How I get into Cyber Security

162 0

This article shares my story of how I got into Cyber Security, starting from my college years to where I am now in my career. It talks about my college education, early jobs, higher education journey, and the transition to cybersecurity. It reflects on significant moments, challenges, and lessons learned along the way, emphasizing the importance of curiosity and adaptability in the cybersecurity field.

College Years

During my college years, I explored different subjects such as computer science, mathematics, and literature. This period was about discovering my interests and understanding myself better.

Early Career

After college, I took on various jobs outside of cybersecurity to make ends meet. While these jobs provided financial stability, they didn’t fulfill me professionally or personally. However, there came a moment that prompted me to reconsider my career path.

Higher Education

Motivated by a desire for change, I pursued higher education in a field related to cybersecurity. This decision required me to take a break from the industry to gain the necessary knowledge and skills for the transition. It was a risk, but I was determined to pursue my newfound passion.

A Jump to the Dark Side

Upon completing my additional degree, I entered the world of cybersecurity. Starting out in this new field was challenging. I encountered obstacles, made mistakes, and learned important lessons along the way. Yet, with persistence and dedication, I began to thrive in my cybersecurity role. Every day brought new opportunities for learning and growth, and I embraced them eagerly.

Looking back on my journey, I’m grateful for the path that brought me to where I am today. It was a journey marked by exploration, determination, and resilience. Despite uncertainties and setbacks, they ultimately shaped me into the cybersecurity professional I am now. As I continue navigating this ever-evolving field, I’m excited about the opportunities ahead and the potential impact I can make in enhancing cybersecurity in our increasingly digital world.

College Years

In my country, education follows the old British system. Students go through grades 0 to 10 and take exams that decide their future paths. Higher scores let you choose science subjects like engineering, medicine, or computer science. Lower scores lead to arts subjects like physics, philosophy, or law.

If you pass the exam but don’t meet the required score for college, you can’t retake it. It feels like a dead end for many. Some students purposely fail to retake it the next year, especially for competitive fields like medicine. There was talk of changing this rule in 2015, but I’m not sure if it happened.

My parents, typical working-class folks, wanted me to be a doctor. Ironically, I struggled to stay awake in biology class. I did okay on the exam and ended up in a computer science program. While my parents were disappointed at first, they still pushed for maritime school. Ships and the sea interested me, but I couldn’t see myself navigating the ocean.

So, I studied computer science for four years. It was mostly lectures and textbooks, covering topics from databases to programming. The learning materials were decent, likely from foreign universities.

Outside class, I delved into the textbooks to understand the concepts. I got my own PC in my second year, which let me explore programming and gaming. A friend introduced me to the early internet, which amazed me. I also took a hardware course outside of college to understand computers practically.

After four confusing years, I graduated with an honored degree. I spent a year or two trying to get into a master’s program abroad. During this time, I improved my English and took programming courses. These were the early challenges of my adult life.

Early Career

After graduating, I found a job at a local software company where I began developing 

applications using ASP.Net, PHP, and ColdFusion. The pay wasn’t great, but the experience taught me how to think logically and understand web application development better. It’s a mix of making things look good and working right. However, after two years, I started feeling bored and unfulfilled. The projects were repetitive, mostly reusing internal code libraries with minor tweaks. I realized I was just an average developer with little passion for the work.

My interest in Cyber Security sparked unexpectedly when a web application I developed for the government fell victim to a SQL injection attack by hacktivists. I was baffled by how outsiders could cause such damage while I was struggling to fix the issue. It was my first encounter with common web exploits and the vulnerability of unsecured websites. This incident ignited my curiosity about security in the era of Web 2.0 and beyond.

A chance arose for me to pursue higher education, encouraged by my mother, in Thailand where I had been living for the past decade.

Higher Education

I applied for a M.SC (Computer Science) program in a neighboring country. The program covered familiar topics from my bachelor’s degree but also included research and hands-on projects. My previous experience in the IT industry made it easier for me to handle the projects.

For my final thesis, I spent a couple of months researching topics in Cyber Security and Digital Forensics. I wanted to choose a topic that would offer me a learning journey and wasn’t overly researched. Eventually, I settled on a research area that I believed would yield valuable insights.

My thesis advisor suggested working in a forensic lab afterward, but I wasn’t keen on the idea of government work. Instead, I landed a job as a security engineer at a service provider company, feeling both nervous and excited about the new opportunity.

A decision I made to pursue a Master’s degree was one of the biggest dilemmas of my life. While it helped me enhance my research and development skills and expand my network, it also meant taking a break from my career. Working as an IT admin, developer, and research assistant in a science lab gave me insights into small-scale infrastructure and data analytics. However, it also meant falling behind my peers who didn’t take a break for further education. In reality, a Master’s degree doesn’t always impress recruiters, and it shouldn’t have been my primary reason for pursuing it. Nonetheless, after six years, I don’t have many regrets as it paved a decent path in my work and life.

A Jump to the Dark Side

My first job as a security professional was a steep learning curve. I joined a big IT service provider where a new security team was being set up to cater to customers’ needs. Senior engineers had to engage in business development and sales processes, exposing me to a new domain and business aspect. It was also my first paid job in a foreign company.

Learning about various security technologies, market trends, and providing consultancy services laid a strong foundation in the industry. I spent about three years there before seizing another opportunity where I still work today.

At the telecom company where I currently work, I joined the security team responsible for internal security operations. The decision to switch to an in-house position stemmed from the desire to understand customer obstacles and pain points better. Unlike short-term projects, the focus here is on long-term improvements in processes and technologies to enhance the overall security program. This requires management approval, adequate funding, and the right personnel for each role, along with fostering security awareness across the organization.

Reflecting on my past experiences, I’ve realized that expertise in cybersecurity often stems from previous domain knowledge. For me, it meant delving deeper into application and endpoint security before tackling network security. There’s always a knowledge gap to fill to achieve a holistic understanding of cybersecurity.

This is a brief glimpse into where I am now. I doubt anyone will read through these random thoughts, but if you do, I’m surprised and hope you find something interesting. Feel free to reach out to me on Twitter or anywhere else on the internet for a chat about any topic.

Have a good time…

Related Post