What made you want to work in computer security?
I've heard good things about this industry but i'm not sold on it being the one I pursue. Can you tell me about what made you decide to go into this industry? #technology #cyber-security #computer-security
I had a passion around technology and saw an urgent need around cyber security.
Working in a security company we know we are doing good things for consumers / enterprises and governments alike. I love what my company stands for and this industry is under unprecedented attack which can only mean we are required by more people than ever before.
Ethically/Morally and sense of longevity have all led me to Symantec.
Good luck with your career.
For me it was a combination of the following:
1. A love of all things technology, especially computers
2. The excitement of being a "detective", finding the bad guys, and using my attention to detail and ability to see what doesn't make sense
3. The natural narrative of good guys vs bad guys
4. The job growth, in terms of opportunity and compensation
5. Seeing results of my actions, specifically signatures and rules to catch bad things
6. The constant change - there's no time to be bored or uninterested with how quickly the field moves
The field has a lot to offer. It's definitely not for everybody, but don't be afraid to give it a try.
I came into Cyber Security by chance. It's an area where there is a lot of demand and because technology is constantly changing I have to keep up to date, with how secure the new technology is and where the gaps are and how to help reduce risk from attacks or exploitation of vulnerabilities in systems. So, a part of my work is problem solving. Another part is ensuring that once we've decided how to protect a particular system that everyone involved knows what they need to do, so writing policies, standards and procedures is a part of my job. Naturally, where there are rules there needs to be some monitoring of activities to ensure that rules are complied with. I am therefore also an Auditor. Compliance is the part that relates to Standards or Best Practices that you been put out by organisations such as the International Standards Organisation (ISO) or Payment Card Industry Security Standards Council (PCI SSC), who provide guidance and controls on how to secure systems and networks. So, another part of my job is to help organisations become compliant with standards such as those mentioned above. When I started in Cyber Security there wasn't a university that thought the subject, but nowadays there are Information Security degrees. It might be of interest for you to know that there are many different roles within Cyber Security. For example, I work as a Governance, Risk and Compliance (GRC) Consultant, but there are people who specialise in Penetration Testing, Risk Analysis, Network Security, Payment Card systems security, application security, Server security, Anti-virus development, Security Operations Centre (systems monitoring), Incident Management, Business Continuity, Encryption, Information Management, and many more aspects of data security.
Since a young age I've always loved hacking into things. Moving into computer security allowed me to use this great power for helping people and having an awesome team of people to work with!
You'll always find something to do in computer security.
For me, it was the promise that I'd never run out of problems to address or skills to learn. Information security is incredibly dynamic and diverse. While the high-level goals are largely consistent, there are seemingly infinite number of ways to approach that. In other words, you can be into applications, infrastructure, databases, embedded systems, etc, and still be able to find a place to make a security career related to that passion. It's also an industry that has an extraordinary need for more people. The supply and demand curve is still strongly on the side of 'demand,' and this is likely to continue for some time.
For me, its mainly the continuously changing environment that challenges with new things almost every day. To keep up I need to keep learning, reading and exchanging experiences with several people in the same field.
Mini recommends the following next steps:
Hottest space to be in - Cyber Security crosses many industries and provides visibility into some of the most challenging threats to our economy and overall safety...being apart of the solution is very exciting!
Being in the computer industry means that you are on the cutting edge of technology and can learn about the latest and greatest innovation
Integrity. I want to bring safety & trust to the wild west of cybersecurity. I tell folks I have two primary skills: Bridging & Translating. I want to bridge the engineering world to the compliance standards, to the operations environment while translating their concerns across the board. I like system security (engineering, operations, architecture, compliance) to be an everyone-focus event. At the end of the day, I get a good feeling knowing I made a difference. Be well, Liz
High growth, high demand, fast evolving, board level importance and most importantly be part of the best mission in technology...protecting clients and consumers from the bad guys.
I started my career in banking after I graduated from college with a four-year degree in Business/Finance. After a few years, I found it boring. During this same time, my brother worked in the IT industry and he was always challenged. As you are aware, technology is always changing. This change brings an exciting and dynamic environment. I wanted to be part of this environment where you need to keep up to speed with the latest in technology. I do admit, I have an affinity for taking things apart to see how they work. I taught myself how to build a computer and network them in my parent’s basement.
I changed my career from banking into the IT industry and eventually focused on the Cyber Security field. After working for some small companies in the IT industry, I obtained a position within a large company where I focused on network security and analyzed the risk of various network designs. I found this so interesting since I feel it is the most dynamic branch of information technology.
If you like a field where change is constant, then computer security is for you.
Another benefit to this industry is that it encompasses many job functions. You may desire to be on the front line of a Security Operations Center (SOC) or perhaps you find Cyber Security industry standards interesting. Project management is another option. The point I am trying to make here is that the field of Cyber Security is vast which makes the positions within it just as interesting and exciting.
Good luck with your future!
Terry W.’s Answer
Later on I started building and upgrading computers which allowed me an even further insight into what makes a computer. And then came the internet. That was a whole new world. How do computers talk to each other? Can I control computers over the internet? Can others control mine? A lot of questions, but learning about how different protocols worked helped me answer my own questions. It also raised questions about security. If viruses can spread on local networks, can it be spread through the internet? Yes, so I better protect my computer. A popular antivirus and an endpoint firewall application for Windows kicked off my interest in cybersecurity.
BlackICE and ZoneAlarm were fascinating pieces of software that allowed me to see what type of abnormal traffic was coming and going from my computer. At this point, I was more fascinated with the alerts than actually doing anything else on the internet. I went to GRC's Shields Up website to have it run a scan on my computer so I could see the alerts pop up and what they said. Port scans, netbios intrusions, ICMP packets blocked, etc. Well now I want to be able to craft abnormal packets, so I start playing with Packet Crafter. I set various flags to see what my firewall apps would respond with. This escalated to learning about vulnerabilities in common network traffic protocols. My online friends and I would test our new found knowledge and get excited to see what would work and what wouldn't. What would trigger alerts and what would skate by undetected. This is where my fascination with cybersecurity would lead me to a career that I love.
So if you're interested in how computers and networks work, how they are exploited and how it's always a cat-and-mouse game, digging into logs and alerts to find unexpected and suspicious traffic and what's going on, you'll most likely enjoy a career in cybersecurity.
I worked as a Product Manager at a Security Software and Compliance company for almost 8 years. As a Product Manager, my job was to arm computer security professionals with the tools they needed to do their jobs. There were a number of things that attracted me to working in computer security:
- It's a dynamic and fast-changing part of the computer industry. As fast as yo come up with a solution, someone else has come up with a different way to attack the system. All of the hottest technologies come into play: Cloud, DevOps (SecOps), AI, machine learning, etc. Check out vendors such as Tripwire, Qualys, McAfee, IBM, Symantec, Splunk, etc.
- The customers I worked with (typically security and compliance analysts) are good people all fighting the good fight to keep our data safe and secure against all kinds of threats out there from a variety of bad actors that are seeking to profit off that data, looking to do damage to critical resources such as the energy grid or just disrupt companies and industries.
- It prepared me with the core skills and technical background to be able to work in other parts of the computer software industry.
Ted recommends the following next steps:
This space is always evolving. What you knew a few years ago may not be relevant today. The field always keeps you on your toes and challenges you to learn new concepts and apply them to your everyday responsibilities at outside of work and inside as well. I don't know about you but this paradigm is always one I sought out for myself. I didn't want to enter into a field where I would find myself questioning what else, what next. There is also the aspect that you are helping protect individuals and businesses from the risks of doing busine