Discovering the CSIRT analyst job with Chloé
Chloe joined Orange Cyberdefense in 2017 as an apprentice. She has been an analyst at CSIRT since last September 2019. Let’s meet her.
Where does your interest in computers come from?
It comes from my father, who had a career in computers. We had computers in our house very early. I remember spending a lot of time with him when he was dismantling them, and I enjoyed it.
Why did you choose to work in cybersecurity?
My thoughts on a career in cybersecurity began when I was in high school. I spent a lot of time looking at computer science programs, and I was most attracted to the cybersecurity programs. If I hadn’t made that choice, I might have gone into law or veterinary school. The most important thing for me has always been to do a useful job, one that has meaning and can help others. Cybersecurity meets this expectation.
What do you remember from your studies?
I worked as a student in project management at Allianz. This was my first step in cybersecurity and gave me a less technical and more global vision. I was lucky enough to do it within a multinational company, which confronted me with a diversity of situations. In particular, I accompanied the company’s CISO in the implementation of pentest missions.
In 2017, you became an apprentice at Orange Cyberdefense. Can you tell us more?
I quickly realized that the world of pentesting was not for me. The concept of penetration testing is based on the fact that the expert does not know what he is looking for. He has to find a way in. This approach does not fit me. I need a research framework. So I joined the Vulnerability Operation Center, also known as VOC, at Orange Cyberdefense. As the department’s name indicates, my job was to study computer vulnerabilities and propose solutions to fix them. It was pretty technical, and it allowed me to learn how to communicate with a client. I also loved the team. However, I had grown out of a job and was looking for a change of direction. When I discovered incident response, I felt it was a job that fit me.
Today, you are indeed an analyst at CSIRT. First, what is CSIRT?
The acronym stands for Computer Security Incident Response Team. Simply put, it is the team responsible for responding to cybersecurity incidents that are detected or suspected.
If you had to explain your job to your grandparents, what would you say?
I would tell them that being an analyst at CSIRT is a bit like playing Clue. After a security incident, you have to investigate what happened, how it happened, and when it happened. My job is to bring elements of understanding to companies that have suffered a cyber-attack. We have to identify what allowed the intrusion and give our clients the necessary advice so that the attack does not happen again.
What is your daily life like?
Right now, my typical day starts with checking the security incident analysis I did the day before. Then I resume my investigation. Investigations can last anywhere from one day to two weeks, on average. When they are finished, I produce a report. Depending on the size of the incident, I work alone or in a team. I also do monitoring to find info that could indicate a new vulnerability.
What do you like most about your job?
My favorite part is the analysis. I particularly enjoy receiving evidence, taking apart computers to collect the hard drive, going through logs, tracing back to identify suspicious behavior, and determining the source of the intrusion.
What do you like least?
Writing reports is less fun, especially since the writing has to be very factual and precise. But it is beneficial for our clients.
What advice would you give to someone who would like to do the same job as you?
I would advise you to be passionate. Even without a very advanced technical background, a good knowledge of operating systems is an asset.
What do you like to do outside of work?
Since I finished my studies, I have some free time again, which is lovely. I take advantage of it to spend more time with my relatives, and when I take some time for myself, I find the video games that I had neglected, especially RPGs, also called role-playing games. Entering professional life has allowed me to create a new balance.