Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to build a career in Cybersecurity

Avatar for Jassi Jassi
June 20, 2020
Technology
0
1.1k

How to build a career in Cybersecurity

In this presentation, I tried to explain very minimal skills that one must learn and practice to excel in Cybersecurity domain. Then explained what are the various job profile you would come across but not limited to. I tried to explain 5 top and common job profiles out of other job profile. There are:
1. Web Security
2. Network Security
3. Application Security
4. Cloud Security
5. DevSecOps

I tried to clear some of the questions which were asked during the presentation of these slides. And I must say they were very interested and asked real problem facing questions. I was very happy to respond them at their satisfaction level. Then moved on towards various known and common security tools. Again, it was just the introduction of tools and you would need to learn more. But this would give you a good kickstart.
Avatar for Jassi

Jassi

June 20, 2020
Tweet

More Decks by Jassi

See All by Jassi
Python for AWS
Avatar for Jassi jassics
0
550

Other Decks in Technology

See All in Technology
エンジニア向け技術スタック情報
Avatar for 株式会社カウシェ kauche
1
250
Windows 11 で AWS Documentation MCP Server 接続実践/practical-aws-documentation-mcp-server-connection-on-windows-11
Avatar for emi emiki
0
960
Witchcraft for Memory
Avatar for pocke pocke
1
310
フィンテック養成勉強会#54
Avatar for フィンテック養成コミュニティ finengine
0
180
TechLION vol.41~MySQLユーザ会のほうから来ました / techlion41_mysql
Avatar for sakaik sakaik
0
180
Tech-Verse 2025 Keynote
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
0
100
【5分でわかる】セーフィー エンジニア向け会社紹介
Avatar for Safie safie_recruit
0
26k
解析の定理証明実践@Lean 4
Avatar for H Segawa dec9ue
0
180
Agentic Workflowという選択肢を考える
Avatar for takuya kikuchi tkikuchi1002
1
500
Amazon Bedrockで実現する 新たな学習体験
Avatar for Kazuki Maeda kzkmaeda
2
540
PHP開発者のためのSOLID原則再入門 #phpcon / PHP Conference Japan 2025
Avatar for shogogg shogogg
4
730
SalesforceArchitectGroupOsaka#20_CNX'25_Report
Avatar for atomica7sei atomica7sei
0
170

Featured

See All Featured
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
179
9.8k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
53
2.8k
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
29
1.8k
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.3k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
160
23k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
35
2.3k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
30
2.1k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
31
8.6k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
17
940
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
Fireside Chat
Avatar for paigeccino paigeccino
37
3.5k
A better future with KSS
Avatar for Kyle Neath kneath
239
17k

Transcript

  1. flexmind.co HOW TO BUILD A CAREER IN CYBERSECURITY You just

    need an interest and never give up attitude, rest will fall aside 1

  2. flexmind.co Sanjeev Jaiswal (Jassi) ➤ Working in Epam (Views and

    data are solely mine) ➤ Application Security and Cloud Security ➤ Programming: Perl, Python ➤ Interested in: DevSecOps and Security Automation ➤ Twitter: @jassics ➤ Gmail: jassics[at]gmail ➤ GitHub: @jassics 2

  3. flexmind.co What we will cover ➤ Key Audience ➤ Job

    profile categories ➤ Some known security tools ➤ Hands-on is the key ➤ Certifications ➤ Books ➤ Online Courses 3

  4. flexmind.co Key Audience ➤ College Student/Fresher ➤ Developer/QA ➤ DevOps

    ➤ System/Network Folks ➤ Other but interested in Security 4

  5. flexmind.co Job Profile Categories ➤ Web Security ➤ Network/Infra Security

    ➤ Application Security ➤ Cloud Security ➤ DevSecOps ➤ Compliance/Audit ➤ Mobile App Security ➤ Endpoint Security ➤ What not? 5

  6. flexmind.co How to get started (Skills) ➤ Linux Fundamentals ➤

    Good knowledge of command line tools ➤ Networking fundamentals (TCP/IP stack) ➤ Knowledge of known ports and its applications ➤ Basics of programming (perl/python/ruby/go) ➤ Knowledge of Kali tools (Pentest OS based on Linux) ➤ Keen to explore new technologies … 6

  7. flexmind.co Web Security ➤ Understand how different web services work

    ➤ Understand request and response (security) headers ➤ Understand authentication and authorization ➤ Cookies, tokens, HSTS, httpOnly ➤ API security ➤ SOP , CORS, CSP ➤ OWASP Top 10 (Testing Guide, Code review guide) ➤ Understand various available encoding i.e. base64 ➤ Comfortable with Burpsuite/OWASP Zap 7

  8. flexmind.co Network Security ➤ Secure network architecture ➤ Firewalls ➤

    Encryption solutions ➤ Networking commands ➤ Good with nmap and wireshark tools ➤ Know IDS/IPS ➤ DDos prevention ➤ Aware of CDN implementations 8

  9. flexmind.co Application Security ➤ Threat Modeling ➤ Secure Code design

    and principles ➤ Secure Code Review ➤ Secure-SDL ➤ Help developers through secure code training ➤ SAST/DAST ➤ API security ➤ git is your friend 9

  10. flexmind.co Cloud Security ➤ Cloud Computing fundamentals ➤ Security configuration

    ➤ Cloud Networking ➤ Serverless Architecture ➤ Secure API management ➤ Data Security ➤ Encryption at rest, in transit ➤ Logging and Monitoring 10

  11. flexmind.co DevSecOps ➤ Think everything as a Code (Ansible, Terraform)

    ➤ You understand DevOps culture ➤ People, Process and Technology ➤ Embrace Security Automation ➤ Comfortable with VCS i.e. git ➤ Understand CI/CD well ➤ Well-versed with CI tools i.e. cirlceCI, Travis, Gitlab CI ➤ Know programming (Python, Ruby, Go) 11

  12. flexmind.co Some known Security Tools ➤ Kali Linux ➤ Burpsuite

    ➤ nmap ➤ metasploit ➤ aircrack-ng ➤ nikto ➤ Hydra ➤ BeEF ➤ Frida 12 It’s just the tip of the iceberg ➤ dnsenum ➤ wireshark ➤ netcat ➤ Acunetix ➤ Qualys ➤ AppScan ➤ Contrast ➤ Nagios ➤ Cain and abel

  13. flexmind.co Hands-on is the key ➤ OWASP BWA ➤ DVWA

    ➤ DVNA ➤ DVIA ➤ Django.nV ➤ PentestersLab ➤ Vulnhub ➤ Hackthebox 13

  14. flexmind.co Certifications 14 ➤ CompTIA ➤ EC-council ➤ ISC2 ➤

    CSA ➤ ISACA ➤ Offensive Security ➤ Cisco/Checkpoint/Juniper ➤ Practical-DevSecOps

  15. flexmind.co Books ➤ Web Application Hacker’s Handbook (WAHH) ➤ OWASP

    Guides (Testing, Secure Code review, ASVS) ➤ Writing Secure Code ➤ API Security in Action ➤ Threat Modeling ➤ Violent Python ➤ Cryptography & Network Security ➤ Mastering AWS Security ➤ Securing DevOps 15

  16. flexmind.co 16

  17. flexmind.co Online Courses ➤ Coursera ➤ Udacity ➤ EdX ➤

    Acloud ➤ Cybrary ➤ OpensecurityTraining ➤ Securitytube ➤ YouTube 17

  18. flexmind.co Networking is the key ➤ Null chapter ➤ OWASP

    Chapter ➤ Bsides Chapter ➤ join mailing list i.e. null google group ➤ Attend International events i.e. Defcon, Blackhat, Nullcon, Seasides ➤ jobs.null.co.in for job search ➤ Meet like minded people i.e. local meetup ➤ Linkedin contacts, groups ➤ Follow people in twitter ➤ Bookmark few security websites 18

  19. flexmind.co Credits ➤ Thenoun project ➤ OWASP projects ➤ Icons

    from Apple Keynote ➤ Quora for analysis 19

  20. flexmind.co 20 For further queries, please feel free to contact

    us at [email protected]