By Jonathan Omansky, Senior Director, Development, Security Technology & Response Team
Symantec’s Jonathan Omansky provides a simple set of steps to launch a career in cyber security and to address the critical shortage of qualified cyber security professionals. Check out his first article on how to break into the cyber security field. This week he focuses on step two: research, learn, and assess—and most importantly, do work!
I was raised to know that education and hard work provide opportunities. If I didn’t know how to do something, I learned it through whatever means possible. If books or teachers weren’t available, I’d watch someone (or three people if need be) do a task and then emulate what I saw. I’d read up on a topic, try different ways of getting something done, and learn from my errors.
Let’s use learning how to build an automobile engine as an example. It’s a big job and what I quickly learned is that all big goals need to be broken up into smaller, more digestible chunks of learning. I also learned that I didn’t need to know how to construct the whole engine at first. Instead, I started by focusing on my needs at the time. For instance, I could start by learning how to change the oil or replace a spark plug, completing smaller tasks that allowed me to move forward towards my ultimate goal.
This approach is no different in security. It may seem daunting to learn how to code, to reverse engineer, or to construct a sound security architecture system. If you have interest and ability, the great thing about the security field is people are hiring even if you only currently know how to “change the oil”. Opportunities in cyber security exist at all levels, and now is the best time to jump in!
This brings me to my next bit of advice for those keen on entering our field. Below you’ll find six simple steps to launch a career in cyber security and in this article, I’ll cover the second step, research, learn, and assess, in detail.
- Define your career focus
- Research, learn, and assess
- Read and write
- Formulate a view of the attack
- Make friends, make lots of different friends
- Don’t be afraid to be wrong
#2. Research, learn, and assess
If you haven’t already selected an area of focus based on my previous blog recommendations, or are overwhelmed by the process of choosing an area, this approach might help.
Many of the interns I’ve mentored—from colleges, prep schools, retraining programs, and other learning institutions —came into their internships with no exposure to security at all. In these situations, the first thing we work on is finding an area of security that interests them. To do this, I give all interns a learning task, for example, reading up on the latest corporate hack or information leak.
You can find these examples using resources like RSS feeds or news aggregators and focusing your reading on all things cyber security. This is one of my favorite news feeds and Symantec’s own Security Response blog is a great place to start. Twitter is also an excellent resource for reading up on the latest cyber security news. Find a handful of well-known cyber security professionals (including yours truly @jomansky), follow them, and the add some of their followers.
From there I ask them to break down the technical aspects of the story, focusing on things like: why the topic is important; what the risks are and who is at risk; how to detect the threat; and how to protect against it. This process often helps students find topics they are excited to learn about, and provides me with an opportunity to shape their internships.
Once you’ve defined your focus, it’s up to you to dive in and learn to “change the oil”. Let’s use incident response (IR) as an example. There are a ton of books, blogs, videos, and other learning materials that provide the basic steps on responding to an incident. These tools vary in length and complexity, and once you’ve explored a handful you’ll begin to see a pattern. You’ll learn about IR fundamentals from the perspective of a CSO, a CISO, a junior analyst, a government worker, and more.
It’s also helpful to review articles about actual incidents across different business sectors. Reading the analyst’s view of a particular incident can help you learn what he or she did right or wrong, where technology played a role, and where it was a people or process breakdown. This should give you a sense of what responding to an incident looks like, and give you insight into how to correct specific problems from happening again.
Learning about IR strategies is a great first step. When paired with technical awareness of the tools an incident responder might use to do the job, many of which are free or have trial versions along with demos, you are on your way to your first career opportunity in cyber security.
After researching security areas, and learning all you can, I next suggest assessing where your knowledge gaps are, and filling them. Focusing on what you’re missing can help ensure you have the full range of knowledge on a topic and that you can speak to it when asked in an interview. Taking incident response as our example again, review the duties and expectations of a dozen incident responder-related jobs, to see where you still need to build skills. Focus on what you’re missing and how you plan to gain that knowledge. The information is out there; go get it!
Though we focused on only one particular category of the cyber security space, incident response, as our example, the approach is the same for all positions, even the more technically advanced roles. The tools and knowledge are available and the cyber security skills gap in today’s job market needs to be filled. It’s up to you to grab this information, learn it, and get your foot in the door.
Follow our CR in Action blog for more on how to launch a cyber security career. Interested in a career in cyber security? Learn more about the Symantec Cyber Career Connection(Symantec C3), which provides a mix of targeted classroom education, non-technical skills development, and cyber security internships to position students to fill in-demand cyber security