A Day in the Life of a Computer Emergency Response Team (CIRT) Manager

Helping U.S. State, Local, Tribal, and Territorial (SLTT) government entities respond to cyber incidents on a daily basis can be intense, but Valecia manages it with a smile. As the lead for CIS’ CIRT (Cyber Incident Response Team), she oversees more than 250 incidents per year. Valecia has been at CIS for just under three years, during which time she has participated in the CIS Cares program and received awards for her leadership skills. Read on to learn more about what her day is like as a CIRT Manager.

CERT-Manager-Valecia

Please share a brief overview of what you do as a CIRT Manager.

As the CIRT Manager, my job is to assist SLTT government agencies with their cyber incident response and computer forensic needs. I currently manage a team of seven CIRT Analysts, all with very talented backgrounds and skillsets. As a manager, my job is to ensure that each incident is handled with due diligence and most of all that the entity is able to return to normal business functions as soon as possible. While we are a small team, we do occasionally get to go on-site for incident response and forensics. I also get to travel across the country to help spread awareness and educate others on proper incident response techniques.

How long have you worked at CIS/MS-ISAC?

I started working as an intern in May of 2016. I returned to CIS in January of 2017 as a full-time analyst, then moved up to management. In total, I’ve worked at CIS for 2 years and 7 months.

What education/background do you have that helped you get your position at CIS?

I received my Bachelor’s Degree in Digital Forensics from the University at Albany. While CIS was not my first career move (I worked in the marketing field for many years before returning to college), it was my first job in this field. The experience that I gained while I was an intern and an analyst helped facilitate my growth in this field. I also had prior management experience in the fast-paced restaurant industry, which helped me develop a lot of patience and the ability to multi-task. Working in the marketing and analytics field has also helped me develop an awareness of how businesses work and how to use big data to help make critical business decisions. What really got me into the digital forensics field though was a position I held at my last job, where I was tasked with handling fraudulent credit card chargebacks. It was there that I found my passion for helping to investigate and fight cybercrime, which led me to go back to school and earn my degree in Digital Forensics.

What are 5 daily tasks you do as a CIRT Manager?

  1. Review incident response and forensic analysis reports for dissemination to entities requesting assistance with an incident.
  2. Keep up-to-date with technological advances and recommend cybersecurity best practices to SLTT Governments.
  3. Work with other departments in Operations and CIS to facilitate growth and explore areas of new opportunity.
  4. Act as a participant or coordinating member on SLTT community events centered around forensics and incident handling.
  5. Manage a team of CIRT analysts dedicated to performing incident response, forensics, and malware analysis.

What is your favorite part about being a CIRT Manager

My favorite part about being a CIRT Manager is interacting with SLTT Governments. You get to meet and talk to so many different people with varying backgrounds and you learn something new every day. I also enjoy traveling and educating others on incident response and digital forensics. However, I think the most important and exciting part of my job is that my team and I get to assist the entire country with their incident response and digital forensics needs. We are on the frontline, and that’s a very proud and fulfilling position to be in.

What advice would you give a prospective CIRT Manager?

In forensics, curiosity is imperative. If you have even the slightest feeling of doubt, question it. One of my favorite quotes is by Albert Einstein, “The important thing is not to stop questioning. Curiosity has its own reason for existing.”

If you could describe your job in 3 words, what would they be?

Fulfilling. Exciting. Purposeful.

What is a skill or habit that has helped you in your current role?

I’ve always been told that I ask a lot of questions. Previously, I’ve had teachers and mentors tell me that I ask too many questions, however, I don’t think that’s a bad thing. To me, asking questions is imperative to growth and development in all aspects of life. It has played a huge role in my success.

What has surprised you about this position?

How quickly I have grown with the company. When I came in as an intern, I didn’t know much about the field. When I returned and became an analyst, my knowledge grew by leaps and bounds. Looking back now, it feels like I’ve been with the company forever, but realize that while I’ve learned so much, I have much more to learn. It’s an exciting journey to be on!

How would you describe the company culture?

I’ve never worked for a more dedicated company. However, I’m of the belief that it’s the people that make a company great to work for. I truly love coming to work every day and enjoy interacting with such talented people. CIS has been more than generous to their employees, not only with the benefits they offer but also all of the fun events that they plan. It’s those events where you really get to know people and connect with them.