2018-009- Retooling for new infosec jobs, sno0ose, Jay Beale, and mentorship


Manage episode 201064411 series 124251
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2018-009-internships-mentorships-retooling-finding-that-unicorn-pentester.mp3

Topics discussed:

  • How Jay Beale (@jaybeale @inguardians) and Brad A. (@sno0ose) do mentorship and apprenticeship in their respective orgs.
  • Best methods to retool yourself if you are trying to move to a new industry
  • Why 'hitting the ground running' isn't the sign of an immature organization...

Matt Miller’s #Assembly and #Reverse #Engineering class

$150USD for each class, 250USD for both classes

Syllabus : https://docs.google.com/document/d/1alsTUhGwAAnR6BA27gGo3OdjEHFnq2wtQsynPfeWzd0/edit?usp=sharing

Please state which class you'd like to take when ordering in the "Notes" field in Paypal https://paypal.me/BDSPodcast/150usd

To sign up for both classes: https://paypal.me/BDSPodcast/250usd

Tickets are already on sale for "Hack in the Box" in Amsterdam from 9-13 April 2018, and using the checkout code 'brakeingsecurity' discount code gets you a 10% discount". Register at https://conference.hitb.org/hitbsecconf2018ams/register/

Sign up for Jay Beale's class at Black Hat 2018: https://www.blackhat.com/us-18/training/aikido-on-the-command-line-linux-lockdown-and-proactive-security.html

#Spotify: https://brakesec.com/spotifyBDS

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

Join our #Slack Channel! Email us at bds.podcast@gmail.com

or DM us on Twitter @brakesec

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon


#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec


Guests: Mr. Jay Beale

Guest: Mr. Brad Ammerman @?????????


RE/ASM class (Matt Miller)

SeaSec East Meetup at Black Lodge

Jay’s class at Black Hat


Slack channel


What jobs are good segues into either blue or red teams/pentesting?

SOC Analyst (network security, pcap, IR)

SysAdmin (obviously)

Cod devs (audits, binary analysis, they know the code internals)

System architects (they know the nuts and bolts)

Security architects (segue to red team, they know how to defend, threat analysis)

Project management /management (client/customer facing, can understand the business side)

Journeyman pipelines vs. intern pipelines

Different than interns = Already highly skilled in ‘something’

Code devs

Physical security


project/program management

System admin



Retooling can be difficult

May be a paycut

Fear of failure

How do we alleviate that? (mentorship model?)

Companies looking for skilled people can’t look for what they want

Think in the bigger picture

Is not being able to see the value in a non-infosec person coming to the team a sign of immaturity in a company?

The phrase “must be able to hit the ground running”

Turn off for those wanting to make that change

Feel they must already know the job

People should be considered as like a block of clay, not an immutable stone.

People can change if they want to…

2 party comfort zone. Both the person changing role/title, and the company understanding where the person sits in the position.

mentorship/menteeship in an org

273 episodes available. A new episode about every 7 days averaging 53 mins duration .