Week 1: Cybersecurity Careers

[MUSIC] Welcome to this course on
cybersecurity careers. There’s currently a tremendous shortage
of cybersecurity skills in the workforce, leading to high demand for
cybersecurity roles. There’s never been a better time to
launch a career in cybersecurity. This course offers a look into
the expanding field of cybersecurity. It’s designed to empower students with
the knowledge required to find and secure a career in the industry. This course provides an overview of
the different career paths available in cybersecurity. You’ll learn about careers at various
levels in the following modules, module 1, cybersecurity Careers. Module 2, cybersecurity skills,
module 3, cybersecurity certifications, and module 4, course summary and
final assessment. Module 1 will start with the demand and
need for cybersecurity professionals and how aspirants can enter the field. You’ll learn the different training
options that are available for starting a career in cybersecurity. The succeeding lessons will cover the
different roles and responsibilities of entry level, mid level, and advanced
level cybersecurity professionals. In addition, you’ll learn the range
of salaries awarded to the roles at the different levels of
cybersecurity careers. Experts will share their views
on the cybersecurity field, a hands-on activity will explore
the different career paths. Module 2 will begin with the importance
of IT fundamental technical skills in cybersecurity. It’ll also describe each IT technical
skill you require as a cybersecurity professional. The next lesson will cover
cybersecurity technical skills and some related facts about each skill. You’ll next learn the importance
of soft skills and why each is necessary in cybersecurity. Experts will share their
viewpoints on different skills. Finally, you’ll learn the skills mapping
to each job role in cybersecurity. Module 3 will start with the benefits
of cybersecurity certifications. It will give some cybersecurity
certification facts. Then you’ll learn about the important
certifications for different cybersecurity roles under main heads such as CompTIA,
ISC2, and other certifications. You’ll also discover the factors to
consider while preparing for the exam and how to schedule and take the exam. In addition, experts will share
the benefits of certifications and how to take the exam. And module 4, this module will
start with the course summary and a cumulative glossary. You will also take a final assessment
followed by a course wrap-up. Experts will give you tips for
a cybersecurity career. Finally, there is an honors project
on cybersecurity career research. Next, meet your cybersecurity experts who
will share their names and current roles. Throughout this course, these experts
will share their experiences and valuable insights. Hi,
my name is Jason Flood, I work at IBM. I have about 15 years experience with IBM. I’m currently the CTO in
the Cybersecurity Division. My qualifications are I have a degree in
Applied Science, I have a Master’s in Security and Forensics, and
I have a PhD in Cybersecurity. My name is Dee Dee, and I started working in the IT security
field for about 20 years ago. I am presently working as
a cybersecurity consultant. My name is Ciara, and
I’m a front-end developer for IBM. I’ve been working with IBM for
just over one year now. I initially worked with them when I was in
college on a placement for nine months. I then came back in a full
time role last year. I began in automation and manual testing before moving into
the front-end role that I’m in now. My name is Jeff Crume,
I’m a Distinguished Engineer with IBM, been with the company for 40 years,
and I also serve as CTO for IBM Security Tech Sales in the Americas. In my day job,
I’m working as a cybersecurity architect, working with clients to try to figure
out where their security gaps are and where we can help them plug those gaps. I’m also a certified
Information Systems Security Professional, CISSP, I have a PhD in cybersecurity. And on the side, I’m an adjunct professor
at North Carolina State University. So
my name is Pieter Ampe, I’m with IBM. I’m part of the expert labs team. I’m the worldwide leader for Threat Management team is implementing IBM
threat management software at customers. And we support them with strategy,
with escalations, and also make sure the customer
gets the right solution. I am with IBM for, I think around 17
years, so that’s almost all of my career. And I’m in security since security
was founded in IBM, actually. So that’s around ten years now,
more or less. So I’ve been always been in IBM security, started as a junior specialist,
moved into a senior specialist, and then I had all kinds of leadership
roles within the security organization. So my name is Jagpreet, I started my career in 2009
as a cybersecurity analyst. After that I worked in a company called
Mercedes Benz as a senior developer, and right now I’m working in
a fintech as a Data Security Manager. In the past, I was learning to
deploy different technologies, but now I’m managing a team of five people, which is helping me to deploy the same
technology, which I learned in the past. As a passion, I do teach in college
cybersecurity courses over weekends. So
there’s a lot to cover here, to get the most from this course,
complete viewing each video, complete all hands-on activities, and
check your learning with each quiz. We’re very happy to have you with
us as you start your cybersecurity career journey. If you have any trouble with
any of the course material, please don’t hesitate to contact
us in the discussion forum. Let’s get started. Good luck. [MUSIC]

Welcome to the Overview of Cybersecurity Specialist
Professional Certificate. In today’s digital age, cybersecurity skills
are in high demand as businesses strive to protect the security of their
infrastructure, network applications, and data. The IBM cybersecurity specialist professional certificate
will prepare you with the in-demand skills necessary for entry-level cybersecurity
specialist opportunities. This professional
certificate, PC, requires no prior IT, cybersecurity, or
programming background, and is suitable for those with or without a
college degree. It will equip you to understand cybersecurity’s
fundamental concepts, processes, tools,
and strategies. Throughout the courses, many
practical hands on labs and exercises enable you to demonstrate your skills
to potential employers. In addition to becoming
fully prepared for an entry-level
cybersecurity role, this program will help you prepare for cybersecurity
certifications such as the Certified in
Cybersecurity CC from ISC2. The professional
certificate also partially covers
content that will help the Systems Security Certified practitioner SSCP from ISC2. The cybersecurity specialist
professional certificate consists of 12 courses. In the first course,
you’ll be introduced to career options
in cybersecurity, and introduction to
cybersecurity careers. Next you’ll become familiar with IT and Cloud fundamentals. Courses 2-6 will also prepare
you for the Comp TIA, ITF plus certification exam. Introduction to hardware
and operating systems, introduction to software
programming and databases, introduction to
networking and storage, introduction to Cloud computing, introduction to
cybersecurity essentials. Then you’ll move on to ISC2 certified
cybersecurity courses, security principles, incident response
BC, and DR concepts, access control concepts, network security,
security operations. The course will conclude with
a capstone project where you’ll apply and demonstrate all you have learned
throughout the program. Cybersecurity capstone. Each topic corresponds to an online course you can
complete independently. Each course consists of
three to six modules. Completing courses
covering different topics, and the required
projects will earn you the IBM cybersecurity specialist professional
certificate. You commence your cybersecurity
professional journey with an overview of the
available career options. The introduction to
cybersecurity careers course is designed to give you the knowledge to find and secure the right information
security (Info Sec) career. You will also become
familiar with the most recognized
certifications in the field provided by
organizations such as Comptia, ISC2 like A+, and CISSP, and so on. Hardware and
operating systems are the next topics in this
professional certificate. This beginner-level
course provides the core hardware and
operating system knowledge needed by anyone new to
IT and computer hardware, who wants to start a new
career in technology, including IT
support, networking, cybersecurity, and
software development. The next course covers
the basics of software, Cloud computing, web browsers, application
development concepts, programming languages, and
database fundamentals. After completing this course, you’ll better grasp
software processes and feel more confident using and
securing applications, networking and storage are an essential part of
cybersecurity skills. Enhance your basic knowledge, and learn about network types, cables, topologies, and models. You’ll understand how data
travels across the network and discover how protocols and standards enable all
network activity, diagnose and troubleshoot
network connectivity issues, and discover how to use command line utilities and network tools in
Windows settings. Essential characteristics
of Cloud computing and emerging technologies
supported by the Cloud are also a part of the professional certificate. You’ll explore Cloud
service models including infrastructure as
a service, IaaS, platform as a service PaaS, software as a service SaaS, and public, private, and
hybrid deployment models. Fundamental cybersecurity
skills are crucial for anyone using computing devices and connecting to the internet. A cybersecurity
professional must recognize common security threats and risks that individuals and
organizations may face, such as theft, tampering, and destruction of
sensitive information. In this course, you’ll discover
the characteristics of cyber attacks and
learn how you can employ best practices
to guard against them. Start with the
security principles of information assurance as part of ISC2 certified
cybersecurity courses. The concepts include risk
management, security controls, policies, procedures, standards,
regulations, and laws. As a cybersecurity professional, you need to understand how
organizations respond to, recover from, and continue to operate during
unplanned disruptions. Three distinct plans are
vital to the survival of any organization that the
ISC2 specialization covers. Incident response, IR,
business continuity, BC, and disaster
recovery, DR concepts. The ISC2 specialization also covers who gets access to what, why access is necessary, and how that access is managed. You’ll learn both physical
and logical controls and how they’re combined to strengthen the overall security
of an organization. Securing the computer
network is also part of the ISC2 specialization. Network security itself can be a specialty career
within cybersecurity. You must understand the
network concepts and models common network
threats and cyberattacks, and the network security
infrastructure. Finally, in the specialization, you need to learn
the day-to-day, moment-by-moment active use
of the security controls, and risk mitigation strategies an organization has in place. You’ll explore ways to secure the data and systems they
reside on and how to encourage secure
practices among people who interact with the
data and systems daily. The capstone project
is where you’ll apply all the skills
learned as part of the PC. This project will
be a good addition to your portfolio and take you close to the cybersecurity specialist professional
certificate. As you review the content, you’ll be presented
with quizzes and projects to evaluate
your learning. The graded quizzes carry a weightage that contributes
to the course completion. Most projects will be peer graded and carry a
certain weightage contributing to the
course professional certificate completion
requirement. Finally, after you’ve completed all the content successfully, you’ll be awarded the IBM cybersecurity specialist
professional certificate, a credential valued
by many employers. We wish you the very best and hope you enjoy this journey.

Tutorial: Why Cybersecurity: A Rewarding Career Path in the Digital Age

Welcome to the exciting world of cybersecurity! This tutorial will delve into why it’s a thriving field and how you can become part of it.

Part 1: Understanding the Need for Cybersecurity

• The Digital Shield: Imagine the internet as a vast landscape, filled with valuable information and systems. Cybersecurity acts as the shield, protecting them from malicious actors who aim to steal, disrupt, or damage them.
• Constant Threats: Cyber threats are constantly evolving, ranging from ransomware attacks that lock you out of your data to phishing scams that trick you into revealing sensitive information.
• Why We Need Professionals: The increasing complexity of these threats demands skilled professionals who can identify vulnerabilities, build defenses, and respond to incidents effectively.

Part 2: Exploring Diverse Career Options

• Beyond the Stereotype: Cybersecurity isn’t just about hackers in dark rooms. It offers a wide range of roles, each playing a crucial part in the defense system:
  • Security Analyst: Detects and analyzes potential weaknesses in systems and networks.
  • Cryptographer: Develops and implements encryption techniques to safeguard sensitive data.
  • Ethical Hacker: Uses hacking skills to identify vulnerabilities before attackers do.
  • Cybercrime Analyst: Investigates and analyzes cybercrimes to bring perpetrators to justice.
  • Cybersecurity Engineer: Designs and builds secure systems and networks.
  • Information Security Specialist: Implements and manages security policies and procedures.

Part 3: The Booming Job Market and Rewarding Benefits

• High Demand, Great Salaries: The demand for cybersecurity professionals is skyrocketing due to the ever-growing threat landscape. This translates to competitive salaries and ample job opportunities.
• Intellectual Challenge: The field constantly evolves, requiring continuous learning and problem-solving, keeping your mind sharp and engaged.
• Making a Difference: By securing our digital world, you contribute to protecting individuals, businesses, and critical infrastructure, making a real impact on society.

Part 4: Getting Started in Your Cybersecurity Journey

• Education and Training: Consider pursuing relevant degrees, certifications, or bootcamps to gain the necessary technical skills and knowledge.
• Start Early: Even high school students can start exploring cybersecurity through online courses, clubs, or competitions.
• Build Your Network: Connect with professionals in the field through online communities, conferences, or internships to gain insights and expand your network.

Remember: Cybersecurity is a dynamic and rewarding field with immense potential for growth. If you’re passionate about technology, security, and making a difference, this path might be the perfect fit for you!

Bonus Tip: Explore specific areas within cybersecurity that align with your interests, such as cloud security, mobile security, or incident response.

[MUSIC] Welcome to Why Cybersecurity. After watching this video, you’ll be able to list the available
options as a cybersecurity professional. Explain the need for cybersecurity. Describe the demand for
a cybersecurity professional. In the digital age, cybersecurity has
become an essential consideration for everyone. Cybersecurity is the shield that
protects our information and systems from malicious cyber threats. Security professionals face challenges
daily in the form of new threats which they must decipher and find solutions. As a cybersecurity professional,
you could be a security analyst spotting vulnerability, a cryptographer
encrypting sensitive information or an ethical hacker mimicking the strategies
of attackers to fortifiy defenses. Many businesses from finance and
healthcare to retail and manufacturing require
cybersecurity professionals. For example, the financial industry
requires the following professionals: A cyber analyst to ensure and
maintain the protection, and integrity of sensitive financial data,
and transactions. A cybercrime analyst to scrutinize and probe cybercrimes within
the finance sector. A cybersecurity engineer to collaborate
with finance teams to provide technical assistance and support for
setting up critical systems and networks. An information security specialist
to secure financial information and implement security protocols to
protect against cyber threats. Cybersecurity as a profession brings
corresponding financial rewards and associated responsibilities. The salaries of cybersecurity
professionals are competitive considering the importance of these
roles in the digital world. This role alone is responsible for keeping
up to date with the latest technology to safeguard an organization’s
digital assets. A projection by the US Bureau
of Labor Statistics shows the employment opportunities for
cybersecurity analysts are expected to grow 35% 2031 faster than
all average occupations. In recent years, there has been
an increase in the incidence and complexity of cyber threats. Individuals who indulge in cybercrime
continually explore new methods and means of conducting their
malicious intentions. The cyber threats have become more
intense from ransomware attacks that lock businesses out of their systems until
a ransom is paid to phishing scams that trick individuals into revealing
sensitive information. This flood of cybersecurity
threats highlights the need for committed professionals in the field. With the surge in digitization
of all businesses, there’s an increase in awareness for
securing consumer data. Consumers have become cautious against
potential risks linked to digital transactions. Also with the rise in data sharing,
consumers realize the value of privacy and data security. Businesses strive to earn and
maintain consumer trust. Thus, consumer demand for privacy and
security is directly proportionate to the growth and demand for
cybersecurity professionals. So if you are drawn to a challenging,
rewarding career at the crossroads of technology and innovation,
cybersecurity is a great option. In this video, you learned that cybersecurity is a shield
against malicious cyber threats. As a cybersecurity professional, you could
be a security analyst, a cryptographer, or an ethical hacker. Cybersecurity as a profession brings
corresponding financial rewards along with the associated responsibilities. The cyber threats have become more intense
from ransomware attacks to phishing scams. Consumer demand for privacy and security
is directly proportionate to the growth and demand for
cybersecurity professionals. [MUSIC]

[MUSIC] Welcome to Expert Viewpoints,
The Cybersecurity Field. In this video, experts and seasoned
professionals will share with you the best part of working in
the cybersecurity field. So, security, why security? It’s very important part of
the world currently, and it’s, for me, a very different way of thinking and
making customers happy. So if you look at security from
my point of view, first of all, we have more and more data. We have more and more personal data
flying around the world, and more and more data from all companies going out,
and communication is getting bigger. So the need for security in that
story is getting bigger and bigger. Being able to help the customers
with those complex situations, with those complex frames,
is for me a lot of value. Being able to talk to them, to explain
them how they should approach what is the best implementation, and getting them
out of that stress situation, let’s say, because that’s what it often is,
brings for me a lot of value and joy. What is so different in security? Well, it’s a way of thinking
around the problem. It’s not only how can we do this fast and
with the least cost, and how can we do this
in the most easy way? No, it’s much more often how
can we do this in the best way. How can we really make sure we’re securing
this client and protecting their business, because in the end,
that’s what we’re doing. By protecting their data and
their communication and their customers, we’re protecting their business. As we all know, they’re often
getting breaches in the news. And most of these companies, well, every
company wants to avoid it, of course. That’s why we’re there, and that’s why I
find it such an exciting organization, such an exciting technology. It’s like we really work
to avoid all those risks, and our team is really trained to do that. So that’s why I like it so much. The cybersecurity field is
a great field to work in because it is becoming a bigger industry every year. Cybersecurity professionals
are in high demand, and there are endless different jobs and
opportunities to choose from. Companies in every industry
need cybersecurity experts and software to help protect them
from cybersecurity attacks and to help protect their data and
their systems. It’s also a very interesting field to work
in as there’s always something new to learn, there’s always new challenges. Every year, there’s new threats, and
with that comes new approaches and new technologies to combat these threats. I have always
been intrigued by mystery and adventure novels and movies. And the cybersecurity field is basically
a real-life mystery and adventure, complete with the bad guys and
the good guys. Even the field changes
basically every day. And as technology evolves, so
do the attack methods, and in turn, so do the tools of the trade. So you get to work with some pretty
cool defensive and investigative tools, and the job just never gets dull because
you have to always be on your toes. The best thing about
working in cybersecurity, for me, is that it always changes. It is a pathway, I think,
to constantly learn, to constantly evolve,
to constantly be reactive. I look at other career choices that
people have made in different sectors, financial sectors, I always feel
they’re a little bit more slow-moving. I think cybersecurity is one of
those areas that is so exciting. It’s just challenging, and it keeps
you feeling young inside the industry, which I think is just a fantastic asset. I think cybersecurity
is a fascinating field to work in, that’s because it really sits at the
confluence of a lot of different areas. For instance, there’s technology,
there’s business, there’s the academic side, there’s
the governmental side and regulatory side. There’s psychology, there’s sociology,
there’s all of these different aspects. There are not too many areas that are more
interdisciplinary than cybersecurity. It literally touches all
aspects of our lives, even people who don’t have computers
are still affected by all of these things. So I like the fact that I get to look
into a lot of different areas and bring all of these things together. And do stuff that really
helps protect people and make the world a better place in the long
term by protecting it from the bad guys. The best part? If you ask me, it’s the pride
that we have for securing people. And that’s what keeps me going,
because when I was not in security, I used to believe that
anybody can be hacked. But now,
I am a part of a team which prevents that. And nowadays, as everybody uses devices,
mobile devices, and laptops, which are connected to internet,
the hacking is more common than before. I always say if somebody would like to join,
the best motivation factor is money. Second is self-satisfaction because
you’re preventing something. You are like firefighters, in case
something bad happens, you’re there to prevent it, there to fix it, and
you’re like the police, you are preventing stuff. So it’s overall super cool job. The best part is you keep updating
yourself, you can’t let go. You have to keep yourself educated all
the time, and you have to keep growing with the industry because new technologies
are coming up, new attacks are coming up. So you have to be pretty focused and
keep learning. [MUSIC]

Tutorial: Launching Your Cybersecurity Journey – Paths and Strategies

The ever-evolving world of cybersecurity beckons with exciting challenges and promising career opportunities. Whether you’re a seasoned techie or a newcomer with a different background, this tutorial will guide you through the key steps to launching your journey into this dynamic field.

Step 1: Assess Your Skills and Interests

Before diving into specific paths, identify your strengths and what truly captivates you. Do you enjoy problem-solving and unraveling mysteries? Are you detail-oriented and patient enough to meticulously analyze systems? Remember, even non-technical skills like communication and critical thinking are highly valued in cybersecurity.

Step 2: Explore Diverse Backgrounds and Entry Points

Cybersecurity welcomes individuals from various backgrounds. Veterans bring strategic thinking and risk assessment skills, while law enforcement officers excel at incident investigation. Even project managers and technical writers contribute their organizational and communication expertise. If you have a technical background in IT support, software development, or networking, transitioning might be even smoother.

Step 3: Choose Your Training Path

Online Courses: Platforms like Coursera, Udemy, and edX offer flexible and affordable options for gaining foundational knowledge. Start with beginner-friendly courses and gradually progress to more specialized topics.

Certifications: Validate your skills and boost your resume with certifications from renowned organizations like ISC2 and CompTIA. These rigorous exams test your understanding of core cybersecurity principles and best practices.

Bootcamps: Immerse yourself in intensive, hands-on training through bootcamps. Within weeks or months, you can acquire practical skills in various cybersecurity methodologies and tools. Be prepared for a more time-intensive and potentially expensive commitment.

College Degrees: Opt for a comprehensive education through dedicated cybersecurity programs offered by universities and colleges. These programs delve deeper into the theoretical and practical aspects of the field, preparing you for diverse career paths.

Internships and Apprenticeships: Gain invaluable real-world experience by applying your learning in cybersecurity environments. Network with professionals, acquire practical skills, and build your resume through internships or apprenticeships.

Step 4: Embrace Continuous Learning

The cybersecurity landscape is constantly evolving, demanding a commitment to lifelong learning. Stay updated by attending industry conferences, participating in online communities, and pursuing advanced certifications. Consider continuous professional development courses to refine your skills and stay ahead of the curve.

Step 5: Build Your Network

Connect with professionals in the field through industry chapters like ISC2 or ISACA. Participate in online forums like Stack Overflow and Reddit, or explore platforms like GitHub for discussions and knowledge sharing. Attend industry events, conferences, and webinars to network with seasoned professionals and learn from their experiences.

Remember: There’s no single “right” path into cybersecurity. Choose the options that align with your background, learning style, and career goals. Most importantly, cultivate a passion for continuous learning, problem-solving, and contributing to a safer digital world.

Bonus Tip: Explore specific areas within cybersecurity that intrigue you, such as cloud security, incident response, or digital forensics. This will help you tailor your training and focus your career aspirations.

With dedication, the right resources, and a hunger for knowledge, you can successfully navigate your journey into the exciting and rewarding world of cybersecurity!

Welcome to how to get into
the cybersecurity field. After watching this video, you’ll be able to;
list the skills, nontechnical and
technical background of individuals aspiring for a
career in cybersecurity, describe the different
training options, describe the networking options providing cybersecurity
information. Individuals aspiring for
a career in cybersecurity do not require any scientific
skills to enter the field. They should have a problem
solving attitude that drives them to resolve
difficult situations. In addition, they
should have an eye for attention to detail. Have patients then should
welcome challenges. The applicants may be
fresh undergraduates or an experienced
professional looking to transition into a second career. Cybersecurity field can be
a career option for both. Contenders can also be from
non technical backgrounds. Their unique skills
can be an advantage when they transition
into cybersecurity. For example, veterans and
armed forces personnel enhance their strategic thinking and risk assessment skills
during their service, which are vital
in cybersecurity. Similarly, law
enforcement officers are proficient at examining incidents and
collecting evidence, both essential in
cybersecurity investigations. In public service careers, individuals are knowledgeable about government
level clearances, which are also a requirement
in cybersecurity. Project managers have strong organizational and
communication skills, while technical writers can formulate technical information. Both skills are necessary in coordinating
cybersecurity efforts. Those working in
technical jobs may find a smooth transition to
the cybersecurity field. IT support and help
desk professionals have a comprehensive understanding
of the IT infrastructure, thus it’s easier for them to understand where
vulnerabilities might exist. Software developers and
networking specialists have the technical skills
to comprehend and combat cyber threats
at a deeper level. Aspirants wishing to opt for cybersecurity as a career should undergo the appropriate training regardless of their background. Many educational
streams are available, such as online courses. Online courses like this
one from IBM provide a flexible and
accessible way to gain foundational knowledge
in cybersecurity. Online learning platforms
like Coursera, Udemy, and edX offer many
classes that cover various cybersecurity
topics appropriate for beginners and
advanced learners alike. Certification programs
are an alternate pathway to attain training
on cybersecurity. Organizations like the
International Information System Security
Certification Consortium, ISC, and CompTIA are instrumental in providing certifications for
cybersecurity professionals. These organizations offer
well designed courses and rigorous exams that test a professionals ability to understand and apply
cybersecurity principles. Certifications by
these organizations offer a knowledge
benchmark and are often a requirement or a
distinguishing factor in cybersecurity job postings. Another training option is
cybersecurity boot camps. They provide a more exhaustive and rigorous
learning experience. Their duration can be several
weeks or a few months, and they offer
hands-on training in various cybersecurity
methodologies and tools. In addition, college
diplomas and university degrees provide a comprehensive education
in cybersecurity. These are detailed
programs that delve into the theoretical aspects and practical applications
of cybersecurity. Cybersecurity internships and apprenticeships also present an opportunity to gain hands on experience in a real world
cybersecurity environment. Apprentices apply
their learning, can network with
professionals in the field, and gain valuable experience
that can boost their career. Each training option serves
a unique purpose and an aspirant can select any path depending on
their career goals, educational background,
and learning preference. However, in the evolving
cybersecurity field, there is a requirement of continuous learning
and upskilling. A cybersecurity
professional’s career revolves around
lifelong learning. In this field, threats
are advancing and technology behind them is
becoming more complex, therefore staying up to date with the latest vulnerabilities, countermeasures,
and best practices is not only important,
but also essential. This learning commitment
can take various forms, including continuous professional
development courses, attending industry seminars, or seeking advanced
certifications. It could also involve
staying active in online cybersecurity
communities where the latest threats
and advancements are regularly discussed. Continuous learning ensures the relevancy of skills enhances professional credibility
and contributes to career progression within
the cybersecurity industry. Networking is another
vital component when entering the
cybersecurity field. It allows aspiring
individuals to make important connections with
professionals in the industry, learn from their experiences, and gain insights into the
latest trends and threats. Participation in chapters
such as ISC2 or ISACA enables individuals to stay updated
on industry standards and best practices and gain
exposure to varied viewpoints. Online communities
like Stack Overflow, Reddit, Cybersecurity Subreddit, and GitHub provide
a virtual platform where individuals
can ask questions, share their knowledge,
and learn up-to-date cybersecurity information from a global community
of professionals. These platforms also
often host discussions on recent cyber threats
and countermeasures, providing real-time
learning opportunities. Corporates organize
conferences, seminars, and webinars that present
the latest research, advancement, and
trends in the field, providing an opportunity to stay informed of
industry developments. Attendees often include seasoned professionals,
industry leaders, and influential speakers, making these events a valuable
networking opportunity. In this video, you learned
that those aspiring to become cybersecurity
professionals can be from non-technical backgrounds, such as veterans, armed forces, security personnel, law
enforcement officers, project managers,
and tech writers. Those working in technical
jobs such as IT support, helpdesk software developers, and networking
specialists may find a smooth transition to
the cybersecurity field. Cybersecurity aspirants
should undergo training such as online courses, certification and
diploma programs, boot camps, and internships. Networking allows aspiring
individuals to make important connections with
professionals in the industry.

Welcome to Entry Level Careers. After watching this video, you’ll be able to: describe the role
of a cybersecurity specialist, describe the role of a cybercrime analyst. describe the role of an incident and
intrusion analyst, describe the role of an IT auditor. The cybersecurity sector offers promising
careers that provide a sense of fulfillment and a wide array of
opportunities for professional growth. Cybersecurity specialist is one of
the most popular entry level roles in cybersecurity. They’re responsible for establishing and implementing security protocols
to protect systems and data. They perform regular system audits to
ensure up to date security measures and address any identified
vulnerabilities within a system. In addition, they maintain a policy for
data access. They collaborate with other IT
professionals to ensure the integrity and confidentiality of data. They’re sometimes called on to conduct
security awareness training for other staff members
within the organization. If a security breach occurs, cyber specialists are active participants
in the incident response process. Another entry level position
is the cybercrime analyst. This job requires you to delve deeper
into cyberthreats and cybercrime. It involves identifying patterns and predicting future attacks based on
historical data and current trends. This information is then used to build
robust defense strategies in collaboration with cybersecurity specialists. In the event of a breach, the cybercrime
analyst conducts digital forensic investigations to gather evidence. When necessary, they report any
relevant findings to stakeholders, including law enforcement agencies. The third role, an incident and
intrusion analyst, focuses on handling and investigating incidents
of security breaches. When a cyber intrusion is detected,
these analysts spring into action, identifying the breach’s source and
assessing the damage’s extent. They work to develop and implement containment strategies to
restrain the impact of a breach. Once contained, they conduct detailed investigations to
understand how the intrusion occurred. They also play a critical role in
the recovery after an incident, including restoring IT services and
collaborating with the cybersecurity team to improve defense strategies
to prevent further intrusions. Lastly, while often overlooked, the IT auditor role is critical to
a comprehensive cybersecurity strategy. IT auditors are responsible for examining and evaluating
an organization’s IT systems, practices, and operations to ensure compliance
with laws and industry standards. They also identify potential security
risks and breaches in an organization’s IT infrastructure, and recommend necessary
changes to enhance overall IT security. An auditor conducts regular audits to
assess the effectiveness of security measures and protocols and ensure that
the organization’s data is protected from unauthorized access or alterations. These are just a few of the many entry
level positions in cybersecurity. Each role offers unique responsibilities
and challenges, contributing significantly to the security and integrity of
an organization’s IT infrastructure. In this video, you learned that
cybersecurity specialist is responsible for establishing and implementing security
protocols to protect systems and data. Cybercrime analyst role comprises
identifying patterns and predicting future attacks based on
historical data and current trends. Incident and
intrusion analyst focuses on handling and investigating incidents
of security breaches. IT auditors are responsible for
examining and evaluating an organization’s IT systems,
practices, and operations to ensure compliance
with laws and industry standards. [MUSIC]

Welcome to Expert Viewpoints, Getting Started as a
Cybersecurity Professional. Experts often arrive at
their similar careers from divergent and dissimilar
former careers in education. In this video, hear from
experts who will share their unique stories about starting their
cybersecurity careers. When I finished my
qualifications, my degree, I remember I spoke to
my mother and father, and I wanted to move to Canada and start a new
life working behind the bar. I made a deal with my dad
that if I couldn’t get a job, I would come back
and do a Master’s. At the time in the country, there was a brand new Masters, and it was called
Cybersecurity and Forensics and Forensic
Computing Act. I remember I ticked the box I never thought
I’d have to do it. I came home four months later. I had no money. I had a great summer,
but I now had no money. I was very glad that I had
listened to my mom and dad, that they set me up with a
career in cybersecurity. I fell into it not because I had a love for it or
an understanding, it was actually accidental
but it was one of those great examples
of an accident that really is fantastic. I originally started in
computer networking, and the security aspect
of networking caught my attention basically
from the very beginning. Over the years, I gradually shifted my attention to focusing almost solely on the security aspects of
information technology. I first studied
computer science and information technology
in NUI Galway. This was a four year
undergraduate degree. In the third year of the degree, we did a work placement
and I worked for IBM on one of their
security products, Once I finished college,
I went back working at IBM full time and have been
here for about 14 months now. Ever since I first put
my hands on a computer, I was fascinated with it
and wanted to know how it worked and wanted to
know how it might fail, and that’s how
cybersecurity people think. They look and see
how a system works, and then they envision
how it might fail, and then how you
could build defenses to compensate for the
failures that might be there. I started very early in high school with this
kind of interest. Then I went to college, I got a bachelor’s degree
in computer science. I started working for IBM. Then some years later when
the Internet came along, we had a division that related
to Internet technology. I jumped into that because I thought this is going
to be really important. It turned out it was,
and on the Internet, we needed to have
security capabilities. That’s where I really got to enter into the
security space. I had been doing network management,
software development, and then moved
into cybersecurity working with clients and I’ve been in that space now
for more than 25 years, and along the way got to write a book and have been able to visit more than 50 countries
as part of my work. I stumbled into cybersecurity when IBM set up their
security organization. Years and years ago we had IBM technology
where we actively, there were some security
software security technologies like identity and
access management. We had [inaudible] some which at that moment security software. But then IBM saw there was
a need for more security. There was a need for more
focus on those products. Then we really built the
security organization. By being part of those first softwares where
I was junior specialist, I implemented the
single sign on and several SIEM solutions
for customers. Then IBM founded a security organization which
I became part of. I stumbled in it
actually a little bit, but it excited me from day one, being at those
customers and seeing how great it was to talk to them on how we
could solve their problems, but also to see how
complex it was for those customers because security touches on all parts
of the organization. When I was from my college, I got a placement in
development and I worked there for six months but I did not feel the company was right for me, and I left the company. The new company gave me an opportunity to start fresh as a
cybersecurity engineer. Immediately, I thought
it’s boring and that time nobody was
interested in security. Everybody wanted
to be a developer. But after a year, when I was trying
to switch my job, I felt the difference. I applied for a job
as a developer. I went there for the interviews. There were 500 people, and out of 500 I cleared three rounds and I was
like in top 27 or so, and they hired three people. I was shocked with the number of competition we have and the amount of money
they were paying. But then I got a call
from a different company called Xerox and they just asked me that, would
like to work with us. I said yeah, and they hired me. It’s interesting to
know that cybersecurity was valued even 10 years back. It’s a stat I was
not aware of it.

Mid-Level Cybersecurity Careers: A Comprehensive Guide

The cybersecurity landscape is constantly evolving, demanding skilled professionals to protect critical data and infrastructure. As you progress in your cybersecurity journey, mid-level roles offer exciting opportunities to deepen your expertise and take on greater responsibility. This tutorial explores three key mid-level cybersecurity paths:

1. Cybersecurity Analyst:

Description: The cybersecurity analyst is the backbone of an organization’s security operations. They are responsible for implementing and maintaining robust security measures, ensuring the ongoing protection of valuable information assets.

Typical Responsibilities:

• Design, implement, and enforce security policies and procedures.
• Monitor security systems for suspicious activity and potential threats.
• Respond to and mitigate security incidents, including data breaches and malware infections.
• Conduct vulnerability assessments and penetration testing to identify and address weaknesses.
• Participate in incident response planning and recovery efforts.
• Stay up-to-date on the latest cybersecurity threats and trends.

Required Skills:

• Strong understanding of security principles and best practices.
• Proficiency in security tools and technologies.
• Excellent analytical and problem-solving skills.
• Effective communication and collaboration skills.

2. Cybersecurity Consultant:

Description: Cybersecurity consultants act as trusted advisors, providing external expertise to organizations seeking to improve their security posture. They offer valuable insights and recommendations, tailored to specific needs and challenges.

Typical Responsibilities:

• Conduct comprehensive security audits and assessments.
• Identify vulnerabilities and recommend remediation strategies.
• Design and implement robust security solutions aligned with industry best practices.
• Develop and deliver security awareness training programs for employees.
• Stay informed about evolving regulations and compliance requirements.

Required Skills:

• Extensive knowledge of various cybersecurity frameworks and methodologies.
• Strong communication and presentation skills to effectively convey findings and recommendations.
• Ability to assess an organization’s security maturity and propose solutions aligned with its risk profile.
• Project management skills to manage consulting engagements effectively.

3. Penetration and Vulnerability Tester:

Description: Penetration and vulnerability testers, also known as ethical hackers, play a crucial role in proactively identifying and mitigating security risks. They employ simulated attacks to uncover vulnerabilities before malicious actors can exploit them.

Typical Responsibilities:

• Conduct penetration testing using various methodologies and tools.
• Perform vulnerability assessments to identify weaknesses in systems and applications.
• Document identified vulnerabilities, exploitation processes, and potential impact.
• Recommend and implement security measures to address vulnerabilities.
• Adhere to ethical hacking principles and comply with relevant regulations.

Required Skills:

• In-depth understanding of hacking techniques and tools.
• Proficiency in scripting languages and penetration testing frameworks.
• Strong analytical and problem-solving skills.
• Excellent communication skills to report findings and propose solutions.

Choosing the Right Path:

The best mid-level cybersecurity path for you depends on your individual interests, skills, and career aspirations. Consider factors like:

• Technical vs. Consulting Focus: Do you prefer hands-on technical work or enjoy providing strategic guidance?
• Internal vs. External Focus: Do you thrive in a team environment within an organization or prefer independent consulting projects?
• Specialization Opportunities: Are you interested in a specific security domain, such as cloud security or incident response?

Remember: Each path offers rewarding opportunities to contribute to cybersecurity and build a fulfilling career. Continuously upskilling and staying informed about emerging threats are essential for success in this dynamic field.

Additional Resources:

• (ISC)² Certified Information Systems Security Professional (CISSP) certification
• Offensive Security Certified Professional (OSCP) certification
• SANS Institute security training courses
• OWASP Top 10 Web Application Security Risks

This tutorial provides a starting point for exploring mid-level cybersecurity careers. Remember, continuous learning and skill development are crucial for success in this ever-evolving field.

Welcome to Mid-Level Careers. After watching this video, you’ll be able to describe the role of the
cybersecurity analyst. Describe the role of the
cybersecurity consultant. Describe the role
of the penetration and vulnerability tester. As professionals advance in
their cybersecurity careers, they encounter a variety
of mid-level roles. These mid-level roles demand a deeper understanding of
cybersecurity principles, practices and a
proven ability to manage and resolve complex
security situations. These roles involve
a higher degree of responsibility and
strategic implementation, focusing on building and
maintaining secure networks, managing security incidents and developing cybersecurity
policies and procedures. Mid-level positions serve as a foothold for top-tier roles. They are critical in an
organization’s defense against increasingly
sophisticated cyber threats. At a mid level, a
cybersecurity analyst is responsible for ensuring the robustness and resilience of an organization’s
security structure. They oversee the design, implementation and
enforcement of enterprise security
policies and protocols. In addition to detecting, responding and mitigating
potential cyber threats, these professionals also perform regular vulnerability
assessments and penetration testing. They often play an active role in incident response planning, collaborating with other
stakeholders to develop effective strategies
and recovery plans. In contrast, a
cybersecurity consultant serves as an external expert, providing guidance and recommendations to
organizations to improve their security framework and mitigate potential threats. They conduct
comprehensive audits of the organization’s
systems and procedures, identifying vulnerabilities
and areas for improvement within its
IT infrastructure. These consultants often work
with senior management, presenting their findings and proposing strategic solutions. They assist in the design
and implementation of robust cybersecurity
strategies and measures. Sometimes they provide training
and awareness programs to educate employees about best
cybersecurity practices. A penetration and
vulnerability tester, or offensive
security researcher, plays a pivotal role in an organization’s
cybersecurity infrastructure. They are responsible for
identifying weaknesses and vulnerabilities in the system by deliberately probing
and exploiting them, mimicking the actions
of potential attackers. This proactive approach allows
them to gain insights into possible intrusion points
before a malicious hacker does. They undertake
comprehensive tests, including automated
system analyses and manual techniques to uncover
potential security flaws. They document their
testing process meticulously detailing the
identified vulnerabilities, exploitation processes and potential impact of
a security breach. If they identify
vulnerabilities, they recommend and implement
robust security measures to strengthen the system
against future cyber attacks. As a penetration and
vulnerability tester, their actions are ethical
and the organization authorizes them to improve
the system’s security. They ensure compliance
with relevant laws and regulations throughout
the testing process. In this video, you learned
that mid-level roles in cybersecurity play
a critical part in protecting an organization’s
digital assets. Mid-level roles are
cybersecurity analyst, cybersecurity consultant, and penetration and
vulnerability tester. While their responsibilities
may differ, all roles share the same goal. Ensuring the organization’s
information assets, integrity, confidentiality,
and availability.

Welcome to Expert Viewpoints: A Typical Day in the Life of a
Cybersecurity Professional If you’ve wondered what
a work day is like for cyber security professionals,
you’re in the right place. In this video, industry experts share what happens
during their work days. A day in the life
of a cyber security professional is
incredibly interesting, and incredibly varied. If I look at my career
in cyber security, I started as a red
team operator, that would also be called
a penetration tester. I moved up to become
a security architect, and then ultimately
on to becoming a CTO, leading teams and
all that kind of good stuff. As a red teamer, I used to really enjoy
that part of the job. I had progressed, I guess, from the
development side of the house into the red teaming side of the house. What I love most about red teaming was that when I was in development,
I would come in and I would take a task from Jira and I
would try and complete it. Whereas when I was working in red team,
what I was allowed to do was I was able to explore
the application, research different
attack vectors, and then try those attacks against our own
tools and products. What that was is ethical hacking and
we were trying to identify issues. Obviously, as we move up–and as your role,
if you join this field, you’ll move up– you gain additional responsibility. You go from having to just say,
simply find the issues to having to find the issues
and resolve those issues, to ultimately, being able to find the issues,
resolve the issues, and then work with development teams to
make sure that those issues get closed. One of the best things about
working in cyber security, and one of the most
essential things about cyber security is a lot of people think it’s
a very technical base role, but you need a tremendous amount of
soft skills to be able to negotiate, liaise with different teams and help them
to understand what’s going on. >> I think every day is probably different,
which is what I like. I like variety, but for me, my work is with clients. So, I spend a good deal
of time trying to be with clients
running workshops where we try to discover
what are the gaps in their security
infrastructure and what we can do to
help with that. A little bit of consulting,
a little bit of selling. It’s a consultative, try to become
a trusted advisor to my client. That’s what I really want to do. I want to feel like they bring
me back again and again. I do a fair amount
of web meetings with clients and internally,
to plan for those events. I also do a lot of
public speaking. Speaking at conferences
and webinars and seminars and things like that to try to demonstrate
mind share. Lately, a lot of this work
has been in the AI space, where we see the mixture of AI and cyber security
coming together. Where they work well together and where they don’t
work so well together. That’s a top of mind topic
for a lot of people. >> What do we do in a daily
job in cyber security? Well, our professionals working
with our customers, for example, the people implementing C, will work with the
customer from day one in the projects to define
what is the real goal. And “What is the goal?” means “What is the need from the
business, from the customer?” “What is the need from the security
point of view from a customer?” “And how can we combine it?” For example with the Sim tool, we’re going to analyze the logs,
we’re going to correlate the logs, we’re going to generate alerts. What does the business need
from use case point of view? In which case do we
see we need alerts? What can the IBM
tooling provides? What does the security
team need from an alerting point of view to
be able to manage that? By really working
with the customer, understanding what
their need is and then translating that and how we
can implement the product. Well, that’s how
our specialists in the day-to-day job will
work with our customers. They will get the best out of the customer and the best out of the product and combine that together to get a good
solution for our customers. That’s really what we drive
for in every project. Where do I come in? Where do our senior engineers come in? One, for a validation
to make sure we have the right customer
relationship need, but also when there
is complexity. Because there might be a complexity
from a customer point of view, their business might not
really understand why we need to have all
those security things. There might be complexity from a software point of view
because there might be a bug or there might be
a products change needed to be able to accomplish the real needs
of the customer and that’s where we come in. That’s where we go and talk to the customer to understand
how we can fix it. That’s where we manage the
internal relationships with development and support and make sure we get the product at the stage we need
or we get an interim solution with our development team or
with our services team. But the goal always is, however complex it is
or whatever we get, we drive for that success. I honestly can say, I think I’m in services
for 16, 17 years now. We never left the customer low, as long as there was
teaming and there was collaboration drive from a customer
point of view to get successful, IBM has always done whatever
they could to get to that level. That’s why I think we
differentiate a lot. We will never let
down and we will never give up as long
as there is team. Working with that customer and
going for that successful, that’s our day to day job.

Mastering the Apex: A Comprehensive Guide to Advanced Cybersecurity Careers

As you ascend the cybersecurity ladder, the landscape transforms. Gone are the days of patching vulnerabilities; advanced roles demand leadership, vision, and the ability to orchestrate comprehensive security strategies. This tutorial delves into four pivotal career paths at the pinnacle of cybersecurity:

1. Cybersecurity Manager:

• The Guardian Strategist: You’ll oversee the entire security operation, crafting policies, managing a team of skilled professionals, and liaising with leadership. Think of yourself as a conductor, harmonizing diverse expertise into a symphony of defense.
• Essential Skills: Leadership, communication, team management, security policy development, incident response expertise, budget management.
• The Journey: Transition from hands-on technical roles, gain leadership experience, and cultivate strong communication skills. Certifications like CISSP, CISM, and CISA can solidify your expertise.

2. Chief Information Security Officer (CISO):

• The Executive Sentinel: As the CISO, you’ll become the CEO of cybersecurity, shaping the company’s security vision and ensuring alignment with its goals. You’ll navigate the boardroom, advocating for resources and championing a culture of security awareness.
• Essential Skills: Strategic thinking, risk management, executive communication, regulatory compliance, vendor management, crisis leadership.
• The Journey: Extensive cybersecurity experience, ideally in leadership roles. Certifications like CISM, CISSP, and CISA are crucial, and an MBA can enhance your business acumen.

3. Cybersecurity Engineer:

• The Architect of Defenses: You’ll delve into the nitty-gritty of building robust security infrastructure. Think of yourself as a master builder, crafting secure networks, systems, and applications, wielding code to fortify defenses.
• Essential Skills: Deep technical knowledge of security technologies, networking, operating systems, scripting languages, security protocols, penetration testing, incident response.
• The Journey: Transition from technical roles like security analyst or penetration tester. Certifications like OSCP, CEH, and CCNA demonstrate your technical prowess.

4. Cybersecurity Architect:

• The Grand Designer: You’ll envision the organization’s security future, crafting a comprehensive architecture where various elements seamlessly work together. You’ll define standards, ensure compliance, and oversee the implementation of this grand security blueprint.
• Essential Skills: In-depth understanding of security frameworks, risk assessment, security standards, compliance regulations, design thinking, communication, and collaboration.
• The Journey: Extensive experience as a cybersecurity engineer, combined with architectural thinking and design skills. Certifications like CISSP, CISA, and CCISA showcase your holistic understanding.

Remember: The path to these pinnacles is paved with dedication, continuous learning, and a thirst for excellence. Network with peers, seek mentors, and actively participate in the cybersecurity community. Certifications enhance your credibility, but practical experience reigns supreme. As you conquer these advanced roles, you’ll not only safeguard organizations but also shape the future of cybersecurity itself.

Additional Tips:

• Stay updated on emerging threats and technologies.
• Hone your soft skills, especially communication and leadership.
• Build a strong professional network.
• Consider pursuing an advanced degree in cybersecurity or information security.

By mastering these advanced roles, you’ll not only reach the apex of your cybersecurity career but also contribute to making the digital world a safer place. So, embark on this exciting journey, and remember, the climb is just as rewarding as the view from the top!

[MUSIC] Welcome to Advanced Level Careers.
After watching this video, you’ll be able to: describe the role
of the cybersecurity manager, describe the role of the Chief Information
Security Officer, describe the role of the cybersecurity engineer, describe
the role of the Cybersecurity Architect. Advanced level careers in cybersecurity
represent the apex of professional development in the field. These roles are held by seasoned
professionals with extensive experience and expertise. They’re characterized by high levels of
responsibility, strategic decision making, and leadership. These professionals are responsible for
immediate threat mitigation and contribute to the long
term cybersecurity strategy, policy development and
organizational culture around security. A cybersecurity manager is a critical
player in an organization’s cybersecurity strategy. They’re responsible for overseeing and coordinating all activities related
to the protection of digital assets. Their role involves developing and
implementing security policies, ensuring compliance with laws and
regulations. Managing a team of
cybersecurity professionals and liaising with senior management
on all security related issues. They are also responsible for
incident management, including developing incident response strategies and
leading the response to security breaches. A Chief Information Security officer CISO
holds a high level executive position. And usually reports to a company’s
Chief Information Officer CIO or Chief Executive Officer CEO. The CISO is responsible for
establishing and managing the company’s
cybersecurity strategy. This includes creating a vision for the
company’s information security that aligns with its broader goals, while ensuring
compliance with regulatory requirements. The CISO’s responsibilities also encompass
risk management; they assess potential threats to the company’s digital assets
and develop mitigation strategies. This involves overseeing the deployment
of security technologies and ensuring their effectiveness
through regular audits and testing. The CISO is responsible for creating a cybersecurity aware
culture within the organization. They provide education and
training resources for employees to improve their understanding
of potential cyber threats and to promote good cybersecurity practices. They also typically lead incident response
efforts, coordinating actions during a security breach to minimize damage and
initiating recovery procedures. In addition, the CISO liaises with other top level
executives to keep them informed about the status of the organization’s
cybersecurity measures, potential threats, and strategic plans to enhance security. They may also represent the company in
discussions with regulators, partners, customers and the media on
matters related to cybersecurity. The position of a cybersecurity
engineer is more hands on and technically intensive. These professionals
are tasked with building and maintaining the security infrastructure. They design and create secure networks,
systems and application architectures. They’re often involved in coding and scripting to improve cybersecurity
measures and protocols. They implement advanced cybersecurity
measures such as firewalls, intrusion detection systems and
encryption protocols. They also conduct comprehensive testing
to ensure the robustness of the security implementations and make necessary
adjustments to optimize performance and resilience. Cybersecurity engineers
provide technical input and support in incident response planning and
activities. A cybersecurity architect plays
a strategic role in designing and planning the organization’s
security architecture. They determine the big picture strategy,
developing a comprehensive framework detailing how various security elements
will interact and support each other. This role involves defining and
implementing enterprise security policies and standards, and ensuring compliance
with regulations and best practices. The architect should understand
the potential threats to the organization’s information assets,
and design a security architecture to
mitigate those risks effectively. Architects oversee the installation,
configuration and maintenance of security systems and
applications, and conduct regular security audits to
assess the effectiveness of the security architecture. Cybersecurity architects provide
strategic direction and support for incident response planning and activities. In this video, you learned that
advanced level careers in cybersecurity represent the apex of professional
development in the field. A Cybersecurity Manager develops and
implements security policies, manages a team of cybersecurity
professionals, and liaises with senior management
on all security related issues. A Chief Information Security Officer, CISO, oversees the deployment
of security technologies and ensures their effectiveness through
regular audits and testing. Cybersecurity engineers design and
create secure networks, systems and application architectures. Cybersecurity architects develop
a comprehensive framework detailing how various security elements will
interact and support each other. [MUSIC]

[MUSIC] Welcome to Expert Viewpoints,
Cybersecurity Career Path. During this video, experts will share
their cybersecurity career path journey and how they attain the jobs
that they have today. >> Speaker 2: Hi, I graduated with my
master’s in security and forensics, I would say 17, 18 years ago. At that time, I remember going to jobs
fairs and it was quite humorous to me. I’d walk up to a jobs fair and
I’d speak to a recruitment agent and I would ask, hey, I’m looking for a job. I’ve got this qualification. They would see forensics and
they would think it meant medical. That’s how young we were in
the field of cybersecurity. It was very, very hard to get a job
in cybersecurity at that time. So I ended up becoming a developer. I worked for approximately,
I’d say four years as a developer. Along the way, I ended up working for IBM. Very, very lucky to work for IBM. I’m going back maybe 15 years now,
and I remember I was working as a developer in IBM, and IBM was starting
to explore what cybersecurity meant. And I was very, very fortunate
that they went through the CVs and they identified myself and
along with two other people, had a qualification in
Masters in Forensics. And they invited us to be the foundation
team for cybersecurity, for setting up the red team. We were the first three,
I would arguably say in Europe, working on cybersecurity,
which was a fantastic opportunity to grow. What we did at that point was we ended
up growing to a team of about 13 in a very short period of time. And what we would do is we would do
penetration tests against all of our flagship products, raise defects,
work with development teams. It’s an incredibly exciting time. The industry at that time was
really in a state of flux. It was really just finding its feet. So at that time when you got in there,
you could say, we’ll use this tool, we’ll use that tool,
let’s just try it and see. It was very, very exciting back then. >> Speaker 3: So I started into
cybersecurity in earnest about 15 years into my career. The first 15 years were
in network management, software development, and
customer support, and then moved into cybersecurity because that
was always something that fascinated me. When the internet came along and it looked like we were going to be
trying to do business on the internet. If you can imagine, there was a time
when people even debated that, but in fact they did in the early days
because it was seen as too insecure. So back in the late 90s,
I got into this space and started looking at things like
cryptography and firewalls and antivirus, and since then moved into identity and
access management and other areas. And then I got my bachelor’s degree
in 1984 in Computer Science, and then to kind of show lifelong
learning, I got my PhD in 2019. So a long gap in between but
always learning every day and trying to get the credentials to
verify and prove that learning. >> Speaker 4: So my start within
cybersecurity was in BeLux role, so I was located in Belgium. I started to support customers in Belgium
and Luxembourg where we did some scene implementations, where we did some single
sign-on implementation at customers. So I really started as
a junior specialist, not straight out of school, but
only one year of working experience. At that moment cybersecurity was already
hot, let’s say, but not as strong and as built out as it is today. Customer
had an access management tool, an identity management tool and a scene. And was that really all
working together and in sync? The risk in security was not as known. Maybe it was quite big already,
but it was not as known as today. Anyway, so
I started as a junior specialist. Then I did quite some implementation
also at bigger clients. And as I mentioned before,
I was quite interested in having those more complex
implementation situations. So I became also a security project
manager at several accounts in Benelux, so Belgium, Netherlands and
Luxembourg, where I learned a lot from the collaboration with customers and
so on and so on. Later on I became security delivery
manager for the Benelux organization where I had a team of specialists implementing
all our security software at customers. Managing that building teams, growing
people into the security organization, getting them the right certifications. Later on I moved into a European threat
management role where I was defining the strategy from a threat management
point of view for the EMEA organization. Then I later on moved from
a threat management portfolio to the whole portfolio from
security point of view for EMEA. So then I was the EMEA
security overall leader. And then recently, roughly one year ago, I became the Worldwide Threat Management
Leader from an Expert Labs point of view. That’s in very short my roadmap. >> Speaker 5: So I started my career
as SoC analyst as I told you before. In one year I become a lead because of
lack of employees in cybersecurity. I managed a team of like seven people. Then after two and a half years I moved to a different
company as a senior security consultant. Consulting is a little
easier than engineering. So in consulting we kind of provide
solutions and suggest them. In engineering we have to implement
them and we have to work on those. And there I worked for a couple of years and then I moved
to a company called Mercedes Benz. I worked there for
maybe three and a half years. There I learned some development because
nowadays in security only knowing stuff is not enough. You have to understand the code, you have to able to write
scripts in case you need to. And then I moved to
a company called Forcepoint, which is a very very famous vendor for
security products. I worked there for two years and there
I was kind of helping them to table and set up a new infrastructure
on security in Bangalore. And my day-to-day is like I’m right
now a data security manager and I propose security solution to
my company and deploy them and manage them and hire people like us. [MUSIC]