Preview Mode Links will not work in preview mode

Mar 19, 2018

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2018-009-internships-mentorships-retooling-finding-that-unicorn-pentester.mp3

Topics discussed:

  • How Jay Beale (@jaybeale @inguardians) and Brad A. (@sno0ose) do mentorship and apprenticeship in their respective orgs.
  • Best methods to retool yourself if you are trying to move to a new industry
  • Why 'hitting the ground running' isn't the sign of an immature organization...

Matt Miller’s #Assembly and #Reverse #Engineering class

$150USD for each class, 250USD for both classes

Syllabus : https://docs.google.com/document/d/1alsTUhGwAAnR6BA27gGo3OdjEHFnq2wtQsynPfeWzd0/edit?usp=sharing

Please state which class you'd like to take when ordering in the "Notes" field in Paypal https://paypal.me/BDSPodcast/150usd

To sign up for both classes: https://paypal.me/BDSPodcast/250usd

Tickets are already on sale for "Hack in the Box" in Amsterdam from 9-13 April 2018, and using the checkout code 'brakeingsecurity' discount code gets you a 10% discount". Register at https://conference.hitb.org/hitbsecconf2018ams/register/

Sign up for Jay Beale's class at Black Hat 2018: https://www.blackhat.com/us-18/training/aikido-on-the-command-line-linux-lockdown-and-proactive-security.html

#Spotifyhttps://brakesec.com/spotifyBDS

#RSShttps://brakesec.com/BrakesecRSS

#Youtube Channel:  http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site:  https://brakesec.com/bdswebsite

 

Join our #Slack Channel! Email us at bds.podcast@gmail.com

or DM us on Twitter @brakesec

#iHeartRadio App:  https://brakesec.com/iHeartBrakesec

#SoundCloudhttps://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypalhttps://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

SHOW NOTES:

 

Guests: Mr. Jay Beale

Guest: Mr. Brad Ammerman @?????????

 

Announcements:

RE/ASM class (Matt Miller)

SeaSec East Meetup at Black Lodge

Jay’s class at Black Hat

https://www.blackhat.com/us-18/training/aikido-on-the-command-line-linux-lockdown-and-proactive-security.html

Slack channel

“M3atshield”

 

What jobs are good segues into either blue or red teams/pentesting?

SOC Analyst (network security, pcap, IR)

SysAdmin (obviously)

Cod devs (audits, binary analysis, they know the code internals)

System architects (they know the nuts and bolts)

Security architects (segue to red team, they know how to defend, threat analysis)

Project management /management (client/customer facing, can understand the business side)

 

Journeyman pipelines vs. intern pipelines

Different than interns = Already highly skilled in ‘something’

Code devs

Physical security

audit/compliance

project/program management

System admin

Management

“generalist”

 

Retooling can be difficult

May be a paycut

Fear of failure

How do we alleviate that? (mentorship model?)

 

Companies looking for skilled people can’t look for what they want

Think in the bigger picture

 

Is not being able to see the value in a non-infosec person coming to the team a sign of immaturity in a company?

The phrase “must be able to hit the ground running”

Turn off for those wanting to make that change

Feel they must already know the job

 

People should be considered as like a block of clay, not an immutable stone.

People can change if they want to…

2 party comfort zone. Both the person changing role/title, and the company understanding where the person sits in the position.

 

mentorship/menteeship in an org