Summary: <p>Matt McCullough (a.k.a. Matty McFly on <a href="https://7ms.us/slack" rel="nofollow noreferrer noopener" target="_blank">Slack</a>) joined me in the studio to talk about his wild and crazy path to security. He started literally with <em>no</em> technical experience, but through a lot of hard work, aggressive networking and taking advantage of educational and career opportunities, Matt now rocks a SOC job. Matt and I sat down to talk about a lot of good stuff:</p> <ul> <li> <p>How to start an IT career as "the family IT guy"</p> </li> <li> <p>Leveraging a higher education (at places like <a href="https://www.lsc.edu/" rel="nofollow noreferrer noopener" target="_blank">Lake Superior College</a> to meet people of influence and start networking like a beast</p> </li> <li> <p>Entry level sysadmin and helpdesk jobs are fun - great opportunities to make the most of the position, build your skills and stretch yourself outside your comfort zone</p> </li> <li> <p>MSPs (Managed Service Providers) are another great way to see different clients/verticals/systems and the various requirements that go into supporting them. From there, look for opportunities to start securing those organizations, as many MSPs don't dabble heavily into the security realm.</p> </li> <li> <p>If you're going to school for cybersecurity training, look for ways to leverage your status to get discounts on security training, such as with <a href="https://sans.org" rel="nofollow noreferrer noopener" target="_blank">SANS</a></p> </li> <li> <p>Competitions like <a href="https://hackucf.org/blog/about/ccdc/" rel="nofollow noreferrer noopener" target="_blank">CCDC</a> are awesome. You're given a handful of servers that are full of vulnerabilities, and you essentially are tasked with defending a network against a professional group of pentesters/redteamers. You even have to deal with real-life "injections" (other random emergencies and mock customers to deal with) while you're in the thick of the battle! </p> </li> <li> <p>Join local cyber clubs (or start your own)! Looking for a fun CTF to get started in a group setting? Try hacking the <a href="https://www.owasp.org/index.php/OWASP_Juice_Shop_Project" rel="nofollow noreferrer noopener" target="_blank">OWASP Juice Shop</a></p> </li> <li> <p>Attend security conferences(or start your own)! </p> </li> </ul><p>...more notes at 7MS.us!</p>
