So, What Do You Do?

One of my favorite scenes from Office Space is when Peter is explaining to the consultants what he does in a typical day.  My day isn’t quite as funny, but I thought some people might find it interesting.  So, here is a day in the life of a security analyst.

I arrived at work around 7:00 AM this morning and looked over the e-mail in our project mailbox to see if there was anything urgent.  There was not much going on, so I finished my coffee while looking over headlines in Google Reader.  Moments of peace are pretty rare.

A little before 8:00 AM, one of the developers stopped by to talk about a scheduled task that was set to run on one of the servers.  This task failed after the last upgrade and he was confirming that it was fixed.  We also spent some time looking at the differences between the test server and production server.

Around 9:30 AM, I had a meeting with two auditors.  They are working on an audit of user accounts on a few servers.  We went over a few spreadsheets that I had provided them earlier and discussed all of the accounts.   Thankfully, this only took about 45 minutes.

Next, I helped troubleshoot a problem on one of the servers that was running slow.  One of the volumes was filling up so three hard drives were added to the RAID array last weekend.  Unfortunately, someone added Ultra3 SCSI drives instead of Ultra-320 SCSI drives.  Ultra3 drives run half as fast as Ultra-320.

I also completed an access request and replied to a question about remote access before lunch.  I usually go for a walk during my lunch hour, at least around the building.   Today I just walked down to the cafeteria and grabbed a Snapple to go with my microwave meal before getting back to work.

Last week we received the results from a penetration test that was performed on our network.  I’ve been working in my spare time to come up with a solution to an SQL Injection vulnerability that was discovered in one of our old web applications.

This isn’t really part of my job, but I volunteered to take a look at it since the application isn’t being actively maintained right now.  I finished up my solution, tested it, and e-mailed a developer to see about getting it implemented around 12:30 PM.

From 1:30 PM until 2:30 PM I attended a staff meeting downstairs.  There are 10 people in my group and we get together once a week to talk about what we’re working on.  The meetings are always informal.  Today’s meeting was a little dry since we talked about the budget, but it wasn’t bad.

As the day winds down, I look over my Inbox to make sure I’m not falling behind on any projects.  There are only 4 messages in my box right now, so this doesn’t take long.  Two of these are about training that I need to look at and the other two are concerning ongoing projects.

This was actually a really slow day for e-mail.  I only received 10 and sent 5.  Yesterday I sent 50 messages.  We all take turns covering our project mailbox one day a week.  Yesterday was my day.

Now it’s 4:00 PM, which means quitting time for me…