• Category Archives About
  • Post about me

  • Breaking Into…Infosec

    It’s been a hell of a past few months. I’ve seen many talks about it, and seen a lot of people getting discouraged, because it’s hard to get into the InfoSec field as a profession. I fully agree that it is hard to get into InfoSec, but it can be done. Like anything, getting a job in a field that you want to get into is a challenge. Not only do you have to have the training or knowledge to get into the field, but you also need to have the perseverance to reach out and get that career started. I have been reading, studying, and learning as much about information security as I could, since I got my degree in CIT, give or take for the past 6 years.

    The best thing I could advise would be to not worry about what you don’t know. If you see a position dealing with information security, apply! My dad always told me to not worry about what was on a job posting, as far as what the employer was requiring the candidate to have or possess. The things that are ‘required’ are, for the most part, what HR wants you to have. Furthermore, if you do possess all of the things that an employer ‘requires’, you’re going to be getting paid about $20K less than what you’re worth! With that being said, if you see things that the employer is ‘requiring’, do some head work and look up said requirement and at least gain some knowledge of what they want, so if they bring up that topic on an interview, you can tell the manager that you aren’t 100% sure about it, but you did take the initiative to look into it and got some great points of reference on the material.

    Start networking with professionals in the field; go to security/hacking conferences (huge list here,) Most of the security conferences are $100/ticket, and don’t fret it if you can’t afford a ticket, all of the conferences I’ve gone to have volunteer spots open that give you free entrance, as long as you’re willing to put in some leg-work to get the conference going, and make sure things run smooth. Get on twitter and start following people in InfoSec. LinkedIn is another great resource for finding those in InfoSec and finding out if they’re hiring for InfoSec people. Another place I can’t praise enough of is Reddit. They have a sub-reddit that is specifically for those that are in, or wanting to get in, Information Security, which you can get to here. At the top of the postings will be a post called ‘/r/netsec’s QX 20YY Information Security Hiring Thread,’ where companies will post positions they have that need filled. The Hiring Thread is great, because you can talk with the person that posted the position, to answer any questions that you have.

    The last thing I can say to anyone trying to break into InfoSec is to not stop looking, you will eventually get a break. I was looking for an InfoSec position for the past 5 years, working at a job that I could feel killing me every day. I was searching reddit and found a post for the position I’m currently in. I could not be happier to have found a job where I’m ecstatic to get online every day I wake up. I get to learn new things every day, and work with a team of freaking awesome individuals. rosewood, hinge, du1d, fuzzy, stumblebot, bizmark, and everyone else on the team, you guys are the best!

  • whoami


    I am a married father of 4 that loves information security. I love to help people to become more secure, and do my best to show them how by not being secure, they can be owned. A huge misconception in information security is that people don’t need it for their everyday personal lives. That misconception is totally false, in all actuality, information security starts with our everyday lives. A lot of people have work laptops that they take home with them. If those laptops are compromised by an attacker, the whole company has the potential of being owned, all because of one employee that wasn’t fully aware of security best-practices. Information security also needs to start with us, the end-user, because what we do in our everyday lives reflects on how we act and what we do at work. If a person works at a financial institution or a medical facility, this could be a pretty serious issue.

    I have an Associate’s in Network Security and am currently working towards my OSCP.  I am Net+, Security+, and A+ certified with a Microsoft 70-290 certification as well. If there’s any security practices and/or things that you would like explained, please comment with what they are and I’d be more than happy to get some answers put up with explanations on what the topic is and how to protect yourself.

    A majority of my posts are going to be for the person(s) that are security aware and are looking for answers that they might not have found yet. I encourage you to comment as well, so if you’re having issues installing a security program I can give you some insight on how to get it installed.

    I hope you enjoy your time here at security-focused and if there’s anything you’d like to see, please leave a comment and let me know.