Getting Started in Cybersecurity

besides DC would like to thank all of our sponsors and a special thank you to all of our speakers volunteers and organizers for making 2018 a success I'm gonna be giving a talk and hopefully a discussion today about how to get started in cybersecurity this is a topic that we have anyone in this room we're the recruiters in here I'll probably reintroduce a few of their overall points that they brought up they had some good things especially in this the second part of that discussion with the recruiters I caught the last couple minutes of the guy who's talking about this admin into pen testing so I'm going to actually touch on a few of those sort

of similar ideas as well I will approach this both from a technical perspective which knowledge skills and abilities a little bit on the job perspective so all the answers but I'm always willing to try to take your questions and then afterwards if you want to touch base one-on-one I'm happy to contact you have phone calls provide some mentorship this is a little bit about Who I am I'm not here representing my federal agency because they require too long to get approval so I'm here representing myself so I work in the federal I've worked in national security and intelligence for 18 years they a little bit more than that on the cyber threat Intel analyst right now I've done a

variety of roles in the military and in DoD contracting until the positions I hold now all the certifications that you would love that with your resume I finally got a piece of paper from UMUC as well and this associate's degree that's enough for me and talk about that some more so everybody approaches this topic from different introductory levels so I'm focused on cyber security but that doesn't still really mean anything either which I will expand on in a moment but I mean information technology which is a whole huge other filled with initiator yes the two fields are often going to interact but they're not the same field either okay so just like you can have large pool of

expertise in each individual information technology career field you're gonna have the same thing in cybersecurity both of these fields are going to be intertwined forever until we destroy ourselves and live in the apocalypse so the other big important factor is that in cybersecurity it's a really diverse field as well so when someone tells me cybersecurity I want to work in cybersecurity that doesn't tell me anything that's like saying that I want to work in the medical field are you brain surgeon are you a nurse are you an EMT do you move that a medical billing that doesn't tell you anything cybersecurity I actually doing the cybersecurity great we need to be a lot more specific when

you are having one-on-one mentoring conversations with with someone about very specific things you should focus or study on are those specific skill sets there is a lot of ability to get started in the field but I highly recommend use and you're trying to narrow down the area of specialization because it is such a diverse field so those are sort of some of my initial introductory pour points when we're talking about somebody who's trying to pivot into cybersecurity from either an existing career field or maybe a new college graduate well so those are basically the two areas that we would see like the cybersecurity framework in the NIST cybersecurity framework they identified 52 specific cybersecurity work roles in this

framework so you can download the PDF there's actually a link in the slides in the notes section here but even within those 52 specific very detailed job roles they still don't cover any everything they still don't have something was identified as a pen tester and they really didn't have a cyber threat Intel analyst although they've just they've just revised it and there's one that's a little closer to that which is near and dear to my heart since that's what I do so so here this is why when you start to move down this field and you you do some some initiative self-studying on the types of cyber security Gobles so that when you ask other professionals for their advice we

can have a conversation that's most amenable to what it is that you're studying or where you think you may have an interest so that you can pursue that if you're interested in policy and risk and governance and compliance you know I don't you may not need to spend a lot of time with with any case in forensics tools but I won't know that unless you also have some sort of idea about what you think has piqued your interest and it's also important to know what it does not interest you which we will talk about as well so I like the cybersecurity framework and if you dig deep into the knowledge skills and abilities or KSA's of all of those roles

as well so it's a little there's a couple job holes in that and they're specifically focused more on the DoD and the military sides if you're not interested in that that's fine there's plenty of those novels are applicable across commercial sectors as well so so again if you're mentoring or you're looking for mentoring one on one it's better for me to have have an idea of what it is you either like or like and then we can continue to go down that road so that we're not having you tried to study everything so going back to the point of IT and cybersecurity being different job fields though pretty much everybody in a cyber security job

deal has to have that underlying knowledge the basic fundamental components and knowledge required for a general IT role so I have seen a lot of people try to jump in and tell me that they want to be a pen tester and they want to start taking CAH but they don't understand what a tcp/ip stack is they've never looked at it NetFlow or they've never opened Wireshark and they don't understand what a three-way handshake is so you have to have a basic fundamental understanding of the IT sort of traditional underlying mechanisms and components and technologies for most of the job roles that are in cybersecurity so there's gonna be a process if you're coming into this from a completely

non-technical career field you're switching from nursing or you used to sell insurance or whatever it was and this is all new for you we're gonna have to start at that fundamental level you have to really understand what IP addressing is and and if I talked about an added network that should you should automatically sort of start to know what that is before we worry about brute force passing and dictionary attacks on passwords so that's just sort of a level set because a lot of people come in and they have a lot of energy they want to do X Y or Z but what your background is in the existing the your existing knowledge base with

regards to IT this could be it could be a lengthy process depending on the amount of hours and time you have available to start studying in order to really dive into cybersecurity so I work for many years as a cybersecurity instructor and I'm not going to tell you a bunch of BS there is no quick way to become a cybersecurity expert anybody that tells you that is selling you a bill of goods that is false period so I guess I'm quoted on now on YouTube so it also does not require you to pay those vendors money to get started so it's a good thing I don't work in that field right now there's a lot of free

information which cost a lot less than the cybersecurity bootcamp so it's it's not you know I'm not saying that that's bad but there's clearly some limitations with this so background the types of information you would learn in an A+ or net plus class is the type of information that we need you to start with I'm not saying you have to go to those boot camps or classes but the books the all-in-one books that exists for that that's the level of information that's required it's sort of a baseline and then we can build you up from there depending on what specific area in cybersecurity you think sounds interesting or that you want to try to study so I will once you've had with the

slides that have a lot of links in here for all of these different resources there's a lot of really good information on YouTube there's a lot of people I recommend that you Paulo and again a lot of this is free cyber Ares are really good resources well there's some stuff it's not as good but for the most part a lot of this introductory IT and introductory cybersecurity courses on cyber a have been pretty good from what I've seen the other thing that's really critical is for anybody I'm just trying to get into here and and needs to do it faster you know you really need a career change is that hands-on technical skills in a

bootcamp the only exceptions I've ever heard of our sands and I'm still waiting to go to one because they're too expensive for anyone I've ever worked for so four days to get you to pass the exam and that's my focus as a cyber instructor so the training people that sold you the bootcamp may have told you a whole bunch of things that they're probably not gonna be reality when you step into that 40-hour boot camp and are getting ready to take a second class or net plus or CH class on a Friday and that's the truth I don't have time as an instructor to let you do the CH terrible ec-council labs anyway and I would

advise that you go do them at home where you can experiment so the this is the introductory portion the fundamentals right so a bunch of sites these ones are good they're all links you can get the slides that will make them available you can get my card afterward we'll make sure you have the slides and the whole point here is is there's not really a cost there's not a prohibitive cost for people to start studying this so some of the books may have a little bit of a cost but I'm saying you don't need to apply three or five thousand dollars for all these boot camps another thing is that depending on your background and

the way you learn might drive how you want to approach some of this initial learning so I know there's more than one College available that has online classes where the online semester-long class is a plus net plus set plus or CH so intimidated by trying to go into one of those boot camps anyway and you already decided you're gonna commit some amount of funding to study some of those semester long courses may be a better place for you you're gonna get more interaction with the other students you're probably gonna get more interaction with the with the instructor or professor the TA with that class as well and they're and they're gonna have a lot of resources for you like like on

the online college classes do so that's an alternative to boot camps I have been some camps that have been good and I've been in some really shitty boot camps so I'm just being honest with you is that it is really it can be hit or miss the same problem can be true for the college holders but at least you have that longer period of time to absorb the introductory material if this is really where you're gonna head as a career path so again people often want to know what did I do to whatever security or they want like one particular path this is really again where I would prefer to get to know you a little bit more and

mentor people one-on-one so hopefully you know all the way to mentor you on one-on-one I have other plans this week but I think it's really important for you to try to connect with other person now who can give you some advice even if it's only a five or ten minute phone call once in awhile you know hey look at this training site or do you have a good book where I can learn about you know the basics of hacking or something like that there are a lot of people in cybersecurity they don't think of themselves as mentors until you ask them to be a mentor okay so they just probably have never considered themselves a source of information but

even if they've only been working in the field for four or five years that might be someone who has enough information that you could leverage if you know them are becoming a lot more available so I didn't put any particular ones up here because they seem to change pretty regularly I know Harvard has quite a collection of MOOCs about a variety of subjects so again use your Google hacking skills and look at some of the other free resources in terms of MOOCs as well so that might be another resource besides Siberia or YouTube you might be able to find some really good MOOCs that are up-to-date that you can take which again are no cost so the point here is the self-study

experimentation and trial and error so I've entered a number of people that are afraid that they're going to do something bad welcome to IT and cybersecurity I have worked at least two boxes I've crashed stuff and broken things I try not to do it and in a lab environment at home where I'm learning that is absolutely part of the learning process you're going to obviously encounter situations where you have done something incorrectly and that's good because how else will you learn and that clearly wasn't the right thing to do so a lot of people are kind of hesitant to try this stuff in their home you know on their on their old laptop or and at the end that they have

set up but that's really the most critical so I can give you all of the resources and all the links and and and recommend that you read these books but for most cybersecurity jobs especially as a person new to this field it will be imperative that you have the confidence and understand you're probably going to break some things and learning wow you do hands-on skills in your home lab so I've also tried to mention some people who said well the only laptop I have is the one from work I mean again the bar the entry here is pretty low you can get a two or $300 laptop it can probably run at least two VNS so I mean if that's

really the bar is $300 then I don't have a perfect answer for you but most of the people in cybersecurity have many many old crappy laptops lying around that's the nature of people who really are interested in this field and it doesn't take a super-powerful computer to run at least one or two VMs depending on what it is that you're trying to do and this is you have to absolutely be able to make some V ends that is going to be a critical skill there's a lot of step by step sites that should explain pretty easily how you would set up the on a machine so that's definitely scalable everybody will need so that you

can practice and learn some of these things in your home lab so there's a couple beginner of the insights that I link to here again Google's your friend I mean I guess you could use Bing no I don't know anybody does so the other big portion of this is one don't be afraid to screw things up as you're learning right that's expected I'm gonna tell you right now that's expected and I'm not gonna make you learn the new skills so again as a mentor or somebody you know for cyber charter actually give you all kinds of resources you're gonna get access to all of my sites it might not all be up-to-date because I'm not

instructing anymore but it has you know tcp/ip fundamentals aren't training much it has all the a plus that Plus that Plus cast CISSP you'll get all my powerpoints all my deck so all my training resources it's free I don't care I need what people like you in the community so I'm giving it away for free don't tell et counsel but I can't you know you have to bring the initiative and desire and in the walk like you have to bring the hunger to this if this is what you're going to want to do so practicing hands-on skills is part of that desire like do you desire this enough that you're gonna set up a lab

and figure out how to make a V make the VM talk to each other right some of this is actually really critical disabled learning perspective as well try to get your VM a live internet connection that's a fun learning experience right that is not something that is necessarily going to be done and therefore 10 seconds of you figuring out how the ends work it's a little bit more complicated than that I'm also saved you're only a windows person and then stop that right now figure out one command line for Windows if you're still gonna be able to this person because Windows is a big part but you're absolutely gonna have to learn Linux to some degree maybe you have like

a Linux handbook right here fine but at least you can struggle your way through it like I would so that you can understand the operating system so you know the end how to set up a VM how to configure the end the basics of Linux and then windows in that these are all fundamental components of somebody that's gonna have enough knowledge about the underlying fundamentals to to move into a more technical cybersecurity role and the last line here is most people that you encounter in this field have this trait desire of personality of I will figure this thing out right and it is why some text messages from those people at 3:00 a.m. on Tuesday right

because most a lot because or I broke in this thing trying to fix this other thing have to figure out how to fix that so then my girlfriend's computer will work in the morning yeah also really good learning experience it's all part of the learning experience so you're gonna break some things it's not always going to go well and then this is the magical chart of how everyone in cyber knows everything according to my mom at least for me and that's called once again the Google chart of 1718 I have a set of friends I call at that point that's my opt out about 15 18 that absolutely did not work and the same is

true in a learning environment too right so you have some friends that work in IT or cybersecurity and they will obviously know that you're working and studying in this field so if you just call them up first they might not give you the answer and I hope they wouldn't I hope they're gonna ask me what did you try you know I know people I've mentored people who've gone through my classes I'm gonna ask them what they tried to do first answer you know call me back tomorrow after you try some more things or break something else because that is actually my opinion a really critical part of this learning process is to try to figure it out we'll

try to figure something out is also really critical because there's absolutely no way somebody in cybersecurity can know everything there's no way that's even remotely possible I have about three people or my shortlisted if I have any question I'll call them and then most of the time when I called honey he says I don't know I'll call you back so then he started to be a flowchart process on his own you know his level of knowledge which which exceeds mine in that particular area so and that's actually true work as well all right so even figure out the answer to whatever that situation is at work and then at some point if you start calling your colleagues and your friends

when you don't really know the answer you need some help and I think maybe we don't talk about that as much as a community as we should all right we go and we think everybody's a rock star or a unicorn or whatever your term is okay well there's a lot of rock stars that also like to be friends of the rock stars right so I don't know if that's a great analogy that's a band right so we should form the cybersecurity band all right so some people want to know more specifics during these types of a talk well again it really depends on what it is that you want to do in cybersecurity right which of these 52 types of dolls

do you want to do all right because if you want to go into forensics let's not talk about CMMI let's not talk about GRC because that's probably likely to say all right I know plenty of technical technical people hands-on who want to do handle on analysis maybe now our analysis you know pcap analysis some level of technical hands-on analysis and they absolutely don't want to do anything about policies and writing reports so there's plenty of space in this community for the skill sets you're going to bring so I also want to be clear on that so in my opinion if you want to do something more along lines of cyber analysis which is very broad all right these

might be some types of tools that you might want to look into to sort of understand what's happening some insist internals is very interesting as a suite of tools so if you're not familiar with that a lot of capability and analytic software that are part of the wind sysinternals and sometimes people find it's more comfortable because it's on Windows right so yeah not everything is solely on Linux either so yes you should eventually learn the Knicks and understand Linux it's important but you could start to you know see what else is going on on your Windows machine and network as well which you you know if this is brand-new do you maybe you're not really paying attention to you might

be interested in forensics a lot of the high-end forensics schools are expensive but there's a program called pocket tractor that's free I use that in a CTF so I used a number of these tools in cts and I went into that CTF with you know what a Windows computer so some of the CTS are using the tools that are actually available on the Windows platform so there's lots of different tools up here you know some some towards the end offensive in nature password crackers I'm just a big fan of malwarebytes everybody is always interested in sort of what av maybe a cybersecurity person runs on their Windows machines I don't have Windows machines anymore so but again this this

is knowing and exploration of some specific tools means running your life do some analysis on the traffic on the systems what ports are open on your system you know I think yeah that is very enlightening if you've never really looked at the open ports on systems before if you've never captured or used Wireshark and looked at the pcap and followed a TCP stream or reconstructed an unencrypted image that's kind of fascinating the first time that you do that because you're really understanding the underlying components that would be critical when we talked about all of the security things and security concerns that build on top of that fundamental knowledge so that helps you get to the first job if I

need the answer to this question a hundred percent I'd be good I'd have a Ferrari one what type of job so again this is all going to be some specific ly tailored and once you get to the point where you've narrowed down your field of study or narrowed down what you're actually gonna like try to apply for I say you can get somebody to pay for the same certification to the same certification I mean I'm just saying I used to tell people the certified ethical hacker would be the one certainty go get because the exams are really easy the exam is actually changing now so I'm calling you this closely so that may not be the answer

anymore but again feel free to talk to your friends who are taking these certs and see what their opinion is so it might be better to get a set plus that's the only exam I actually don't have I'm not certified as an SEC plus but local knowledge is going to be really critical so people say actually get searched they get college and everybody will have a different answer I think it's a combination so did confirm that they're spending six to ten seconds on your man so whatever you do have in terms of hard qualifications put that near the top of the resume right I have definitely seen people also who the fact that they are studying for a

certification if you want to do that I'm not gonna tell you not to it does it shows initiative just make sure you don't you have a certification that you don't have because I've encountered that guy and he was not hired so some other things you know hard skills that let you talk the talk so to speak when you're getting to the initial interviews or trying to talk to people at conferences like this where you have armbands to get jobs like packet analysis a much an intimate understanding of what your windows network is doing all right at a domain level do you understand group policy you understand the security concerns around that alright so between those was you

know we knew there was much more in depth than the average person who would use snore rules depending on again specifically which table you might be looking to get into again familiar with the EM we've talked about we got to understand Linux I would I would just say go ahead and you know get a Kali Linux ISO relied disk somewhere and figure all that out definitely side ability testing side you're gonna have to understand that destroyed is the primary tool that should be the first tool that you have your Windows XP VM with and then you can home a hacker right I hacked in the XP I mean I'll get you into the doctor's office any of all

the one security appliances yeah if you can get some experience or classroom education with spunk or anything like that it would be useful I'm digging the site that's a little bit more on the research side with virustotal there's a lot of really interesting things you can do in terms of research with that central office and I'll t go other tools like that any sort of the free vulnerability scanners if you've never belong to a vulnerability scanner but look at a free one and just scan your house and see what that looks like

sweet is another really interesting tool if this is totally new to you I think that's almost is enlightening to look at what's going on at the web it's almost as inviting to me it's Wireshark the first time you use a tool like burp suite but again if you're if you're researching this and you think you're going down a cyber security defense analyst type wall then I would run these tools in your life and start to be really familiar with them well how does that help you get a first job well I can't you have an independent researcher section on your resume there's no rules about resumes anymore I mean there are but nobody follows any of

them anyway so we have you know an independent research or somehow stated that you are studying certain things if you think that's going to be relevant to the job that you're trying to get in into so we'll come back to some job things in a minute that's the basics that's the basics in my opinion all the core IT knowledge is starting to understand cybersecurity and then there's all the stuff everybody wants to do which is going to be a pen tester because that's like the sexiest thing it's like the special office of cyber or something everybody wants to be a red teamer probably the most famous person so if you don't know who he is

they go google him get his book because again you're gonna just have a whole nother set of things to research if that's where you think your job career path lies right so in a lot of cases this would then be the next phase of your learning and educational process and this is also true even if you just want to be on the defensive side as the cyber threat Intel analyst I have to understand what the offense is doing in order to make in order to perform analysis and make recommendations so if I don't understand VPN filter malware I don't understand the newest zero-day or whatever is out there then it's really difficult for me to do my job as a cyber

threat intelligence analyst same for like a sock tr3 person if they don't understand what the offense is doing then they're probably doing themselves a disservice so even if you don't think that you're gonna end up as a red teamer or on the offensive side of cyber security I think understanding the offense will improve you dramatically is a defensive person and vice versa so if you focus on the offense in your red team or you really don't pay a lot of attention to the defense you were probably also doing yourself a disservice to some degree as well right so everything but these are some absolutely free tools so the you too can become a hacker of some variety

cybersecurity career paths I actually don't like this at all but I don't want to make my own chart so a lot of people are gonna come in here with some existing skills so maybe you're on the programming scripting side then mock something like that I think I've talked to a couple in terms interns in here that are in DevOps so that's great you're gonna come in with a technical understanding I'm not in Scripture in order to help me pass that class but if you have the propensity to be a programmer and scriptor it is very useful because then you understand how software works understanding how software works will be extremely valuable from most of the more technical

fields in cybersecurity right whether it's forensics offensive defensive whatever understand programming and that's the thing that you can get your arms wrapped around then by all means that will be invaluable to you but it also means that if that's not you're saying there's still a place for you in the cyber security job world okay so we have a lot of people who are better writing or presenting or managing teams and they hover will somewhere in the cyber security workforce so a lot of people want to know how first job my number one piece of advice if you can do it is take a shift job is a soft Tier one analyst because nobody wants to do that and the turnover

rate is very high which means always hiring for the nightshift rotational shift jobs in Sox or NOx so that's my number one piece of advice if you can do it I know everybody's you know personal or family situation does not allow for that with that in especially in this area that's probably the easiest entry-level job to actually try to get some hands-on experience and then when you leave in six months and your next report is like why do you even take a lot - you say shift job alright and you can everybody leaves after six months their whole career some people again what I call them the very technical people really like that day-to-day interaction with the data whether it's

forensics or pcap analysis or reversal or engineering or malware engineering or whatever it might be they really want that hands-on for in the code and there are people who will have a whole career like that at some point they might he made to manage somehow or some level but you they'll do their best to not become a manager that's what I have become a manager I manage a team of about 37 people right now so I do analysis like 20% of the time the people who are in management positions even technical management positions still need to have a technical level of understanding or else how else can you effectively manage this team that is telling you all the

technical information if you don't have a technical background many of us have worked for that person it is very difficult when the person that you answer to does not have a nod ground in the technical sphere and they probably should for that position so we can learn things from from previous jobs that hopefully help you some people wind up being like it's security there's people every six months make that decision not here and the bottom the pentester is like you know the corner boxed are there special forces or whatever you want to call them of cybersecurity that is a very demanding position as well so there are some things to keep in mind for your

life when you think about things you want to do in cybersecurity some of you might want to be an incident responder that's great I have no interest in being an incident responder ready to go for a whole three am that I'm flying to LA for the next week now that's enough with me now so there are some people who love that life I love to travel love it and want to be there on the ground in the action and there are some people were 9 to 5 or a 6 to 3 so they're cyber security job roles that align more with these lifestyles as well so we don't often talk about that ok so if you know these people who you know

likes a sort of like our 40 to 60 hours a week sometimes that's consistent then there are some things that probably aren't for you including pen testing and incident response and possibly forensics it depends on where you work right so there's a lot of things to keep in mind your whole career that was actually the point of this side is that you can take technical the whole career but we also do need managers at some level that understand technically what's happening is well in order to effectively manage the teams so a couple other bits of job and career advice came out business card whether they're funny or serious I mean maybe I'm really old now but I think

there's cards are still good especially if you're going to events like this which you are because you're here I think you know LinkedIn Twitter everybody has and their preferred social media options options I follow really interesting people on Twitter so some of them are legit hackers some of them seem to be semi-legit hackers and some of them are like industry leaders and have professionals either in DoD or defense contracting I get a lot of breaking news from hackers so I still think at least in this area for cybersecurity and the greater DC Washington quantico to southern Pennsylvania region it's about having an actual set of skills being networked in knowing people and then there being an opportunity that

is what happens with most of the time that I've seen for either myself or my close colleagues that work in this general cybersecurity world is that those three things line up so at some point that would be important even as you continue your career because we want good jobs not just nightshift top tier two positions right so having a successful career also requires work so I don't know that we talk about that very much either if you and you're interested in cyber threat intelligence you clean that that's what you're interested in and you've never heard not at you then I will give you my business card because you're not related to the area that you are interested in working

then I don't know that you really have a lot of true and it should have been desire to work in that particular realm right so that's just one of the things that I kind of focus on and you can talk and understand the lingo and clearly articulate with issues that are current in today's specific field that you want to work in that is very helpful and it will come across whether you're talking to other professionals at conferences or whether you're talking to that first recruiter it's trying to hire you definitely practice interviews definitely practice interviews this sounds dumb I don't care how amazing you are practice your interviews call someone ask you questions there is no

substitute for practicing an interview you won't get the talk about this there's only really about questions you're gonna get generally in the first interview they just come in 300 formats but I probably about yourself and what's your strength what's your weakness and essentially why I should hire you those are the big ones that you want to ace so even though you may be coming in as a as a new cybersecurity employee you may have a whole bunch of other skills that are really useful are you good at team working are you good at scheduling are you good organizing all those things are important as well hiring the person I'm not just hiring your technical skills I

get the fact you're really good at pentesting I also have to understand that you don't know I need you in the office at 9:00 a.m. also understanding the culture of where you're trying to work as well all right so I was a hacker that was his primary mentality in the truest sense of the word and he works six hours straight but sometimes we'd be like where is he today like we did the meeting and he'd be like oh I was sleeping because I had worked all night right so that always aligned with the team in the culture so again we're really hiring the whole person you know how do you come across or you articulate

are you're gonna be a good fit into the team those are all sorts of other traits that come across when you're interacting with other professionals and with that first with that first recruiter so yeah so you're gonna get hired no matter what but that's I don't I am NOT that person I don't think in there there are very few of them so you can also that person can also find themselves with with a name if you will I know one or two people that are on my do not hire list because of all those other things not because of their technical skills have some self-confidence nobody knows everything in this field so the other with understanding that everybody

doesn't know anything that you you're trying to get your first or second job in cybersecurity so I ask you a question don't know don't fake it just tell me you don't know the answer because it's worse if you tried to make some up and it comes across and that's not what I want to hear what I want to hear is I don't know the answer to that question but I would look here here to try to find the answer that's better than muddling your way through through it study what you enjoy I'm not a programmer I also found out I'm not a pen tester so I'm the cyber threat Intel person I guess they think

I'm doing all right find a mentor find a mentor your first job and they try to find a mentor that will be a mentor regardless of where you work so your mentor should not only work for your same company because you get important advice like it's time for you to look for another job but you're only gonna get that advice if your mentor is not at the company where you work with normally but that's important advice to know when it's time to move on as well from a particular career field so that's why you need mentors outside of your current organization are you guys all the slides I've got lots of lots of links in here more resources there's a

bunch of free stuff so I'm happy to take sort of any easy questions that you have yes highest paid jobs in cybersecurity TSS my full scope pen testers in this area next question that's the truth I don't have an easy answer on how you get a security clearance anymore it's very difficult if you have security clearance or polygraph related questions I will talk to you offline second-highest page either the next question go to beds like this this card or write your Linkedin on a napkin or go to trivia heads or you know all the open houses I used to work for a company that has like an Innovation Lab now in DC and they do event you gotta go

events either go to events a lot of people virtually connected as well depending on what it is I mean there's a lot of like slack channels and things like that that are out there so however you connect with people and connecting with people who've never thought of themselves as a mentor until you say hey I had a career question for you that I wanted to run by you right so again that would be my general advice any other questions no let's say oh we have yes

well for me I do I secretly do in the Army when I was 19 so yeah so that's how I got my clearance a lot of people I know get it clearance via the military it is possible to work through a clearance process as a contractor but it is difficult so I would say if you are in a position that is going to put you in for a public trust they take people who aren't cleared and then you hold a public trust and then eventually what you would want to do is try to look for somewhere is going to need somebody with the senior clearance and try to operate your public trust to secret which is

anywhere from a six to forever month process and then once you have a secret clearance you will do the same thing for 80's clearance which is hard to do because most of the tiers clearance positions right now in my experience are only taking someone who is cleared but there are exceptions to the rule so some of that involves we may know someone is leaving at a company so if you show interest we can start you on that TS clearance process to backfill them that is going to be a very unusual and rare circumstance a CI counterintelligence polygraph for a full-scale polygraph so you will then have to go through that process with the respective agency that

is either directly you for a federal position with it has contracted that out so there's no there's no easy answer right now hey that's a win hi yes I would say it's a similar process so the question is what advice if you're earning the federal government but not in cybersecurity I think it's a similar process be hesitant to go and USAJOBS and just apply for everything that did not work for me $378 applications from 2010 to 2016 so it's you know still a lot of who you know I don't think the process is necessarily any different because how else am I gonna how are people gonna discover you unless you go to all these events and work your professional

network and there may be different avenues for a Fed to do that as well and you can actually every agency is gonna be different I think it my agency my HR people would be pretty proactive to some degree that's obviously gonna vary according to your situation and agency but we know that there's not enough cybersecurity people in the Fed either so I don't know honey to people so I'll talk to you yes where do I see the roll headed we need more of us in select markets so that's actually pretty blob touchdown how many minutes I have left only a couple I got three minutes left so cybernetico this is not going to go away really only the

major big corporations are effectively using cyber threat intelligence the federal governments and state governments and other international and coalition allies are using cyber threat intelligence channels as well and I don't think that the cyber threat intelligence or cyber security role was going to go away I think it will continually change one of the things in particular is that there used to be a lot of focus on you know indicators of compromise with IP addresses I know the giving anybody IP addresses is really that useful as a much anymore because the apts turn over their infrastructure too quickly for the most sophisticated threats now malware IOC's are still really valuable because they've changed a little bit less but the role will just

continue to evolve and changes with that as with everything else so I don't see them going away at all I know the is trying to figure out what to call us because we are either o 132 s on the Fed which our intelligence analyst or twenty two tens which RIT neither which describe anything at my agency there's any more questions