Jan 4 3 min read
A Day In The Life Of Head Of Security
At Bluecube, one of the most important features of our tech support is our IT security services. We have several in-house teams whose job is to ensure our client’s IT infrastructure is secure. Our FCR (First Contact Resolution) team is who our clients contact for remote IT support, however, when an issue needs to be escalated they notify our head of security.
Our head of security, Sam, acts as the ISMS (Information Security Management) manager and also develops all Bluecube’s security strategies. Sam has a unique working day that often involves resolving issues quickly to protect our clients' organisations.
We spoke with Sam to find out what a typical day is like as Bluecube's head of security:
Walkthrough Of Our Head Of Security’s Day
Respond, Orientate, & Schedule
08:30 – Once I get into the office, I grab a cup of coffee and check my emails and Microsoft Teams’ messages. I respond to quick queries while scheduling anything that needs further analysis or discussion into my day. Most items that reach me need scheduling!
09:00 – I check the latest security news updates that relate to our technology stack. From there, I decide if we need to evaluate any of the updates to monitor their impact on our clients. Our identity and endpoint security controls mitigate most risks because our standard operating procedures are implemented and maintained effectively. However, we sometimes have to escalate patching for critical issues or investigate them further.
Monitoring what attackers are doing helps me to plan our security strategy. To give the company an overview of the top security events happening in the world, I regularly share key items on our intranet with context and analysis. This helps all staff to be Bluecube’s eyes and ears when checking for potential emerging threats.
Perform, Support, & Co-Ordinate Security Activities
09:30 – I supported one of our operations engineers to close out a firewall issue. This had been identified by a client during a recent penetration test on their network while checking configuration changes were going to be effective. I also acted as point man, translating the technical information into non-technical feedback and updates for the Client Engagement Manager.
Because I am plugged into the ebb and flow of current security events, I can appreciate the issues clients face and the need to resolve them quickly. Cyberattacks move fast and I enjoy helping keep the bad guys out with our rapid response time.
10:00 – I develop process diagrams based on previous work with clients. Afterwards, I plan and schedule a session to discuss and agree on roles and responsibilities for our Cyber Essentials security service. This meeting is with the Client Engagement, Projects, and Governance department heads. I enjoy drawing process diagrams, but I prefer bringing them to life!
10:30 - Quick break and I go for a walk.
11:00 – I catch up with one of the partner organisations that help us with some administrative and policy level tasks. As I am the ISMS manager and develop our security services, I need to switch between technical and policy level thinking throughout the day.
12:00 – After enjoying my lunch in the Bluecube kitchen, I usually go and play my trumpet by the lake!
Build The Security Service & More Security Activities
13:00 – I focus on testing a new platform for reporting on SharePoint permissions and activity. I draw on people at the software company and in the Projects and DevOps teams to help get it up and running. I check for performance issues and think of strategies for overcoming any problems. I also monitor which outputs are most useful to our clients who are trying to identify information security risks and spot suspicious behaviour that may need investigating.
15:00 – After my colleagues in the FCR team stop an attack by validating an incident and resetting a password, they contact me to perform further investigation and threat assessment. I surface all the details of the incident using various tools and write a report on what happened. In the report, I try to bring the story to life for the client so they understand the threat and how we prevented it. It’s important to understand that behind the domains, servers, IP addresses, and malicious links are humans, often looking for financial gain. My job is to stop them.
Plan For Tomorrow
17:00 – Switching between technical configuration, security research, writing guidance, and strategic planning can make your head spin. To combat this, I like to select 2 tasks to complete the following day, one for the morning and the other for the afternoon. I use these tasks as an anchor to help me feel a sense of achievement and progress.
I am very curious about the unknown, enjoy researching and writing about security and helping to keep people safe.
Contact Us Today