Some days start out quiet—too quiet—for a cybersecurity analyst. Others, not so much.
“We never know what is going to happen. A day can start out calm or start out on fire and very quickly go from one or another,” says Jim Treinen, a security analyst for ProtectWise, who spends his days defending both his own company’s network as well as that of its customers.
Treinen, vice president of security research at cloud security provider ProtectWise, says his team is divided into two different groups. The first consists of the classic network security researcher-type analysts, who gather the bits and bytes of network traffic off the wire to determine what is good and bad, and who also pulls apart malware. The second group focuses on security analysis, performing behavioral analysis, machine-learning, and all the heuristic analysis that goes into judging what is legitimate activity and what is not.