Part 2: Cyber Security: Raising The Bar
In my last blog, I mentioned one of the easiest ways to start in the field of cyber. We mostly discussed not "Breaking In" but "Moving In". If you have not already done so, you can read that article here Previous Blog.
We will now transition to the skill bridge, we will attempt to unpack a few of the strategies and methodologies to acquire, retain, and apply the needed skills to excel and stand out amongst other job candidates. As one for a well-placed analogy, security is like an ocean, you are pretty much a scuba diver. You can have a goal to explore and see as much as possible, but there is only so much you can focus on seeing at one point in time. The analyst I see struggle the most are those that are trying to swim and see everything all at once, instead of focusing on a particular region, reef, or dive site.
What inevitably ends up happening is after months of swimming in random directions following the latest trends, advice, new "shiny" tool, or bootcamp. Your progress is minimal and you still can't pass a technical interview, an interview that will primarily focus on very few KEY responsibilities within the role.
I offer you three key areas of focus, and I will expand on each below. Now this sounded like an excellent way to make this memorable so just go with me for a second.
"How to do"
How do I learn best?
- Mentor? Bootcamp? Random Projects? Guided Learning? Books?
"What to do"
What to do that best facilitates retaining and recall of what I am learning.
- Training Others? CTF? Blogging?
"Have to do"
- Showcasing the skills, and techniques I am learning
How to Do:
Evaluating and understanding what type of learner are you is of the utmost importance. Not only regarding your career but also continued growth as a person. While there are several buckets and various research articles with different learning categories, we will choose to focus on the 7 types of learners as shown Here. The descriptions below are given from a cyber security viewpoint, so they fit into the theme of our multi-part series.
Visual - Best suited for imaged learning this can be a focus of infographic learning, cheatsheets, illustrated books, etc.
Kinaesthetic - Best suited to learn by doing, for us this would be a focus on "hands-on keyboard" activity.
Aural - Best suited for instructor lead training, this can be in person or via video on an online learning platform.
Social - Learning by "osmosis", study groups, focus groups, and team projects.
Solitary - Isolated focus learning, may work even better with a mix of Pomodoro.
Verbal - Visual learning without visuals, this can include audiobooks and audio-only podcasts.
Logical - Application of existing study or focused techniques, this can also briefly mix with a "guided" learning path. Guided learning regarding official coursework or singularly focused training.
What's even more intriguing is that you can embody a combination of any of the suggested categories. For instance, you might thrive in a collaborative environment but still prefer working independently within that context. Moreover, there are numerous other categories that you could potentially identify with, underscoring the importance of discovering your optimal learning style. I highly encourage you to explore and understand your preferred learning approach!
What to Do:
Now that you have identified how you learn, let's try and apply that knowledge. What to do? there are several ways to "test" yourself to ensure you fully understand the concepts, techniques, or tools you are learning. This can include online cyber CTFs, a blog reviewing the latest threats, or a new PR for one of your favorite open-source tools. There is no shortage of opportunities to challenge yourself in 2023.
The one promise you have to make is before you proceed to the next discipline make sure you understand that one you just completed. Cyber security benefits from compound learning, where one simple concept is needed as a foundation of understanding for an extremely layered and abstraction-ridden application of that same concept.
For example, understanding security groups, network firewalls, and nat gateways, within AWS. Is much easier if you understand some basic (OSI Layers) and advanced networking concepts (Routing, ACLs).
Have to do:
Our last bullet for this part is the "Have to do"! As a new analyst within cyber security, you still have to stand out amongst your peers. There still needs to be "something" that makes you different than the other hundreds if not thousands of applicants for a particular role.
Meeting, greeting, and creating links to others in your network is an absolute must! This can be done on Discord, Twitter, Slack, Linkedin, etc. Whatever platform or channel that is available to you, network as much as you can.
If you would like to see another blog focused on networking, let me know in the comments!
Show Your Work:
Lastly, showing your process as you are learning is indeed extremely important. Recalling the "What to do' section in this blog, any type of "applied learning" you are doing it is important to capture at a minimum the final draft.
What are you saying senpai?
If you are learning about "IaC" and have a small project to deploy a web server using Erraformm. You do not necessarily have to capture each iteration of your learning, but instead, capture your final product and present that work to anyone that has a moment to review it.
As a hiring manager hunting for possible candidates if I can find your Linkedin profile, see a GitHub link of your practicing and displaying the skills I am hiring for. I can send this link to an internal team member and have them review it. We can learn where you are, where you are headed, and what quality of work you can currently produce. All of this can be done without a single word being spoken to you directly.
For example, if your focus is to become a tier 1 soc analyst, it would be great if my internal team can review your GitHub repo analyzing several phishing links, with an included report on the who, what, when, where, why, and how in regards to that phishing link. Having a repo with several phishing link reviews, a few malware analysis examples, and reports showing your understanding of log analysis, scripting, etc... would make you easily stand out amongst the crowd. We are excluding the basics like a well-written and formatted resume, as that is required for any role at all times.
Additionally, showcasing your work has a compounding effect, as it opens up opportunities for collaboration and knowledge-sharing. By sharing your work, you not only invite others to contribute their expertise and support, but you also become a valuable resource for fellow aspiring analysts.
I will be back soon to finish up the series! thanks for reading so far!