Ask a Cyber Security Consultant Anything

Salutations.

I work as a Canadian Cyber Security Consultant.
I used to work for Robert Herjavec before I left to consult for the major Canadian banks.

I mostly do Incident Response type work and deep dive analysis. As well as malware analysis, reverse engineering, digital forensics, DLP, research & training, threat intel, etc.

Have something you want to ask? Shoot

Ever do work in hardware cybersecurity stuff?

POO IN LOO
O
O

will Linux protect our memes from the NSA?

How do I into this field?

No, most company assets get logged like fuck by their networks so long as the proper security is in place. No need for that unless you're RCMP.

I've always wanted to freeze RAM and examine it though.

Sys Admin here
How much do you make?
What certifications and degrees do you have?
You work on primarily windows or linux?

is it any fun? Do you find enjoyment from it? do you find that this type of work makes you think a lot or you just have some general tools that you normally use and draw conclusions based on them.

Considered picking it as a career choice, but I've heard mixed opinions on it. Stuff like reverse engineering malware sounds quite interesting, but then again I've never done it so i don't know what it actually is. thx

Where should I start learning about cyber security? I've just finished the first semester of System Administration, and it's interesting. I want to learn more over summer break.

Go to school. You don't need to go to uni, it's not technical. Go to a good college and get an advanced diploma (On level with a degree). You get the on hands and technical knowledge. In my opinion it's worth it.

For entry, so long as you know your shit, try to get in to a managed services company. The hours are fucking brutal, but I shit you not, you will learn more there than any school could EVER teach you. The number of technologies you'll be able to get your hands on is insane. Then quit after 9 months, and get a better job.

Primarily work with windows because the only things were really investigate are from windows based events.
Just my advanced diploma and connections in high places. One thing you need to do is networking (People, LinkedIn).

I've been set from the get go, so no certs. Didn't bother. But if I had to say some I would get right this week, they'd be Sec+, Gsec, CEH, cisco security, etc, ,etc. Also the certified examiner ones. (There's a bunch for analysis, cryptography, etc).


It is very fun. Never a dull moment. Not stressful either (Unless you're in managed services., good luck). No you need to think a lot or you won't be a good investigator, and you will stagnate or be replaced. Like everything, it depends who you work for.
You can't do malware analysis effectively in VM's. We have burner computers which gives us better results. On a side note, if you were to work for zappos in Vegas, you're gonna party a lot, enjoy your work, and get paid well. The environment differs per company and location. Zappos will be like a college frat. They have everything on site. Beds, BBQ's, food, gym, etc. gotta find a good employer.


Start with youtube vids and webinars and stuff. general web learning. Get a good idea on hacking. I started with pentesting in highschool and gradually went form black hat to white as I went to school. and became a lot more advanced.

No more questions?

I recommend you guys check out the Ethereum Project, and invest in DAO's while you still can.

It's going to start a (digital) revolution in the near future. mark my words.

Oh yeah, about the salary. It vary's per job title. But across the market they are generally about the same.

Incident response gets 45-50 a year
Device management is about 70a year plus 15 in overtime
senior positions you go up by about 5k-15k (I.e. if you are in managed services and you manage clients, or you're a senior analyst)

Junior consultants make 70k
Consultants make about 80k OR , depending heavily on your experience and seniority , closer to 100k-120k a year.
Consulting involves knowledge from every aspect of security and technology, and heavily on web app testing / penetration testing. Generating reports and consulting to the clients.

These are canadian salary's. In USA it should be double. (Or atleast half more, and in USD of course.)

thx for the answer. not murican, and parties/benefits aren't what I'm looking for I guess, as much as I'd like some place that challenges me. I've been working in a webdev startup to stay alive but it gets quite boring after a while.

I'm finishing uni next year and I'm thinking of either doing low level systems programming or infosec, have tried both and found enjoyment in them, but I'm not sure which I'd like to do more.

What is 'deep dive analysis'?

IF you want to make bank in 'cyber' security, you need to work for the USA. All other countries have shit pay. canada is "average". UK bleeds you dry and bad pay too.

I can't disclose any confidential info, but a few years ago a client I was covering was hacked prior. Ukrainian hackers got into a press release company and saw the releases before they occured. So they bought stock like crazy, aand when the release hit, stocks would sky rocket, and they would sell. They did this many times. Anyways the breach got noticed, and the secret service is all over their ass now. the company i mean. If 1 more breach happens, all the company heads and the CEO go to prison.

This field is always very exciting. I'm just glad I haven't had any fuck ups... haha One big fuck up and you could be cut out of the industry. Word spreads fast.

Demand is high. However, employers are rather hiring in quantity for low pay, or in quality (1 or 2 people) for high pay. So it is competitive. You just need the right connections and track.

There is demand for specialists**, but companies just aren't willing to invest the money into what is needed.. That's why the job market is sort of fucked. BTW those Ukrainian hackers got away with like 24 million USD I think. Can't remember.

That's pretty nice, things like this are always crazy when you hear about them. I'm sure it's definitely one of the most exciting fields of cs by far. I've signed for crypto next year and a security course, and I'll see how I like them. I doubt I'll do a security topic for my dissertation but changing your specialisation in this domain is pretty easy compared to others, so I might try to land a junior job/internship in the near future and get some hands on experience to see if I actually like it.

As for moving to US, yeah, I'm probably going to do that in the next couple of years, need to finish studies and US bleeds you even drier than UK if you're an international student

USA internships are fucked.

I did my c-op in 3 months and just got paid slightly less to learn. full hands on in a SOC doing incident response for managed services.

Study a computer security program. 2 years minimum but i recommend 3. You want to know attacks, and how they work. and you want to know how to investigate. most of it you pick up during your placement from school.

How do I get into pentesting?

just grab a pen and start using it.

Do you watch porn at work?

Also bought 300 DAO, its not much but it's something. Also planning to invest in buttcoins, etherum and DAO.

What do you do if an attack comes from a Tor origin?

Just block/blacklist all TOR traffic. no need for it in the company.

Can education in in theoretical areas (Like a degree in mathematics or computer science) still land you a job in something like the CSE or what you're doing

How does server forensics work? I don't understand how investigators can tell what data has been accessed on a server unless they just assume all data is compromised by default. Also, if a router doesn't keep logs but there was a breach, does that mean you have to assume every computer in the network is compromised?

yes. Intelligence services especially like degrees. Math, CS, EE are all good.