ACS Code of ethics is the element of ACS constitution. As the member of this constitution I must advance and uphold the effectiveness, dignity and honour of being professional. As a good citizen I must adhere the following society values –
- Primacy of public interest
- Professional development
- Increment in quality life (ACS, 2020).
These are the components of ACS code of ethics. Now, to solve the ethical dilemma that we discussed above such as deontology, utilitarianism, social contract theory and character based ethical theory, I would suggest the IT professionals, surgeons and patients also to do act in accordance with the ACS codes of ethics. To become a good citizen of Australia every individual must adhere the principles or components discussed above.
In honesty, the surgeon and IT professionals should be honest in terms of representing their knowledge, skills, products and services (ACS, 2020).
With this ACs value, the surgeon and IT professionals would be able to distinguish between their personal opinions and professional opinions.
In Competence, the surgeon and IT professional must apply their work diligently and competently for their stakeholders (patients).
With this ACS value, the surgeon and IT professionals will accept their responsibility regarding their professional activity. This will not permit both of them to misrepresent their knowledge and skills (Users, 2020).
In professionalism, as a professional surgeon and IT professional they must increase the integrity and they should respect their patients.
This ACS value will help in continuous upgrade of knowledge and skills of surgeon and IT professional. This will also tell both that whether their work is affecting their profession and their relationships with others (Teaching, 2020).
In Primacy of public interest, in this component of ACS code of ethics all the professionals must place public’s interest over their own personal, sectional and business interests.
This value helps in identifying those individuals who are impacted by the work of surgeon and IT professional. This will help in identifying any type of conflict within the profession and the professional activity.
In Professional development, the surgeons and professionals have to increase their own professional development and of their staff and colleagues as well.
This ACS value will help surgeon and IT professionals to take a calm, informed, knowledgeable and objective stand on their professional work. This will also help in endeavour o expand knowledge of public and their understanding on ICT.
In Increment in quality life, the surgeon and the IT professionals are responsible for struggling for the quality life which does not affect the others by your work (ACS, 2020).
With this ACS value the surgeon and It professionals would be able to promote and protect the health and safety of those individuals who are affected by your professional activity. This will be helpful in getting personal satisfaction, control over those affected and competence.
When it comes to become a good citizen every person must adhere these principles of ACS code of ethics. This leads to peace, and good application of the knowledge and learning.
In situation of such dilemma between different values, Primacy of public interest obtains preference over other values. These ACS codes of conduct basically aim at someone as a practitioner individually and these codes of conduct will then be guidelines for the acceptable professional conduct. These guidelines will be applicable to the members of the ACS who are the surgeon and IT professional given in the case study. These codes of conduct will be helpful in dealing with such kind of dilemmas. The ACS values discussed above will be helpful in resolving the dilemmas (Teaching, 2020).
- ACS, (2020). About ACS CODE OF ETHICS. Available at – https://www.acs.org.au/content/dam/acs/acs-documents/Code-of-Ethics.pdf. [Accessed on – 19 April 2020].
- Wood-Black, F., & REM, M. (2016, August). What’s in a Code of Conduct?. In ABSTRACTS OF PAPERS OF THE AMERICAN CHEMICAL SOCIETY (Vol. 252). 1155 16TH ST, NW, WASHINGTON, DC 20036 USA: AMER CHEMICAL SOC.
- Teaching, (2020). About Australian Computer Society Code of Ethics. Teaching. Available at – http://teaching.csse.uwa.edu.au/units/CITS3200/ethics/acs-ethics.htm. [Accessed on – 20 April 2020].
- Users, (2020). About Australian Computer Society CODE OF ETHICS. Users. Available at http://users.ece.utexas.edu/~perry/education/SE-Intro/ACS-COE.pdf. [Accessed on – 20 April 2020].
Selected Job Profile
Role: The role of the cybersecurity specialists is to maintain the security of the computer information systems majorly against cybercrimes that involve denial of service attacks, phishing sites, viruses, hacking, and malware. The roles and responsibilities of the cybersecurity analyst includes a number of activities to take care of, some of them are mentioned below:
- Generating reports for technical as well as non-technical shareholders.
- To track and respond to “pharming” activity and ‘phishing’ emails and websites.
- To keep updated with the latest technology and security developments.
- Research about emerging risks about cybersecurity and methods to handle those threats.
- Monitor attacks, unusual activities, intrusions and unauthorized or illegal activities.
- Give guidelines and advice to the staff on issues such as unwanted or malicious and spam mails.
- Make plans for disaster recovery while security breaches.
- Help with the maintenance, creation, as well as delivery of awareness trainings about cyber security to the colleagues.
- Evaluate and test for the security products.
- Upgrade existing security systems by designing the new security systems.
- Engaged in Ethical Hacking for simulating security breaches.
- Investigating security alerts and provide response.
- Identifying potential weakness in the system and implement measures accordingly such as firewalls and encryptions.
- Monitoring identity and access management.
It is not necessary to have a degree to enter this profession of cyber security analyst. You just have to be skilled enough to work up to cyber security role.
Majority of the employer recruit for a position of a graduate, they prefer or require, a graduate degree in science or technology or may be in Engineering (Narayanan, et al., 2017).
Exact requirements may vary from employer to employer. More relevant degree subjects include:
- Computer science
- Information security
- Network Engineering
- Information security
- Network security
- Information technology
- Software Engineering
Your degree will not value any longer as once you start gaining experience, and the employers will be interested in what projects you’ve worked upon, not in your qualification. You may choose relevant subject area to undertake further studies.
Some employers can sponsor you to undergo relevant master’s degree. You can also choose a certification related to cyber security to get a proof of a knowledge you’ve gained.
Cybersecurity is one of the rapidly developing field and currently there is a skill shortage. Job scope is good for the skilled and experienced people. One will start with an entry or junior level cyber security job. After gaining the experience of several years you could get progress into senior cyber security roles like cyber security analyst/ cyber security consultant (Palmer, et. al., 2019).
After having a significant expertise in the same field, one might be able to get progress in high level leadership roles as well as managerial roles, and eventually ending up with becoming a head or director of cyber-security. Achieving certifications relevant to the cyber security might be help in your development as most employer consider these roles as important.
Self-employment can be considered as a choice, but mostly people firstly gain expertise in the relevant field. one could set a company which will provide cyber security services or can individually work as independent cyber security consultant.
Dear Mr. XYZ
PQR security Consulting
Sub: Job Application
I am looking for a job in field of cyber security analyst in a reputed company and I would like to work in your company. I think I have all necessary skills along with experience required by your company and would be glad to make valuable contribution in success of your company. As indicated by my resume I have more than 5 years of experience in field of cyber security. I have worked as team leader in national division of cyber security for more than 3 years and has done many projects as an analyst of cyber security. I have earned my degree of bachelor in field of computer science with very strong mathematical background. Previously I was working in division of national cyber security for so many years I have learned many things there and gained experience in many fields such as how we can secure any computer system like large server, and mainframe, from external as well as internal attacks. This is an obvious thing that analyst of cyber security needs continuous education about field with time because there are a lot of hackers can be seen in world and they keep finding new methods of infiltration of computer systems. An analyst of cyber security must stay ahead of them from one step so that they can’t infiltrate computer systems easily.
My main strengths lie in effectively leading a team and problem solving and I accepts challenges created by hacker to get into my computer system very gladly and I always stay ahead of them. I have strong communication skills required for leading a team and along with that my English is good so that I will not find any troubles in making necessary reports and documents. I have sharp analytical skills and can solve very complex problems easily. I have very good time management skills and able to meet deadlines for assigned projects. I can assist staff in errors understanding and glitches repairing. I have excellent knowledge about use of computer programs aiming in direction of digital security. I will love opportunity of working in your company as analyst of cyber security.
I am very certain that your company will find all of my talents and expertise up to the mark for an analyst of cyber security. Please schedule an interview according to your convenience I am expecting a person to person or a telephonic interview to be scheduled as soon as possible. I am excited to meeting you and to work in your company and I also thank you for your valuable time and for your considerations.
Major criteria of selection
Key criteria of selection in any company as an analyst of cyber security some major points must be kept in mind and there are some basic as well as advanced requirements like licensing requirements, experience, education requirements etc. for working as analyst of cyber security in any company. All these requirements are mentioned below with full description:
- Person’s bachelor’s degree must be in field of computer science or in field of information system or there can be equivalent work experience or education (Washington, 2017).
- Experience should be more than 4 years. In field of cyber security with good mathematical background.
- Person must have done advanced certification courses such as GCIA, SANS GIAC, GCIH, CASP or CISSP and special training of SIEM along with certification.
- Certification of Hold DoD 8570 IAT of 2nd level (CE + Security) at date of starting.
- An analyst must have advanced understanding in fields of TCP/IP, Basic networking
- Protocols and ports, flow of traffic, administration system, OSI model, in depth defence and elements of common security.
- High level of experience in analysing high-volume logs, network’s data and many other artifacts of attack in incident investigation’s support.
- Experience in scanning solutions of vulnerability.
- Familiarity in program of vulnerability program of DOD information’s assurance.
- Good knowledge of any of following: HIPS, anti-virus, complete packet capture, ID/PS, forensics which are host based, forensics of network, and security of RSA.
- Complete and in-depth architecture knowledge, knowledge of engineering, and all operations of minimum 1 enterprise ‘s SIEM platform (for e.g. Nitro or McAfee manager of enterprise security, Radar, Log Logic, ArcSight, Splunk.
- Experience in deploying along with developing signature. (e.g. Snort, YARA, HIPS, Suricata).
- Complete understanding of Operating system (i.e. IOS, Android, Windows) and mobile technology along with VMware technology, and basic Unix commands with Unix.
Skills required for cyber security
- System administration: An analyst of cyber security must posses’ skills of managing so many systems such as software, hardware, workstations, effectively and efficiently.
- Network security: an analyst of cyber security must have ability to protect underlying infrastructure of networking from misuse, malfunction or unauthorized access. So that a secure and safe platform can be created for all computer systems (Piplai, et al., 2019).
- Problem solving: cyber security officer must posse’s skill of problem solving as hackers always try to infiltrate systems with new techniques and an analyst must have solutions of these problems.
- Policies of information security: these are some rules that formed by a particular organization to ensure all networks and users of IT structure within company can stay secured.
- Firewall administration: firewall can be defined as a device for network security which control network traffic and decide which traffic to be allowed or which is to be rejected on based of defined rules for network security.
- Network protocols: network protocols can be defined as policies or standards made by rules, formats, procedures, that define communication in between devices over any network.
- Routers, switches, hubs: Hubs can be defined as dumb devices that have ability to pass one to other connections. Switches can be defined as semi intelligent device that knows which device has which connection, routers are very intelligent and can perform many tasks.
- Process improvement: it can be defined as a task of identifying, analysing and after that improving business processes which were not that good previously. This must be done for optimization of organization and to reach to new quality standards.
Cyber Security Analyst
Phone: (0123) 456789 | XXX@gmail.com | Website: demo.com
Verified Cyber Security Analyst having more than 6 years of expertise in system security, intelligence, security operations and cyber-crimes investigator. Skilled in risk assessment and handling, Risk Management Framework (RMF), vulnerabilities handling, Assessment as well as Authorization. Can efficiently interact with a number of different individuals, agencies, interests and constituencies.
Network Administration of TCP/IP, Penetration Testing, Antivirus, Antimalware, Vulnerability Scanning, Network Security, Framework Assessment, Snort and Nessus Risk Management, POAM Management, Authorization and Authentication, NIST, CSAM, FISMA, Firewall, FIPS Security Control Assessment and prevention Protocols/ Intrusion Detection, Mainframe, Windows, Linux and Unix Operating Systems, Packet Analysis Tools and Network Protocols.
Cyber Security Analyst
Lookout June 2013 – Present
- Interviewing system admins and other shareholders in support of the AA process to assist in generating personalized reports and/or artefacts.
- Identifying security checks and building a compliance matrix for monitoring.
- Apply adequate Federal Information System Cyber Management Regulation focused on NIST 800-37, analyse risks and weaknesses based on realistic studies.
- Supports us by protective cyberspace operations (DCO) with cyber guidance and central command (Centcom).
- Performing as the Cyber Protection Team Reduction Squad (CPT) information-security analyst within the network security divisions.
- Protects essential assets and main services inside the global knowledge system agency for security.
- Providing protection assistance to FISMA and Nist process information system security officers (Isso), and touch level.
- Implement security assessment as well as authorization environments like network protection categorization, safety and contingency plan creation, security testing & review, device accreditation, and ongoing tracking.
System Support Engineer
Crowdstrike January 2012 – May 2013
- Undertakes all-source information review of the strengths and risks of adversarial cyberspace by investigation and study.
- Researching, preparing, deploying, configuring, troubleshooting, updating and improving operating systems.
- Diagnose the problem and fix issues with equipment, applications, and networking including device control and synchronization of devices.
- Computer equipment and peripherals mounted, programmed, and modified to also include the network card, scanners, modems, and add-in panels.
- Imaged machines and network administration tools utilized for ticketing services support desk.
- Addressed remedial steps to prevent intrusion identification and destruction of viruses, and malware.
- Helping consumers define the problems through the use of the information base.
- Provide technical assistance of the information network to a broad variety of clients in industrial national security settings.
- Provide technical assistance to a broad variety of users in the industrial information security field via the computer network.
- Use predictive technology to track network irregularities and harmful communication.
- Use predictive technology to track network irregularities and harmful communication.
- Help for the deployment and troubleshooting of desktop and portable devices on Linux, macs, android, Windows computers, and iOS handheld apps; problem / incident reporting, and problem / scaling.
- Using advanced analytics discover anomalies in networks and malicious traffic.
Master of Science May 2016(Malborne University, School of Graduate &
Professional Studies , MD)
Narayanan, S. N., Ganesan, A., Joshi, K., Oates, T., Joshi, A., & Finin, T. (2018, October). Early detection of cybersecurity threats using collaborative cognition. In 2018 IEEE 4th international conference on collaboration and internet computing (CIC) (pp. 354-363). IEEE.
Piplai, A., Mittal, S., Joshi, A., Finin, T., Holt, J., & Zak, R. (2019). Creating cybersecurity knowledge graphs from malware after action reports.
Palmer, C., Angelelli, L. A., Linton, J., Singh, H., & Muresan, M. (2016, September). Cognitive Cyber Security Assistants—Computationally Deriving Cyber Intelligence and Course of Actions. In 2016 AAAI Fall Symposium Series.
Washington, T. (2017). Critical Skill Job–Cyber Security Analyst. Savannah River Site (SRS), Aiken, SC (United States).