Become a cyber first-responder with this intrusion detection course
With cyberattacks evolving every day, knowing how to detect and defend your organization from intrusions is becoming a sought-after skill set.
If you’ve ever considered a career as a security analyst, Mark Viglione's newest Infosec Skills learning path, Advanced Intrusion Detection, will help you decide if it’s the right fit for you.
“If you have some knowledge in the industry, if you're a graduate and you're trying to determine what to get into, or if you want to get into the blue team side of security, some of the courses in here might be for you,” he says.
FREE role-guided training plans
Fundamentals for a career in intrusion response
While Mark's course is geared toward junior-to-mid-level professionals interested in analyst or intrusion response roles, it will give anyone who’s curious hands-on experience with various frameworks, tools and methodologies.
“If you don't know what intrusion detection is, you're going to learn a lot,” says Mark. “We'll talk about signatures, anomaly-based detection and even a little bit about machine learning. So you're going to get a lot of knowledge base from that.”
Starting with an overview of intrusion detection, this course then dives into the type of data you’ll need to build various detection use-cases as well as open-source tools and frameworks for tuning your detections.
Through hands-on labs, lectures and even a phishing simulation, you’ll review the various aspects and frameworks that make up intrusion detection techniques, and you’ll explore real-world examples of detection methodology.
By the end of this course, you’ll have gained the necessary skills you need to craft meaningful detections that will help you identify malicious activity at your organization.
Potential intrusion detection job opportunities
Under the umbrella of intrusion detection, there are many different career options ranging from working with intrusion detection systems (IDS) and anomaly detection to working in a security operations center (SOC) on a blue team — and more.
While Mark currently works as a security engineer at a Fortune 500 company, his career arc outlines the entire gamut of security roles, starting out as an analyst at a small cloud computing company. “I fell in love with security there," he says.
While the title varies from organization to organization, a tier one analyst or incident responder acts as an organization’s first line of defense in SOC.
"It's a lot of looking at alerts, combing through data and trying to respond and triage,” says Mark. "You're looking at different alerts trying to prioritize what's most important and then escalating up.”
From there, you can then move into forensic investigation or auditing, and eventually onto overseeing the entire SOC as manager.
Top three skills for a career in intrusion response
In addition to foundational knowledge about frameworks, tools and methodologies, Mark recommends that you sharpen three other key skills for a successful career in intrusion detection.
1. Communication and presentation skills
Mark explains how upper management often isn’t as technical, so being able to break down complex tools and provide quick highlights is key to helping everyone understand what’s going on.
“Knowing how to use a tool and then present that quick snapshot to a director, I noticed that's a big thing in the field," says Mark. "It’s a pretty good skill to have.”
2. Data collection
“If you're going to do any kind of detection, it really matters what data you're getting,” he says.
“If you're getting bad data, you're going to have bad detections. So I do spend a lot of time talking about the health of how you can collect some of this data, clean it [and] prepare it. Without that, you are just relying on either a vendor or yourself.”
3. Scripting
With more and more tedious tasks becoming automated, Mark believes scripting skills will be a necessity in the future.
“I think some scripting skills are going to be probably required going forward, because there's just so much automation, whether that's PowerShell or Python,” Mark says.
“You don't have to be a programmer or developer, but I think understanding some basic scripting to automate some of the more boring tasks, so you can focus on the fun stuff, is a good skill to have and probably something that you're going to see more and more in the industry as it evolves and matures.”
FREE role-guided training plans
Advice for aspiring professionals
While Mark's path was pretty clear-cut after graduation, his advice to those still trying to find their niche is to experiment. “Explore all the different domains and pick one that you have the most interest in, and try to start there,” he advises.
“I know my route was getting into the SOC and then the analyst work and then moving into engineering. But maybe you do some analytics work and you want to go pentest, or you want to try to get into ethical hacking. And that's why I built this course to say, ‘Here's some general knowledge on intrusion detection, analytics and hopefully this interests you,’” he says.
“Because I know getting out of school, there was a lot of information and I wanted someone to say, ‘Hey, what's an overview of all of this stuff before I go too, too deep into some things I might not like it.’”
Learn more about Mark's Infosec Skills courses:
About Mark Viglione
Mark Viglione is a graduate of Penn State University. He has experience working at a Fortune 500 company as a cybersecurity engineer. Mark is the founder of Enigma Networkz, a SaaS cybersecurity data analytics company helping small to midsized organizations protect their environment from cyber threats. He is a member of Ben Franklin Technology Partner’s client portfolio program and has been a speaker at Penn State Berks LaunchBox events. He has also authored various cybersecurity related coursework and labs.
Mark holds multiple cybersecurity certificates: SSCP (Systems Security Certified Practitioner), SANS GCIA (Certified Intrusion Analyst) and CompTIA CySA+ (Cybersecurity Analyst).
In this Series
- Become a cyber first-responder with this intrusion detection course
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity