The Essential Hands-on Training for New Security Staff
Joe Reyes Senior Manager, Security
Cybersecurity jobs are the fastest growing but with a huge skills gap, says Forbes. Within the same Forbes article, data from CyberSeek says 40,000 information security analyst jobs are unfilled each year. That doesn’t include the 200,000 other cybersecurity related roles that need to be filled.
To foster interest in the next generation of security professionals, it’s helpful to provide tips for recent college graduates on self-teachable skills that are essential to starting any entry-level security position. There’s just some things that college courses can’t cover, as with any profession in the “real world.”
During the interview process, my team and I have noticed that candidates from various types of universities are short on practical, hands-on experience. Those who are new to the workforce must have core competencies to allow a smooth transition to the working environment.
For example, there are blogs and archives that can be accessed as self-teachable resources and industry training conferences like SANS offer new security courses. In addition to exploring these resources, there are tools we recommend that can be accessed for someone just beginning their career in security.
The must-have skills and tools for day one
For day one of an associate’s first security position, we recommend the following five skills and tools mandatory as part of their onboarding:
Kali Linux. Learn Kali Linux, an open platform that contains a multitude of tools. Download and install it in an open source virtual machine, like Virtual Box.
Sandboxes and at-home learning. Practice using security tools on your wireless network at home. Most university security programs offer security “sandboxes” where you can hone your skills.
Learn the Linux OS and utilities. Linux is open source, so download and practice. Pretend you don’t have access to a Windows machine and Linux is your only choice. Incidentally, this is how some hackers learn in the former Soviet Union.
Packet capture (pcap) analysis. Learn what pcaps are and how to use them. Practice analyzing the network packets on your network.
A trouble ticket system. Managing tickets received or submitted is fundamental for any security team. If you’ve ever requested resources or open an incident ticket at school, think about how you interacted with that system. Find out the name of the trouble ticket software. It could be a starting point to your research on the topic.
Get familiar with the Security Operation Center
Most companies also have some form of a Security Operation Center (SOC), where a new associate can experience every aspect of IT security. This is most likely where some security interns will spend their summer simply because they are always short-staffed.
A SOC typically has the following tools, and all have open source versions that you can download and test how they work. Companies don’t expect newcomers to be experts, but at least be conversant with these:
Intrusion Detection System (IDS/IPS) detects and stops threats across the network.
Security Information Event Management (SIEM) and Log Management aggregate and normalize the data providing context to the logs it collects.
Malware protection or some anti-virus systems detect and quarantine the malware that finds its way onto servers and workstations.
Vulnerability Management systems scan the system and network environment for vulnerabilities.
Heading into the future of security
Someone once told me that when we venture into something new, our anxiety level is high, while our knowledge is low.
The only way to fix that imbalance is to acquire as much knowledge and relevant information as you can to lessen the anxiety. There are plenty of free resources on the Internet that could bridge the knowledge gap. YouTube is a great resource for learning through videos about these tools and how to use them.
If you are currently looking to find a job that leads to a rewarding career, find a list of our current openings here.