Network Security (NetSec)
General tips
- Use VLANs for segmenting the network (guests, file servers, IoT devices)
- Use separate WLAN SSIDs for guests
- use 802.1x/RADIUS
see also
- in this wiki:
- Reddit:
network security roles
SOC (Security) Analyst
Typically tiered Jr./Sr. or by levels. They are typically SOC monkeys with differing levels of responsibility but they typically stare at a SIEM and close alerts.
Security Engineers
again typically tiered. This is the team that maintains the security tools. They fix the SIEM or Vulnerability Scanner etc. Thus role typically specializes into a specific tool set such as SIEM, AV, vuln scanners, etc.
SecOps Engineers
they build custom tools, build plug-ins or other automation tools.
Threat Intel
they either find their own threat information or correlate existing information into something relevant their soc team or management can use or understand.
Penetration testers
also called a red team. They are the team that actively attacks a defended environment to find gaps, vulnerable systems or misconfigurations that automated tools miss.
Incident Responder
typically the team that manages or works security events that are escalated to breaches or incidents.
Compliance Team
typically deals with audits. And ensures that the technical security controls and configurations meet the applicable requirements for requirements.
Firewall and/or IDS/IPS Engineers
manage the firewall and or IDS/IPS rules and exceptions however this could be done by the network team too… Just depends on the organization.
Patch Management
could either be a security person or a good systems/application team. This person ensures all patches are applied based on their risk.
DLP Analysis
checks or verified DLP alerts to ensure the data being sent is a for a valid purpose and/or sent in a secure method.
Security Architect
designs organizational security architecture, selects products, reviews and recommends staffing skills, reviews and recommends policy. Obviously not many of these folks around, relative to the groups you identified, though.