Getting Into Infosec

DEFCON 2023

Hey folks, I'll be at DEF CON in Vegas this year! Would love to see you all there!Jack's Parties: https://twitter.com/JackRhysider/status/1686785376327987200Checkout Miscreants at the Vendor Area: https://www.miscreants.com/yFDrTl54ZSu3KAmLWbmiMentioned in this episode:Stay In Touch

Rana Khalil - From Cryptography to Pentester!

Journey into Cybersecurity and OSCP Certification with Rana KhalilThis episode features Rana Khalil, a Senior Cybersecurity Assessment Analyst with a rich background in pen-testing, especially in the financial sector. Rana shares her non-traditional entry into technology, starting with a dislike for her first laptop and phone, transitioning from biochemistry to a math degree, and eventually finding a passion in computer science, leading her to cryptography and cybersecurity. Her academic journey includes significant work in cryptography, under the tutelage of Carlisle Adams, and a master’s project on web application vulnerability scanners. Rana discusses her motivation and relentless pursuit of the OSCP certification, highlighting the importance of hands-on experience, teaching, and documenting the learning process through write-ups. She also conveys the value of previous experience in related fields, the significance of specializing and pacing in learning, and shares insights into her career progression, including valuable advice for people aspiring to enter the cybersecurity field.00:00 Introduction and Guest Background01:47 Rana's Journey into Cybersecurity02:45 Rana's Early Interest in Mathematics and Cryptography05:47 Transition into Computer Science and Web Security10:52 Master's Research on Web Application Vulnerability Scanners13:02 First Security Job and the Impact of Public Speaking15:11 Journey to the OSCP Certification17:36 The Value of Self-Study and Accountability18:53 Reflections on the OSCP Experience20:59 Understanding the OCP Exam21:13 The Importance of Lab Time22:18 The Value of Documenting Your Journey22:49 Introduction to the OSWE Certification25:07 The Role of Experience in Security25:16 The Life of a Security Professional25:25 The Importance of Specialization in Security26:24 The Value of Previous Experience in Security29:55 The Challenges and Rewards of Pen Testing30:43 The Balance of Work and Personal Time in Security34:58 The Importance of Focusing on One Area in Security37:07 The Importance of Understanding Source Code38:11 Final Thoughts and AdviceThank you for listening!Mentioned in this episode:Stay In Touch

Norman Weekes— From Contractor To Security Ops Analyst

Norman Weekes is on the Security Operations Team at Salesforce. He is in charge of scanning their infrastructure and ensuring that everything is set up and operating properly.Norman already spent almost a year in the information security world. This is also his first official full-time security job. After going through different job contracts, he believes that if everything's shut down early, there's no reason not to just get in a good routine and go after whatever certification or whatever job you want. This episode will undoubtedly inspire and assist job contractors who are considering a career in the information security world.LINKSLinkedin: https://www.linkedin.com/in/normanjr/Security and Privacy Framework: iapp.orgFull Show Notes: https://www.gettingintoinfosec.com/Mentioned in this episode:Stay In Touch

Niru Ragupathy - From Almost Biotech to QA to Google Security Lead

Niru Ragupathy is a Security Engineer at Google and works as the Offensive Security Lead and manages part of the Offensive Security Team. She is currently the Tech Lead Manager. Niru sees managing as a challenging, interesting ride yet undervalued skill. She also considers it rewarding although it demands the investment of both time and effort. She believes that it is important to start leading and take things slowly but not take the decision lightly. Having planned on taking Biotech in College but being persuaded by her parents, she was thrust to take on Computer Sciences since it has greater demands in society. In the face of her struggles, Niru has found her sense of belongingness in security management. This episode will surely encourage and benefit Engineers who struggle in transitioning on management. LINKSLinkedin: linkedin.com/in/niru-ragupathy-99078233Mentioned in this episode:Stay In Touch

John Gates - From Car Mechanic to Lead IT Security Analyst

John Gates is a Lead IT Security Operations Analyst for a global food brand. John has always liked to know how do things work - and that has proven to be a beneficial trait - from his first job as a car mechanic to IT consultancy and education to his current role. He’s also an advisor and former board member at OpsecEdu, an organization educating technologists in state, local, and education agencies on security best practices. LINKS Linkedin: https://www.linkedin.com/in/johngates/ OpsecEdu: https://www.opsecedu.com/ Intro Music: https://trash80.com/#/content/133/weeklybeats-2012-week5 Full Show Notes: https://www.gettingintoinfosec.com/john-gates-from-car-mechanic-to-lead-security-analyst/See omnystudio.com/listener for privacy information.Mentioned in this episode:Stay In Touch