From roadie to security rock star: it can happen

Posted by   Virus Bulletin on   Feb 2, 2015

To break into security, start by getting a job in the industry.

You don't have to be a regular reader of this blog to know that computer security is very important in our increasingly connected world. Unsurprisingly, this has its effect on the job market for security professionals - where there are many vacancies, and organisations report that they can't easily fill their open positions.

However, these vacancies tend to be for people who have spent a decade or more in the industry. For anyone looking for a job in IT security but who doesn't have any experience — and it's good to remember that that's where everyone started — things aren't as easy.

They could, of course, read the interviews with 'infosec rock stars' that Brian Krebs conducted a few years ago, or listen to 'How I got here', a series of podcasts from Threatpost's Dennis Fisher. And they should definitely keep up with what is happening in the world of security and improve their skills.

But there is something else you can do: get a job at an organisation that's involved in security. Even if the only job you can get is in sales or in tech support, don't worry. If you have talent — and one should always believe in one's own talents — they will no doubt be recognized, and you can 'move laterally' to a role where you'll actually be doing security.

Stories about roadies becoming rock stars, or ball boys and ball girls becoming sports stars only happen in (bad) films. In security, however, these things really can happen.

I know, because that's more or less what happened to me. I didn't even know I wanted a career in security when, eight years ago, I started at Virus Bulletin as a web developer. Experience with security was only listed as desirable in the job description. Which was good, as I didn't have any.

But I soon learned that this was actually a really interesting industry and that, in fact, I had some talents that might allow me to contribute to making the world more secure.

Of course, I am not exactly a security rock star. But I am the Editor of Virus Bulletin. For someone who barely knew anything about security eight years ago, I guess that is not too bad.

Incidentally, we are currently hiring for a position similar to the one from which I took my first steps in security. Do apply, even if you're fairly new to this security thing. Perhaps in eight years from now, you'll be VB's next Editor.

Posted on 02 February 2015 by Martijn Grooten


Latest posts:

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.