How to become a highly-paid cyber security expert


#1

Originally published at: http://boingboing.net/2017/02/24/how-to-become-a-highly-paid-cy.html


#2

Let’s ask our resident expert at this job… @japhroaig is this deal a pass? Is being a highly paid security expert worth the stress?


#3

C’mon, at a 92.8% discount, it MUST be worth it!


#4

Pfft. If I was a hacker, I would give myself a 100% discount.


#5

… and: Did you pay $681 for your education/qualification to become a security expert? Are you angry that you overspend $632?


#6

No tats in the bundle! Pfft, amateurs.


#7

Nah. This is the “Ethical Hacker Bonus Bundle”. What you’re looking for is the “Unethical Hacker Bonus Bundle”.


#8

Some of these courses look “ok.”


#9

Is one of the instructions “Be a long term friend to Donald Trump”? Because that’s how you’re going to get highly paid.


#10

Besides studying, you also need to commit to a life of drinking from a fire hose with an endlessly changing threat dynamic and new instances of and classes of vulnerabilities cropping up regularly.


#11

Weigh 400 lbs and have a bed?


#12

So, they have 6159 people enrolled. That’s over $150k. Not bad money, even at the discounted discount rate.

Has anybody done the course? I’m kinda tempted…


#13

No. No no no.

…Well, sorta, but not an effective one. So you’d basically be training for yahoo.


#14

Yes.

Wait, you meant something different.


#15

For once I am gonna be honest. No really. All of this is hard work, and @enso will at his leisure add even more color and detail, since he is the actual expert.

The fundamentals of infosec are:

  • Coding practices
  • QA
  • Fuzzing
  • Compliance
  • Regulations
  • On going testing
  • On going maintenance
  • Auditing
  • Analysis
  • Reverse engineering
  • Incident response
  • Documentation
  • Education
  • Controls
  • Post mortems

The people, process, technology changes. This is a yuuuge undertaking. So start with one, not all.


#16

But only this once. Because let’s face it, you need some poor sucker to take over your responsibilities so you can go home and sleep on occasion.


#17

Nooooooope. You get to be the expert.

Really, though, I’m not a pen tester or an exploit author. I’m a program manager, an engineering team manager for a gang of fuzzing engineers, and a bug bounty program head. I’m actually pretty shitty at coding by myself. My knowledge is generally pretty high level and meta, not down in the weeds with specific techniques. I know how stuff goes together, in general, but I couldn’t do a lot of this without a lot of time to get up to speed on specifics.

Most courseware is focused on how to be a penetration tester with an emphasis on web technologies. There is plenty of work there but it doesn’t make you a “highly-paid cyber security expert.” Besides, the only people that use “cyber” are governments, their attendant entities, and the military.


#18

*Actual white hat not included.


#19

This topic was automatically closed after 5 days. New replies are no longer allowed.