For the past decade, I have listened to a number of stories from a minority of cybersecurity professionals I talk to about unbelievably hostile and abusive workplaces. More insidious to me, are the workplaces that “pass” as okay on paper, but are continually undermining, failing, and gaslighting their junior employees. Unfortunately, it’s often harder for junior people to judge that they are not being treated fairly than in cases of extreme abuse.… Read More About Cybersecurity Management and Expectations
Folks often approach me with a question along the lines of, “How do I learn ICS security?” I’ve already talked about the question with regards to general cybersecurity, so let me take a crack at it. There are a lot of parallels between that question and, “How do I get into infosec?”. I can help… Read More So You Want to Learn ICS Security…
So, you love to hack, and you’re going to get that dream job in infosec! Except, now what? A wide array of certification firms and colleges are willing to sell you an infosec program, with shiny advertisements and clever sales pitches. Unfortunately, college is massively expensive in the US, and the learning environment isn’t great… Read More College and Infosec: To Degree or not to Degree?
Chapter 7: Landing the Job So, we’ve come this far in your infosec journey. You’ve studied hard, attended conferences, played a CTF or two, updated your resume, and networked a bit within the information security community. Great work! Let’s prepare for your very first information security interview. === What to Say === There… Read More Starting an InfoSec Career – The Megamix – Chapter 7
[You can find the previous chapters in this continuing blog series here: Starting an InfoSec Career – The Megamix – Chapters 1-3 Starting an InfoSec Career – The Megamix – Chapters 4-5] Chapter 6: Self-Study Options In the previous chapters, I’ve discussed potential career paths, education and certification options, and the fundamental knowledge needed to become a… Read More Starting an InfoSec Career – The Megamix – Chapter 6
Chapter 4: Blue Team Careers With the help of many people in InfoSec who kindly gave me advice and quotes, I have created a perhaps overly simplistic listing of common InfoSec roles in today’s market. For each role I have listed a brief summary of what the job does, where these jobs can be found… Read More Starting an InfoSec Career – The Megamix – Chapters 4-5
Even once a person realizes he or she has a passion for information security, moving in the field can seem a daunting task. The education market is oversaturated with degrees, certifications, and training programs. Meanwhile, many prominent hackers mock those programs publicly. Although I’ve touched on security education and training quite a bit, I’m continually… Read More Starting an InfoSec Career – The Megamix – Chapters 1-3
It’s no secret that I’m a fan of SANS and their associated GIAC infosec certifications. Certifications aren’t worth a ton of credibility in the information security arena, but the SANS training and testing mechanisms really do ensure that students have to have some clue about the topic to pass. The courses aren’t cheap, but SANS… Read More Better GIAC Testing with Pancakes