negative unemployment and great job satisfaction? why infosec is aweseome
TRANSCRIPT
Negative Unemployment and Great Job Satisfaction?
Why Infosec is AWESOME
Jeff McJunkin (GSEC, GPEN, GCED, GCIH, GCFA, GMOB, CCNA, CISSP)Senior Technical StaffCounter Hack Challengesjeffmcjunkin.com
Obligatory About Me slide
Graduated SOU in 2011Computer Security / Information Assurance, emphasis in digital forensics
City of Central Point from 2008-2013Systems / Network Administrator
AppSec Consulting from April 2013 January 2014
About to start working for Counter Hack ChallengesI start the 27th!
I'm telecommuting, again
Wait, what?
Yes, I've changed employers since my last talk in April.
Read more at https://www.counterhackchallenges.com/
In short, I'll be designing hands-on challenges for teaching infosec (NetWars, US Cyber Challenge, Cyber Aces Online)
My new boss
Ed Skoudis Author of Counter Hack and Counter Hack Reloaded
Speaker
Expert witness
SANS Fellow-level InstructorAuthor of SEC 560: Network Penetration Testing and Ethical Hacking
Author of SEC 504: Hacker Techniques, Exploits, and Incident Handling
Outline of last talk
Gain skills
Use those skills
Talk to people
Goals of today's talk
See what infosec specializations exist
How to find which interest you
Next steps to becoming employable
How to enter and advance into infosec
Find what's interesting to you by tasting multiple specializations
Pick one, develop the skills further (resources and challenges exist online)
Have an online presence
If it's still interesting, find paid employment
Over time, specialize further and consider consulting
An aside on infosec...
I'm not saying infosec is for everyone
I'm biased, though, so if you...Enjoy daily and weekly challenges
Spend spare time playing with new software
Communicate well, both verbally and in writing
...then infosec could be for you!
An aside on SOU...
SOU is a liberal arts collegeNOT a job-specific technical school
Job-specific skills are for you to obtain...which is what this talk is about!
If you float through college, your employability in infosec approaches 0%
D&D analogies, anyone?
NPC classes (student, help desk, junior X)Nobody wants to hire a 12th-level Aristocrat
Starting classes (sysadmin, web developer)Fighter, Rogue, Mage, etc.
Prestige classes (exploit developer, malware analyst, SCADA forensics expert)Heavy prerequisites, equally strong returns
World of Warcraft works, too
Having a public presence
GitHub mattersLearn enough Python to solve real problems, post those scripts online
Your own website (often a blog)Share your learning experiences
Since you're in infosec, have a GPG key and share it publicly
Look at my previous presentation for more
Seeing what skills people want
Troll job advertisementsNot nearly all jobs are advertised, but if you see the same emphasis enough times, consider it
Monster.com, CareerBuilder, etc. are common
www.reddit.com/r/netsec Hiring Thread of the quarter is my favorite
Cold emails to people in the fieldRemarkably effective. People like free coffee!
Employee vs Consultant
Employees have more stability
Consultants have more flexibilityOften more income, though less consistent
My suggestion Get your training as an employee
Build ~6 months emergency fund
If you're confident, consider jumping ship (the grass is greener, by the way)
Employee vs Consultant
General rule the more specialized, the larger an organization it takes to have that role internally
Specializations
Penetration Testing (usually consulting)Web (Web Security Analyst)Programmers can do white box code review and pentesting
Else black box testing, web app pen tests
Network (Penetration Tester)Network Penetration Tester (consulting)
Next steps for penetration testing
Look at my previous presentation (email me at [email protected] or look on my website)
An aside on web app pentesting
If you: Have web application development experience
Are able to move to a metropolitan area
Have great communication skills
You're 3-6 months away from being ludicrously hire-able
Seriously, there's a huge need right now.
Specializations
Forensics (usually consulting)Civil (Computer Forensics Analyst)Big shops have internal teams, otherwise consultants
Criminal (Computer Crime Investigator)Usually requires law enforcement background
Further specializations:Network forensics
Specialized software (e.g., SCADA) forensics
Mobile forensics
Next steps for forensics
Systems administration helpsGet to know what features exist, and what artifacts they leave behind
Start developing the forensic mindset
If criminal forensics is interesting, see if you can talk with the Southern Oregon High Tech Crimes Task Force
Run through some challengeshttps://www.dc3.mil/challenge/
http://www.honeynet.org/challenges
http://pen-testing.sans.org Search for Holiday Challenges - created by Counter Hack!
Specializations
Incident ResponseOverall (Intrusion Analyst)Even mix
Malware Specialization (Malware Analyst)Usually consulting
Next steps for incident response
IR is a mix between sysadmin and forensicsKnowing the attacker mindset is useful as well
Develop an ability to quickly understand how a new network worksChatting with many sys/network administrators helps here
The additional challenge of doing forensics on an entirely new network is considerable
Specializations
Systems Administration (usually internal, Systems / Network Administrator)IT Security
I'm totally biased, but this is a great place to start for just about any specialization
Audit (usually consulting, Security Auditor)Many specializations
PCI is huge!
Next steps for systems administration
Build a home lab (sound familiar?)Www.reddit.com/r/homelab
MSDN:AAWindows 7, Server 2003/2008/2012, build a domain, multiple users
Internships are fairly plentifulJunior sysadmin is a great position to learn in
Next steps for audit
Mix of sysadmin and project management, with lots of communication
Specializations
Management
Legal
These specializations are full of deep magic. Tread carefully.
(Or at the very least, I don't pretend to understand them)
Questions?
Email me at [email protected] Want more info on a specific specialization?
Want specific learning plans?
I'm happy to help!