Another skilset that's remained consistent is my experience with system hardening. I was first introduced to system hardening in high school, doing both Windows and Ubuntu systems hardening for CyberPatriot. In college, I participate in attack/defend competitions and also participated at least once in CCDC. I provided auditing of Active Directory permissions, enforcing Duo two factor authentication on multiple distinct service types including custom web applications and SSH of sensitive servers.
At work, with the consideration I do not manage our firewalls, I approach our security with four major priorities. For further elaboration I can discuss privately, but I've not been authorized to further discuss our infrastructure at work.
- Protect Client and Otherwise Sensitive Data
- Assume a LAN/Insider Threat
- Encrypt Data Whenever Possible
- Defense in Depth