For the past few months I’ve received tons of advice from a lot of established Information Security professionals on how I could get my foot in the door and start on my career path. I thought it would be useful to compile a list of links from all the different sources I’ve been sent to for such advice. I think you’ll see a few motifs throughout
One of the very firsts I read on this and I think me badgering him for help inspired him to write it comes from Kees Leune:
Tips for getting started
From here on out I’m just going to post as I think of them so this is no particular chronological order.
James Arlen (myrcurial) has also been of more help to me than I can emphasize and his talk at Last Hope was one of the earlier proverbial fires under my ass. Here is a link to his follow up to that talk at Notacon 6: BlackHat to BlackSuit – Econopocalypse Now:
Vimeo – BlackHat to BlackSuit
A more recent post was by a security professional named Bill Pennington over at the Security Catalyst blog. A two part post directly from a hiring manager is invaluable advice:
An absolutely awesome resource that is very young but is unbelievable for the community is DojoSec. Marcus J Carey has set up monthly briefings in the DC area that are for all intensive purposes mini-cons. If your not from the area make sure you pay attention to when they are because there are some live streams on their website where you can watch all of these amazing presentations free of charge.
I’m bringing this up mostly because of a presentation a month of so ago by Rob Fuller (mubix) titled How to go from the couch to a job in 80 hours. I was lucky enough to catch this streaming online and even got to ask Rob a question via Twitter at the end of the preso:
Vimeo – Mubix
Update:Another great listen is a recent Exotic Liability podcast that talks about a ton of great advice about starting on different paths while talking on the phone with a college student who called in:
Exotic Liability Podcast – Advice
(Thanks for the reminder Chris!)
Another recent post comes from Paul at Pauldotcom and does a really good job at summing up some of the key topics and common themes through out all of these posts:
Getting started in Information Security
Some other interesting links you might be interested in checking out would be anything in the area of expanding your knowledge. Here in no particular order are some links that I have used to help polish up my skill set and soak up other useful information along the way.
This post was floating around recently and is 100 different open courses useful in information security. I’m going to go ahead and equate it to the 77 books in the personal MBA list but for Information Security professionals:
100 open courses
I’m going to finish up with some advice of my own. Even though I’m still very young and just starting on this long and glorious path I know that I would be miles behind where I am now without following all of the advice I have been given. I’m not somebody who “settles” for whatever falls in my lap and if that is what you are then stick to the job boards.
The most important piece of advice I can offer is to be involved in the community as much as you can. There are a ton of people in the community who are very passionate about it and are more than willing to help in whatever ways they can. The easiest ways to get to know all of them is through Twitter and going to cons. Security Twits list is the one of the most valuable resources on the net for infosec people and I don’t know where I’d be without the friends that I’ve made through it.
Update:I know I’m forgetting resources, these are just the ones that stuck out off the top of my head so please feel free to leave any additional resources as comments.