How did you get started in cyber security and with SANS training?
A former co-worker called me in 2013 and encouraged me to interview for an information security analyst job in a Security Operations Center (SOC), even though I had no previous security experience. I hopped on a plane and thought I was crazy to be flying to an interview for a role I had little experience in, but the interview went well, and I was hired.
I knew very quickly that information security was the career for me because it demands almost constant analysis. As I steadily moved up the ranks, an observant and kind manager asked me where I wanted to take my career. I really hadn’t realized I was building a career at that point because I was still working towards my master’s degree in international relations. We talked about some interesting information security career options and decided that pen testing would be a great path for me.
My manager gave me the opportunity to take SANS course SEC560: Network Penetration Testing and Ethical Hacking in the OnDemand format. I soaked in as much information as possible and loved the experience. It was my first technical course, so I was in a constant state of child-like wonder diving into network protocols and pen testing processes. After I passed my GIAC exam and earned the GPEN certification, a job opened up for a penetration tester. I stood out from the other applicants because I had the GPEN. I have been a pen tester now for more than three years.
My team has downsized and re-expanded over the last couple of years, but because of my SANS training I feel that I’ve been well equipped to pull a lot of the weight in our pen testing program, even when there hasn’t been a lot of direction or supervision.
What cyber security challenges does your organization face?
The same challenges that I think many large organizations struggle with: legacy systems, prioritizing risk among all the potential good to be done, and integrating security into as many of the day-to-day business workflows as possible.
Can you give an example of things you’ve learned in SANS courses that you were able to apply directly to your job?
I’ve been able to use the tools, processes, and methodologies taught in my SANS training on a daily basis. SANS training also helped me become comfortable with the command line and led me to learn binary and hexadecimal, which frequently come in handy when analyzing packets, considering the operational security of an engagement, and performing various other job functions.
Do you have plans to take more SANS courses and pursue additional certifications? If so, which ones and why?
Yes, I’m currently in the SANS Technology Institute’s Master of Science in Information Security Engineering program and will be taking more courses to complete my graduate degree requirements. My next course will be FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics, which will give me additional insight into forensics and provide a different perspective on the pen testing work I do. It will also allow me to effectively communicate with other security departments and potentially open additional doors for my career.
How do you recommend others select SANS training and GIAC certifications for their career paths?
Start by looking for courses on topics in the security discipline you currently work in. Visit the course description page to see what the course goals are, and use that information to communicate the value of that training when seeking approval from management.
Consider online SANS training to save money on travel. Whether I’m at a live event or taking a course online, I feel confident that I’m studying the most relevant materials and getting a solid understanding of the topics covered. I’ve left every SANS course I’ve ever attended with ideas I could apply in my daily work.
Finally, looking over SANS posters can help you brainstorm future career paths, even if you don’t know exactly what you want to do right now.
Completed SANS Courses
- SEC401: Security Essentials Bootcamp Style
- SEC503: Intrusion Detection In-Depth
- SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
- SEC560: Network Penetration Testing and Ethical Hacking
- SEC566: Implementing and Auditing the Critical Security Controls - In-Depth
- SEC573: Automating Information Security with Python
- SEC617: Wireless Penetration Testing and Ethical Hacking
- SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques
- MGT433: SANS Security Awareness: How to Build, Maintain, and Measure a Mature Awareness Program
- MGT525: IT Project Management, Effective Communication, and PMP® Exam Prep
- FOR508: FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics