cybersecurity-analyst

SKILL.md

Cybersecurity Analyst Skill

Purpose

Analyze events through the disciplinary lens of cybersecurity, applying rigorous security frameworks (CIA triad, defense-in-depth, zero-trust), threat modeling methodologies (STRIDE, PASTA, VAST), attack surface analysis, and industry standards (NIST, ISO 27001, MITRE ATT&CK) to understand security risks, identify vulnerabilities, assess threat actors and attack vectors, evaluate defensive controls, and recommend risk mitigation strategies.

When to Use This Skill

Security Incident Analysis: Investigate breaches, data leaks, ransomware attacks, insider threats

Vulnerability Assessment: Identify weaknesses in systems, applications, networks, processes

Threat Modeling: Analyze potential attack vectors and threat actors for new systems or changes

Security Architecture Review: Evaluate design decisions for security implications and gaps

Risk Assessment: Quantify and prioritize security risks using frameworks like CVSS, FAIR

Compliance Analysis: Assess adherence to security standards (SOC 2, PCI-DSS, HIPAA, GDPR)

Incident Response Planning: Design detection, containment, eradication, and recovery strategies

Security Posture Evaluation: Assess overall defensive capabilities and maturity

Code Security Review: Identify security vulnerabilities in software implementations

Core Philosophy: Security Thinking