryption techniques and secure socket layer virtual private networks
14
Setup two-factor authentication and password management training
15
Approval: IT Department
16
Training on firewall and intrusion detection policies and procedures
17
Review of expected performance deliverables and targets
18
Training on disaster recovery plans and contingency measures
19
Approval: Team Leader
20
Tour of physical and virtual security control centers
Provide company orientation and explain job role & duties
Welcome to our company! In this task, you will receive an overview of our organization and an explanation of your job role and duties. This information will help you understand the company's goals and values, as well as clarify your responsibilities. By the end of this session, you should have a clear understanding of how your role contributes to the overall success of the organization.
Introduction to the security infrastructure and platforms used by the company
In this task, you will be introduced to our company's security infrastructure and the platforms we use to ensure the safety of our data and systems. This includes an overview of our firewalls, intrusion detection systems, antivirus software, and other security measures. By the end of this session, you should have a good understanding of how our security systems work and how they protect our organization.
1
Firewalls
2
Intrusion Detection Systems
3
Antivirus Software
4
Security Information and Event Management (SIEM) System
5
Secure Access Control Systems (ACS)
Check and confirm the receipt of secure access credentials
To ensure that you have the necessary access to our systems and networks, you need to check and confirm the receipt of your secure access credentials. These credentials will allow you to log in to our systems and perform your job duties. Please check your email and other communication channels for the receipt of your secure access credentials. Once you have successfully received them, please confirm in the form below.
Training on cyber threat intelligence and risk management
In this task, you will receive training on cyber threat intelligence and risk management. You will learn about different types of cyber threats, common attack vectors, and the steps you can take to prevent, detect, and respond to security incidents. By the end of this training, you should have a good understanding of cyber threat intelligence and risk management principles, and be able to apply them in your role as a security platform engineer.
Introduction to network security measures and procedures
Network security is crucial to protecting our organization's data and systems. In this task, you will receive an introduction to network security measures and procedures. This includes an overview of network segmentation, access control, network monitoring, and other security measures. By the end of this session, you should have a good understanding of network security principles and be able to apply them in your role as a security platform engineer.
1
Network Segmentation
2
Access Control
3
Network Monitoring
4
Vulnerability Scanning
5
Intrusion Prevention System (IPS)
Approval: Manager
Will be submitted for approval:
Provide company orientation and explain job role & duties
Will be submitted
Issue necessary equipment, including laptops and security tokens
To perform your job duties effectively, you will need the necessary equipment, including a laptop and security tokens. In this task, you will receive the equipment required for your role as a security platform engineer. Please confirm the receipt of the equipment and provide any additional information needed to set up the equipment.
1
Laptop
2
Security Token
3
Other
Hands-on training on penetration testing tools
As a security platform engineer, you will be responsible for performing penetration testing to identify vulnerabilities in our systems. In this task, you will receive hands-on training on penetration testing tools and techniques. This training will enable you to effectively assess the security of our systems and make recommendations for improvements.
1
Nmap
2
Metasploit
3
Burp Suite
4
Wireshark
5
OWASP Zap
Guidance on how to read and interpret security logs and reports
Security logs and reports provide valuable information about potential security incidents and threats. In this task, you will receive guidance on how to read and interpret security logs and reports. This includes understanding different log formats, identifying suspicious activities, and taking appropriate actions. By the end of this session, you should be able to effectively analyze security logs and reports.
Cybersecurity policy briefing
Understanding our organization's cybersecurity policies is essential for maintaining a secure environment. In this task, you will receive a comprehensive briefing on our cybersecurity policies. This includes information on data classification, acceptable use, incident response, and other important policies. By the end of this briefing, you should have a clear understanding of our cybersecurity policies and be able to adhere to them in your role as a security platform engineer.
Training on security incident management and response
As a security platform engineer, you will play a crucial role in managing and responding to security incidents. In this task, you will receive training on security incident management and response. This includes understanding the incident management process, incident classification, and appropriate response actions. By the end of this training, you should be able to effectively manage and respond to security incidents.
1
Low
2
Medium
3
High
4
Critical
5
Not Applicable
Provide list of key security contacts and escalation procedures
To ensure effective communication and timely response to security incidents, it is important to know the key security contacts and escalation procedures. In this task, you will provide a list of key security contacts and the procedures to follow when escalating security incidents. By the end of this task, you should have a comprehensive list of key security contacts and a clear understanding of the escalation procedures.
Guidance on use of encryption techniques and secure socket layer virtual private networks
Encryption techniques and secure socket layer virtual private networks (SSL VPNs) play a crucial role in protecting our sensitive data and maintaining secure communications. In this task, you will receive guidance on the use of encryption techniques and SSL VPNs. This includes understanding different encryption algorithms, configuring SSL VPN connections, and troubleshooting common issues. By the end of this session, you should be able to effectively use encryption techniques and SSL VPNs in your role as a security platform engineer.
Setup two-factor authentication and password management training
Two-factor authentication (2FA) and password management are essential for ensuring the security of our accounts and systems. In this task, you will receive training on setting up two-factor authentication and best practices for password management. This includes understanding different 2FA methods, configuring 2FA for your accounts, and creating strong and unique passwords. By the end of this training, you should be able to effectively set up 2FA and manage your passwords securely.
1
SMS
2
Email
3
Authenticator Apps
4
Hardware Tokens
5
Biometric Authentication
1
Use strong and unique passwords for each account
2
Regularly update passwords
3
Avoid sharing passwords with others
4
Enable password managers
5
Use multi-factor authentication
Approval: IT Department
Will be submitted for approval:
Issue necessary equipment, including laptops and security tokens
Will be submitted
Training on firewall and intrusion detection policies and procedures
Firewalls and intrusion detection systems play a crucial role in protecting our network from unauthorized access and malicious activities. In this task, you will receive training on firewall and intrusion detection policies and procedures. This includes understanding different firewall rules, configuring firewall policies, and analyzing intrusion detection alerts. By the end of this training, you should be able to effectively manage and configure firewalls and intrusion detection systems.
1
Investigate the alert
2
Block the suspicious IP address
3
Notify the incident response team
4
Gather additional information
5
Escalate the alert to a higher-level security analyst
Review of expected performance deliverables and targets
In this task, we will review the expected performance deliverables and targets for your role as a security platform engineer. This includes discussing key performance indicators (KPIs), goals, and expectations. By the end of this task, you should have a clear understanding of the performance deliverables and targets for your role, as well as the metrics used to measure your performance.
1
Number of identified vulnerabilities
2
Average time to respond to security incidents
3
Percentage of successful penetration tests
4
Number of security incidents resolved
5
Number of security awareness trainings conducted
Training on disaster recovery plans and contingency measures
Disaster recovery plans and contingency measures are essential for mitigating the impact of unexpected events on our business operations. In this task, you will receive training on disaster recovery plans and contingency measures. This includes understanding different disaster recovery strategies, roles and responsibilities in a disaster recovery scenario, and the steps to take in case of a business continuity event. By the end of this training, you should be able to effectively contribute to our disaster recovery efforts and implement contingency measures.
Approval: Team Leader
Will be submitted for approval:
Training on firewall and intrusion detection policies and procedures
Will be submitted
Tour of physical and virtual security control centers
To familiarize you with our security infrastructure, we will provide a tour of our physical and virtual security control centers. This will give you an opportunity to see our security monitoring systems, incident response procedures, and other security operations in action. By the end of this tour, you should have a good understanding of our security control centers and their role in maintaining a secure environment.
