The second of two parts. If you missed the first part it is here. Are you thinking about a career in cybersecurity? Read on. Know a high-schooler who is considering the career? Please share this with them.
What do you spend most of your time doing as a Cybersecurity Analyst?
Currently, and for the last two years, I have been teaching cybersecurity principles to people like you. Most of my classes are geared toward one industry certification or another, and I have taught classes for A+, Network+, Security+, Cybersecurity Analyst+, and the CISSP. I am currently engaged in preparing the Mayo Clinic IT Security team to take and pass the CISSP certification, which is the most prestigious and difficult cyber certification.
When I was with the MSP, I developed the cybersecurity services we were going to offer their clients, lead the search for a SIEM product that we could resell to our clients, and helped set up the SOC. On a daily basis I was delivering services to different clients including regulatory compliance audits for PCI-DSS (credit card), HIPPA (health care), and GLBA (financial services and banks). Vulnerability scans and assessments using Nessus and a variety of other tools. Penetration tests using tools included in the Kali Linux distribution. I delivered training called Cybersecurity Awareness Training to the employees of client companies, to help them avoid common exploits they might find in their email inbox, or other places around the Internet. We also put on simulated phishing email attacks. You can see something I developed for that at http://outlook.of.fice356.com. Go ahead and put any user and password into the box, then click on the “Can’t access your account” to see the training piece.
How much collaboration is involved compared to solo work?
This depends so much on where you end up working. Most of my work was solo to a point, but I always was interacting with other staff members at the MSP, and with representatives of the clients I worked with. I think it is fair to say that the bigger the company you work for, the more collaboration and teamwork you will see.
What inspired you in becoming a Cybersecurity Analyst?
I’ve always been hyper-vigilant, a little bit or a lot paranoid. This work means I get to be “normal” or to put it another way my natural instincts are a great fit for this job. “Just because you are paranoid, doesn’t mean they are not out to get you!” LOL I get to observe cyber-criminals and other shady characters, learn about their methods, and then use my knowledge to fight against them. It’s a bit like being a superhero, a firefighter, or a spy.
What was a problem that you had to overcome as a Cybersecurity Analyst?
Complacency. Most people can’t believe “all this security stuff” is necessary. They think it’s a hassle. They think they are too small to be a target. They think they have nothing to lose, nothing a criminal would want. Overcoming complacency is something I deal with all the time, even now. You know how people have panic-bought up all the toilet paper? Well it never happened that everybody ran into MicroCenter and bought up all the Norton Anti-Virus. Just saying.
In your opinion, what is the best thing about WyzCo Group Inc?
I am self-employed, and have been since 2001. From 2002-2006 I was sometimes employed by others, but always kept the business going on the side. In 2006 I went full-time self-employed, except for September 2015 to Jan 2018 when I worked for the MSP. Why settle for a good job, when you can own a good company, and have a good life?
The other good thing about being self-employed is the ability to change direction quickly when necessary. Being self-employed made it easier to pivot from computer support and repair, into computer security, and then into teaching and instruction.
My hours are flexible, I can take days off when I want to. Of course it’s a business, and sometimes I put in a 60 or 80 hour week. And you have to be available to take care of your customers. You have to have the self-discipline to do what’s necessary, not just what’s desirable. But I like that too.
Hopefully that is what you are looking for. I am open to more questions.
I used a lot of technical terms and acronyms. You can further your own self-education by Googling everything you don’t know already.
Stay in touch, let me know how your career goes. Remember Technical School, not College. Tech School is cheaper, and all your credits will transfer to college if you have to do that. Remember you can get hired out of tech school (and even high school if you have some certifications), and let your employer pay for college.
Good luck with your life. If you are not having fun, you are doing it wrong.
More information:
. I have included some links to articles from my blog that are relevant.
- Experience, Certifications, or Degrees – What Matters Most? Part 1
Are you looking to break into a career in Information Technology or Cybersecurity? I have been working as an instructor in this field for several years, and I have trained many people, and helped them study for professional certifications so they could do just that. There is a huge demand for IT a… - Experience, Certifications, or Degrees – What Matters Most? Part 2
If you are looking for that first job in IT, you can expect to begin on a telephone (remote) support help desk, or in desk side (in person) support, or in a hardware repair facility. If you are coming to your first job with certifications or degrees, but little or no experience, this will be where… - Experience, Certifications, or Degrees – What Matters Most? Part 3
We live in a society that places an unwarranted importance on college education. If you are in a STEM education track, a college degree may be worthwhile. If you are in Business Administration, probably less so. The world is awash in business administration and MBA candidates who can’t fin… - Safe and Legal Places to Exercise Your Pen-Testing Foo
In our last post we looked at a great way to set up a pen-testing lab. Fortunately, the quandary over finding a safe place to practice your pen-testing skills has led to the creation of dozens of hacker-friendly learning sites. Several have been provided by OWASP, and there are other contributor… - When Penetration Testing Goes Wrong
When I am speaking or training, and the subject turns to penetration testing, I make certain to explain to the class or audience that nearly everything a pen-tester does violates federal laws. For starters, there is the Computer Fraud and Abuse Act. There are many other computer laws at both the…
APR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com