Do I want to be a Hacker? Sort of…

August 18, 2016 | Views: 9771

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

“How do I become a hacker?”

This is a recurring theme/question that’s cropping up more and more. I will be frank and honest: I get a bit bored seeing this. And, if that’s your first and initial focus as a path into InfoSec, then it’s a bit narrow.

I will say hats off to KnightsCode for their articles “Learn to be a Hacker with Cybrary” and “How to be an Ethical Hacker in the U.K.” I like the latter best, as it lays bare that pentesting is not easy and requires a lot of hard work.

It’s excellent, to the point, concise and re-enforces what you need to do. Don’t run off and get a certification and think you’re an expert. You aren’t. If you pass your driving test, does this mean you can be F1 World Champion? No, you learn to walk before you can run.

I recently met two pentesters who were conducting work for my organization, and they eat and sleep pentesting. Their spare time is used for research and more pentesting. Any hobbies, let me guess? “More pen testing.” They love their job, but don’t have much time to do anything else.

They were very busy. As well as the travel, and staying in hotels, it’s a lot of work and a lot of report writing. Being a pentester at a company that has a reputation to maintain, those reports not only have to be done on time, but also have to be written well.

So, if you think being a hacker is glamorous and something anyone can do – think again.

So do I want to be a hacker/pentester? Well, not exactly.

I don’t want to be just a hacker or pentester. I want to become a better InfoSec Professional. Studying and learning pentesting will help me on my journey, but I will not necessarily become a pentester full-time.

Funnily enough, in my line of work, this will involve vulnerability assessing systems (in short, this is pentesting), but my job will involve other tasks as well. Immediately, if I’m exposed to pentesting in my current role, could this be something I could pursue and develop further? I can still be a hacker/pentester, but not too involved. This is something I will be working at, building my skills over time.

If you’re new to the game, I’d suggest that you don’t just ask “How do I become a hacker?,” ask “How do I become a better Infosec professional?” If you can become a good Infosec professional, then you’re on a path towards being a pentester (also Infosec professionals) or something else. You have to start somewhere, right?

I would ask people to be a bit more realistic about their goals and wants. Explore and look for opportunities.

How to become a better InfoSec professional has already been covered by others, but I’ll give my take and offer a few suggestions.

Two vids I recommend people watch:

BreakPoint Labs “How to Start Your Cyber Security Career” and StevenE has released an excellent S3SS1ONS Wednesday vid “Breaking into Information Security

StevenE re-iterates what others have said. Get a Twitter presence, engage with the industry, get involved and share knowledge. Don’t just follow people – research and pass things on. We thrive on kudos and acknowledgement. Go get some. Add value to the community. Write articles. But, if you have some oddball questions – ask them in the forums – that’s what they’re for!

If you already work in IT, and want to move sideways, find a sponsor. There are ways and means of doing this. Being genuine and pragmatic will win you more respect. Desperation and wanting to be “a pentester” with no proven track record will not open those doors. You need to explore opportunities and sell your skills – but in the right ways.

You need to do the legwork. Getting your knowledge and understanding up is key. It demonstrates to your current or future boss that you’re serious about your aspirations. Also, understand your business. What are the company goals; how can you help with them? Cybrary will certainly help you with this.

The next element of progressing to what you want to do, is to first understand yourself. Do a SWOT analysis. What are your strengths, where can you improve, what can you contribute?

If you can sculpt your skills into a role, and understand what those roles do and how it can help develop a career path, you’re on your way and it’s a lot easier to achieve. Don’t forget: you don’t necessarily have to look outside your organization for opportunities. Look at creating those opportunities internally.

If you have the skills and see the need, sell those skills, and more importantly, identify with your organization. Where is it going and where you can add value? I cannot stress enough how underrated that word is. Value. C-level management loves value. If you can add value to something, you are onto being a winner. Get your skills up, make your skills valuable, become valued and you’ll go far.

Okay, it might not be a “hacker” job or your ultimate dream job, but like everything, things are earned – not given. Work hard, do your best and you may get there. If you can give yourself a good self-assessment and do your “legwork,” guess what? This actually helps prepare you in a job interview situation.

There are some good resources on the internet about career paths, etc. Perhaps the best one I have come across is by Gary Hayslip (check him out on LinkedIn/Twitter). He has written some excellent resources on Cyber Security career paths, and they can be found here: https://app.box.com/v/path-to-cyber-slides

Best of luck in your chosen career path.

 

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
26 Comments
  1. Actually, i’ve something that is being my thought. I really interest in (ethical)hacking and cyber secure, but i think (maybe) i’m not in right way. I am a scholarship holder in computer science major. Since that, my lecture curriculum has been set to focus in networking and database. Before i apply this scholarship program, i had applied to some regular class at cyber security major, but fortunately i passed all selections progress in that scholarship that’s what made me right now. So, is there a chance for me to have job and improve my career in security? Will my major right now will be a block or maybe a support for me in cyber security?

    • I will actually answer this question shortly with another article. You do need to be focused and dedicated on what you are doing.

      Currently I’m in a similar situation, I don’t have years of highly technical infosec knowledge under my belt, eg. Linux etc, but I’m prepared to learn, and that is what it is about.

      You need to look and understand various areas of InfoSec, and find your niche or area of expertise. And try and channel in on that.

      If you are not sure what sort of job you want to do, some simple research might help.

      https://www.cybrary.it/cyber-security-jobs/

      If you scroll down, Cybrary have helpfully listed different job types, and the explanations are quite good.

      In terms of your scholarship – what is it, what will you achieve at the end of it, have you thought about what you will do next? If you can give some thought to your direction ahead of time, you are in the driving seat to control where you are going. If you are more in control, you are more likely to be able to get in the right direction, rather than suffer disappointment.

      As my article said – value. Explore and discover how you as an individual can add value to the work place, but also as a team player.

      Also study other “soft skills”, for example, Cybrary has sections on Project Management, good solid understanding of compliance and risk is also good.

      Hope this helps.

Page 5 of 5«12345
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel