Jakiś czas temu na grupie pojawiło się pytanie odnośnie tego jak zacząć karierę w security, jak zostać pentesterem, bug bounty hunterem i jak rozwijać się dalej, pozyskiwać kontrakty i nowych klientów.
Nagrałem niedawno dwa podcasty z Peerlystem, w który odpowiedziałem na kilkanaście świetnych pytań. Łącznie ponad 75 minut treści, które polecam każdemu kto chce nauczyć się trochę na moich błędach i rozwijać się w międzynarodowych organizacjach.
Tematy które poruszyliśmy:
- Tell me a bit about your career path, and what led you to an infosec career? Were there any experiences that made you gravitate towards this career path or did you know from early on that this is what you wanted to do?
- When did you start to perform freelance security work?
- What are the 3 biggest things companies can do to reduce their risk from a DevOps or DevSecOps perspective?
- How does security architecture and designing controls right from conceptual phases establish a more predictable environment over the long haul?
- What are your biggest take-aways from pen testing with different types of tech companies?
- Do you notice any trends with companies for a given size or industry as far as the types of vulnerabilities that you identified during your different engagements?
- How do you see crowdsourced threat hunting evolving over the next several years?
- What are they key skills that freelance threat hunters and pen testers need to bring to their engagements that are not technical or security related? (think enterprise level skills or personal strengths that are important to bring to the table)
- I read that you enjoy speaking and educating, via podcasts or in-person speaking engagements. Has educating other professionals about your knowledge and expertise lead to any exciting freelance opportunities?
- What advice would you give to those who may want to start down the path of freelance threat hunting?
- Do you think personal branding in social media is important for landing good freelance contracts?
- How important are social skills while freelancing in infosec?
- How do you manage your career development while pursuing the track of infosec freelancer?
Podcast nr 1:
Podcast nr 2: