Discussing How to Get a Job within Cyber Security Industry

Discussing How to Get a Job within Cyber Security Industry

hello everyone in this video we're going to be discussing at getting a career in cybersecurity now I already do work in cybersecurity industry and have done for nearly ten years miss quids on the other hand I work in academia and when the academic route got a degree got a PhD and now I'm working in computer science in academia not directly related to cybersecurity but we do teach cybersecurity at our university we're starting with the educational roots here so there are cyber degrees they were looking at an American page here on the UK side is computer science being the course with various cybersecurity parts to it so for some context this website is from Hugh Cass which is the UK application service for universities and colleges so you can see that we've got various degrees not just in cybersecurity but also generalist degrees in computer science software engineering and so on it is quite common that I think people who want to go the university route will end up doing a computer science degree and then trying to find specific modules within that degree are relating to security because I'm not sure I don't think there are that many degrees out there that focus solely on security is kind of like if you're going this route then you'll want to know about things surrounding the general area of computer science as well I think there is a growing trend towards younger people were entering university and going this route why I've seen with looking at various conferences and companies are applied for work in the past I would generally say that this there's more of a push for people going to university generally that maybe wouldn't have done so 10 or so years ago like one thing that's kind of moving in the in the strangely in the opposite direction is in terms of cost the cost of doing a degree in the UK at the moment is approximately 9,000 pounds a year or there abouts meaning that three years of university tuition will cost you 27,000 pounds at least that's without taking into account things like maintenance loans in order to actually fund your ability to live while doing your degree so yeah and this has risen quite substantially in the past several years especially when I did my degree it was 9,000 pounds total but it's quite an expensive ruse but I appreciate not everyone may want to go to university so I'm going to look at so many other alternatives on the practical side although actually going to keep with one more course because sans training sans are an excellent provider of security courses although these courses are about five thousand dollars each week's training and doing the exam actually exam might be a bit extra but yeah it's quite a substantial cost but they are well recognized although again the cheaper option your conference is I just attended b-sides recently quite interesting you can learn a few things from it also blackhat now more to like self learning even self learning can be very useful looking at software like kali linux i appreciate its a lot of hacking tools here but if you actually learn and understand how to use them not just being a script kitty that's where an important part of learning is don't just blindly follow our script learn how to use the applications you've been learning the basics behind how the computer communication takes place network packets is that part what the university Ravi has taught colleges as well yeah yeah so there's almost always going to be some kind of networking computer communication module in a general computer science degree so yeah learnt about things like the different ports and stuff like that yeah Lister ports lists the tcp and UDP ports please definitely come up in interview questions so learn a few of them not just like the basics of FTP SMTP HTTP HTTPS yeah be a bit more creative learn some of the more slightly obscure ones time ntp one two three that can be quite well abuse port st. port 53 DNS yeah just try and learn some of the port numbers there's another good one to learn four four five Microsoft SMB RFC I think that stands for request for comments here's a humorous one to know about IP over avian carriers it can just be an interview thing to know about yeah I know about RFC two five for mine ability to send packets over an avian carrier but this is specifically avian carriers with quality of service as well most important as bit of a step up over their previous 11:49 you noticed it was printed on April 1st so it was an April Fool's gag at the same time it is a real RFC yeah they've done calculations on the maximum transmission unit 256 milligrams instead of 1500 bytes knowledge about some of the software fix up a few that free to install mu net this is nante virus Oh literally just an anti-virus but if it forms basic to some industry applications while specifically an application called amp which has an excellent sandboxing feature so yeah I'll make good use of this an industry clam av clam antivirus as actually free to install in the NEX but don't just install it understand how it works I think it's predominately hash based how it works snort intrusion detection system or intrusion prevention system and free to install all you get though is the community and older version of rules free even the knowledge of setting this up and a knowledge of how the rules work could be quite important that's how I would use an intrusion prevention system IPS or an IDs it sits on the edge of the firewall and protects servers client systems within a network the IPS can stop attacks ideas can just it tectum splink is a well-used product within industry at its basics it is a logic collection and the ability to search through all those log events though it does have some very fancy features whitney searching and you can also produce like graphs and dashboards it's a very flexible tool you come across that much no I haven't just awareness of it at all maybe it's just better used within industry so new all the jobs I've been to have used Splunk I've had it come up quite a few times within interviews and on the job spec so yeah even if you're just able to install it get an idea of how it works better do searches yeah I can really help knowledge of reg X regular expressions just done a quick demonstration here finding a website without a subdomain as an optional double-barrel top-level domain so that may look like I said gibberish but if you can learn reg X that can really go in your favor again the job in cyber security also it's generally quite useful just even if you're not in cybersecurity so learning rec X was quite useful for me when I was doing some stuff with Perl pills quite nice for working with strings and yeah just generally processing files and changing the format trying to find things in files yeah regular expressions are quite useful since a they are well used within various different products yarra used for identifying malware samples within systems uses regular expressions even small rules do there's an example of a few rules and that's just basic variables here your external to internal any port specific content you're looking for but there's example there that there is a regular expression within the content Pete Cree they say they're even Splunk uses reg X as well with interpretation their data and researchers seems or Sims security information event management personally I don't find this particularly useful but I've come across many companies that do require knowledge of a particular sim product there's not something you're going to easily get without actually purchasing the software I don't have any free ones I don't really find them so useful I think they're more of a management tool so what it does it just correlates various events and tries to determine say one particular attack out of several smaller events as it is basics they just look pretty and look good for managers lots of good friend lists I'm saying my own personal opinion there it's worth just having knowledge these things exist cloud security I'm not sure how much I can really get into here but a lot of companies are moving to put in data in the cloud and they are going to need the security components that the well we're looking at Amazon and 0 here they've got security options provided so again the knowledge of these things yeah can be very useful there's also plenty of research being done generally about the cloud and the Internet of Things it is definitely a growing area and just a big area generally and covers a lot of different things so yeah be worth learning about this more generally yeah and that's actually something I didn't put here with the Internet of Things internet at at because there is a big security risk with all these things you know as far as that'sactually yeah something that's gonna call us out really just hopefully we don't have too many these things in the company the blunders with IOT stuff is something worth knowing about saw the reuse of passwords and just kind of how to protect against these things firewall them off stop them connecting to the internet I'll do it I hope you found that interesting ideas of how you can get into a cyber security job thanks for watching and we'll see you all later you

17 thoughts on “Discussing How to Get a Job within Cyber Security Industry

  1. What OS do you use when being a cyber security tech? Great video as well! glad to see you making more videos again mate!

  2. Nice to see a couple openly sharing experiences and knowledge on YouTube. Cybersecurity/forensics is not my thing but I still learnt something today. All the best 🙂

  3. Tek Systems was cold calling me twice this week, I hung up the first time, and didnt respond to their emails, SOC jobs for a major company = torture…

  4. I've been self-taught since I was around 15. I started a blog this year to teach others on linux, networking and eventually security. Aiming for the absolute beginner if anyone intersted: installtekz-online.com

  5. Good video but I'm surprised you didn't mention Udemy. I grab a load of courses when they are free and right now I'm learning bash scripting and have loads of other courses on Kali Linux and programming on the shelf. Didn't think Cyber Security was that complex… You two are very clever! Thanks for the information

  6. A degree in computer science won't qualify you for any cyber security job.You still got a long way to go……..

Leave a Reply

Your email address will not be published. Required fields are marked *