SlideShare a Scribd company logo

OWASP - Analyst, Engineer or Consultant?

Download as PPTX, PDF
H
Harry McLaren

The document by Harry McLaren discusses various career paths in cybersecurity, emphasizing the importance of foundational knowledge, skills, and personal experiences. It outlines different roles within security domains and provides interview tips for aspiring professionals. Additionally, it offers resources for networking and professional development in the cybersecurity field.

Career
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Analyst, Engineer or Consultant? DOES IT EVEN MATTER?
Harry McLaren • Alumnus of Napier University • Managing Consultant at ECS [Security] • Splunk Enablement Lead, Engineer & Architect • Previous Roles: • Security Engineer, SOC Analyst, IT Technician @cyberharibu
Disclaimer • I’m Dangerous • [A little] knowledge is powerful right? • I’m speaking for me, not my employer. • These are thoughts, not facts.
Coming Up • Starting Out in Cybersecurity • Security Domains & Roles • Personal Journey • Foundational Knowledge & Skills • Interviewing Tips • Tips for ”Professionals” • Resources ~35mins
Who’s Here? Aspiring, Current, Former Professional
Starting Out in Cybersecurity Initial Career •Degree Education •Collage Education •Other Routes [Rare] Career Move •Business Skills •Soft[er] Skills •Formal Education IT Professional •Transferable Skills •Transferable Experience •Formal Education
Security Domains (ISC2 CBK) •Security and Risk Management •Asset Security •Security Engineering •Communications and Network Security •Identity and Access Management •Security Assessment and Testing •Security Operations •Software Development Security Primary Experience Secondary Experience
Security Operations Roles Tier 1/2 Support Analyst Security Analyst Expert Security Analyst Tier 2/3 Incident Investigator Threat Hunter SOC Consultant Management Shift Leader Incident Manager SOC Manager
Security Engineering Roles Build Associate Security Engineer/Consultant Security Engineer/Consultant Lead Specialist Security Engineer Consulting Security Engineer Manage Managing Consultant Principal Security Engineer
Personal Journey Consultant Engineer Analyst • IT Technician (2006) • Desktop Support (2011) • Senior Security Analyst (2013) • Security Engineer (2014) • Security Consultant (2016) • Senior Consultant (2017) • Managing Consultant (2018)
Emotional Journey In Denial / Imposter Terrified Scared
Foundational Knowledge & Skills Technical Competence/Experience Communication Skills Interpersonal Awareness
Interviewing Tips • CV (2-3 Pages, Clear, Concise, Skills, Community, Basics) • Preparation (Research, Interviewers, Arrival) • Situation, Task, Action, Result (STAR for Competency Questions) • During (Breathe, Vocalise, Water, Questions) • After (Relax, Review, Repeat)
Embrace Change Manage Expectations Promote [Safe] Failure Share the Fear Tips for ”Professionals”
Resources • Meetups • Splunk User Group Edinburgh • Security MeetUp Scotland • Cyber Scotland Connect • The Cyber Academy • ENU Security Society at Edinburgh Napier • Sigint Security Society at the University of Edinburgh • ISC2 Scottish Chapter • 2600 Edinburgh • ISACA Scottish Chapter • OWASP Scotland
OWASP - Analyst, Engineer or Consultant?

More Related Content

PDF
Most Important steps to become a hacker
E Hacking
 
PPTX
Information technology
Aaron Ephraim
 
PPTX
Tips to kick-start your Software Engineering Career - Ferdous Mahmud Shaon
Cefalo
 
PDF
Tips to Kick-start your Software Engineering Career
Ferdous Mahmud Shaon
 
PDF
2016 Hour of Code
Eric Sailers
 
PPTX
Cyber Scotland Connect: Getting into Cybersecurity (Deck 2)
Harry McLaren
 
PDF
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
PPTX
Cyber Scotland Connect: What is Security Engineering?
Harry McLaren
 
Most Important steps to become a hacker
E Hacking
 
Information technology
Aaron Ephraim
 
Tips to kick-start your Software Engineering Career - Ferdous Mahmud Shaon
Cefalo
 
Tips to Kick-start your Software Engineering Career
Ferdous Mahmud Shaon
 
2016 Hour of Code
Eric Sailers
 
Cyber Scotland Connect: Getting into Cybersecurity (Deck 2)
Harry McLaren
 
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
Cyber Scotland Connect: What is Security Engineering?
Harry McLaren
 

Similar to OWASP - Analyst, Engineer or Consultant? (20)

PDF
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
PDF
What type of training is required for cyber security.pdf
Bytecode Security
 
PDF
March 2014 B2B - Breaking into info sec
Raleigh ISSA
 
PDF
Rothke stimulating your career as an information security professional
Ben Rothke
 
PPTX
cybersecurity analyst.pptx
Boni Yeamin
 
PPTX
Cyber Ranges: A New Approach to Security
Security Innovation
 
PPTX
Career In Information security
Anant Shrivastava
 
PDF
WTF is Penetration Testing
Scott Sutherland
 
PPTX
Cyber Security Full Course 2023
Simplilearn
 
PDF
Careers in Cyber Security
Deep Shankar Yadav
 
PPTX
FIVE TOP CYBER SECURITY CERTIFICATION.pptx
James Binny
 
PDF
Skill Set Needed to work successfully in a SOC
Fuad Khan
 
PDF
Professional and Technology Services
The Consulting Practice Inc.
 
PPTX
Cyber Scotland Connect: Getting into Cybersecurity (Deck 1)
Harry McLaren
 
PPTX
2021 BSides Tampa Cyber Security Careers
Scott Stanton
 
PDF
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdf
priyanshamadhwal2
 
PPTX
Cybersecurity and the future of work Securing Remote workforces in 2024 and b...
digitalxplive
 
PDF
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...
DevOpsDays Riga
 
PDF
Reducing inertia in organizations is the key to a successful DevOps transition
Joep Piscaer
 
PPTX
How To Become An IT Security Risk Analyst
Niloufer Tamboly CISSP, CPA, CIA, CISA, CFE
 
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
What type of training is required for cyber security.pdf
Bytecode Security
 
March 2014 B2B - Breaking into info sec
Raleigh ISSA
 
Rothke stimulating your career as an information security professional
Ben Rothke
 
cybersecurity analyst.pptx
Boni Yeamin
 
Cyber Ranges: A New Approach to Security
Security Innovation
 
Career In Information security
Anant Shrivastava
 
WTF is Penetration Testing
Scott Sutherland
 
Cyber Security Full Course 2023
Simplilearn
 
Careers in Cyber Security
Deep Shankar Yadav
 
FIVE TOP CYBER SECURITY CERTIFICATION.pptx
James Binny
 
Skill Set Needed to work successfully in a SOC
Fuad Khan
 
Professional and Technology Services
The Consulting Practice Inc.
 
Cyber Scotland Connect: Getting into Cybersecurity (Deck 1)
Harry McLaren
 
2021 BSides Tampa Cyber Security Careers
Scott Stanton
 
InfosecTrain_Certified_Information_Systems_Auditor_CISA_Course_Content.pdf
priyanshamadhwal2
 
Cybersecurity and the future of work Securing Remote workforces in 2024 and b...
digitalxplive
 
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...
DevOpsDays Riga
 
Reducing inertia in organizations is the key to a successful DevOps transition
Joep Piscaer
 
How To Become An IT Security Risk Analyst
Niloufer Tamboly CISSP, CPA, CIA, CISA, CFE
 
Ad

More from Harry McLaren (20)

PPTX
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Harry McLaren
 
PPTX
Modern Security Operations & Common Roles/Competencies
Harry McLaren
 
PPTX
Becoming a Defender (Blue Teams FTW!)
Harry McLaren
 
PPTX
Virtual Splunk User Group - Phantom Workbook Automation & Threat Hunting with...
Harry McLaren
 
PPTX
SOC Fundamental Roles & Skills
Harry McLaren
 
PPTX
Hunting Hard & Failing Fast (ScotSoft 2019)
Harry McLaren
 
PPTX
Splunk Phantom, the Endpoint Data Model & Splunk Security Essentials App!
Harry McLaren
 
PPTX
Collecting AWS Logs & Introducing Splunk New S3 Compatible Storage (SmartStore)
Harry McLaren
 
PPTX
Using Metrics for Fun, Developing with the KV Store + Javascript & News from ...
Harry McLaren
 
PPTX
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
PPTX
SplDevOps: Making Splunk Development a Breeze With a Deep Dive on DevOps' Con...
Harry McLaren
 
PPTX
Lessons on Human Vulnerability within InfoSec/Cyber
Harry McLaren
 
PPTX
Big Data For Threat Detection & Response
Harry McLaren
 
PPTX
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Harry McLaren
 
PPTX
Cyber Scotland Connect: Welcome & Purpose Statement
Harry McLaren
 
PPTX
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
PPTX
Securing the Enterprise/Cloud with Splunk at the Centre
Harry McLaren
 
PPTX
Security Meetup Scotland - August 2017 (Deconstructing SIEM)
Harry McLaren
 
PPTX
Deconstructing SIEM
Harry McLaren
 
PPTX
Supporting Splunk at Scale, Splunking at Home & Introduction to Enterprise Se...
Harry McLaren
 
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Harry McLaren
 
Modern Security Operations & Common Roles/Competencies
Harry McLaren
 
Becoming a Defender (Blue Teams FTW!)
Harry McLaren
 
Virtual Splunk User Group - Phantom Workbook Automation & Threat Hunting with...
Harry McLaren
 
SOC Fundamental Roles & Skills
Harry McLaren
 
Hunting Hard & Failing Fast (ScotSoft 2019)
Harry McLaren
 
Splunk Phantom, the Endpoint Data Model & Splunk Security Essentials App!
Harry McLaren
 
Collecting AWS Logs & Introducing Splunk New S3 Compatible Storage (SmartStore)
Harry McLaren
 
Using Metrics for Fun, Developing with the KV Store + Javascript & News from ...
Harry McLaren
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
SplDevOps: Making Splunk Development a Breeze With a Deep Dive on DevOps' Con...
Harry McLaren
 
Lessons on Human Vulnerability within InfoSec/Cyber
Harry McLaren
 
Big Data For Threat Detection & Response
Harry McLaren
 
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Harry McLaren
 
Cyber Scotland Connect: Welcome & Purpose Statement
Harry McLaren
 
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
Securing the Enterprise/Cloud with Splunk at the Centre
Harry McLaren
 
Security Meetup Scotland - August 2017 (Deconstructing SIEM)
Harry McLaren
 
Deconstructing SIEM
Harry McLaren
 
Supporting Splunk at Scale, Splunking at Home & Introduction to Enterprise Se...
Harry McLaren
 
Ad

Recently uploaded (20)

PDF
Entrepreneurship PowerPoint for students
dodopilow
 
PDF
Understanding the Rhetorical Situation Presentation in Blue Orange Muted Il_2...
Anurag854731
 
PPT
2- CELL INJURY L1 Medical (2) gggggggggg
princessbliss09
 
PPTX
Prokaryotes v Eukaryotes PowerPoint.pptx
Marimar830371
 
PPTX
1751884730-Visual Basic -Unitj CS B.pptx
herosupravat
 
PDF
CV of Architect Professor A F M Mohiuddin Akhand.pdf
ArchitectAFMMohiuddi
 
PPTX
The Stock at arrangement the stock and product.pptx
awanganiqkmal191
 
PPTX
Condensed_Food_Science_Lecture1_Precised.pptx
JyotiSharma572976
 
DOC
field study for teachers graduating samplr
yeyetharriet
 
PDF
Blue-Modern-Elegant-Presentation (1).pdf
hidalgoandreaa11
 
PPTX
OnePlus 13R – ⚡ All-Rounder King Performance: Snapdragon 8 Gen 3 – same as iQ...
venkataramana608186
 
PDF
Why Today’s Brands Need ORM & SEO Specialists More Than Ever.pdf
Nafiz Fuhad
 
PPTX
chapter 3_bem.pptxKLJLKJLKJLKJKJKLJKJKJKHJH
kaniece
 
PPT
BCH3201 (Enzymes and biocatalysis)-JEB (1).ppt
bamaiyiemmanuel905
 
PDF
LSR CASEBOOK 2024-25.pdf. very nice casbook
ssuser3b3cab1
 
PPTX
cse couse aefrfrqewrbqwrgbqgvq2w3vqbvq23rbgw3rnw345
sirajamalif
 
PDF
313302 DBMS UNIT 1 PPT for diploma Computer Eng Unit 2
HemantBansal35
 
PDF
esg-supply-chain-webinar-nov2018hkhkkh.pdf
tirupathi637
 
PPTX
Definition and Relation of Food Science( Lecture1).pptx
JyotiSharma572976
 
PPTX
Your Guide to a Winning Interview Aug 2025.
Bruce Bennett
 
Entrepreneurship PowerPoint for students
dodopilow
 
Understanding the Rhetorical Situation Presentation in Blue Orange Muted Il_2...
Anurag854731
 
2- CELL INJURY L1 Medical (2) gggggggggg
princessbliss09
 
Prokaryotes v Eukaryotes PowerPoint.pptx
Marimar830371
 
1751884730-Visual Basic -Unitj CS B.pptx
herosupravat
 
CV of Architect Professor A F M Mohiuddin Akhand.pdf
ArchitectAFMMohiuddi
 
The Stock at arrangement the stock and product.pptx
awanganiqkmal191
 
Condensed_Food_Science_Lecture1_Precised.pptx
JyotiSharma572976
 
field study for teachers graduating samplr
yeyetharriet
 
Blue-Modern-Elegant-Presentation (1).pdf
hidalgoandreaa11
 
OnePlus 13R – ⚡ All-Rounder King Performance: Snapdragon 8 Gen 3 – same as iQ...
venkataramana608186
 
Why Today’s Brands Need ORM & SEO Specialists More Than Ever.pdf
Nafiz Fuhad
 
chapter 3_bem.pptxKLJLKJLKJLKJKJKLJKJKJKHJH
kaniece
 
BCH3201 (Enzymes and biocatalysis)-JEB (1).ppt
bamaiyiemmanuel905
 
LSR CASEBOOK 2024-25.pdf. very nice casbook
ssuser3b3cab1
 
cse couse aefrfrqewrbqwrgbqgvq2w3vqbvq23rbgw3rnw345
sirajamalif
 
313302 DBMS UNIT 1 PPT for diploma Computer Eng Unit 2
HemantBansal35
 
esg-supply-chain-webinar-nov2018hkhkkh.pdf
tirupathi637
 
Definition and Relation of Food Science( Lecture1).pptx
JyotiSharma572976
 
Your Guide to a Winning Interview Aug 2025.
Bruce Bennett
 

OWASP - Analyst, Engineer or Consultant?

  • 1. Analyst, Engineer or Consultant? DOES IT EVEN MATTER?
  • 2. Harry McLaren • Alumnus of Napier University • Managing Consultant at ECS [Security] • Splunk Enablement Lead, Engineer & Architect • Previous Roles: • Security Engineer, SOC Analyst, IT Technician @cyberharibu
  • 3. Disclaimer • I’m Dangerous • [A little] knowledge is powerful right? • I’m speaking for me, not my employer. • These are thoughts, not facts.
  • 4. Coming Up • Starting Out in Cybersecurity • Security Domains & Roles • Personal Journey • Foundational Knowledge & Skills • Interviewing Tips • Tips for ”Professionals” • Resources ~35mins
  • 5. Who’s Here? Aspiring, Current, Former Professional
  • 6. Starting Out in Cybersecurity Initial Career •Degree Education •Collage Education •Other Routes [Rare] Career Move •Business Skills •Soft[er] Skills •Formal Education IT Professional •Transferable Skills •Transferable Experience •Formal Education
  • 7. Security Domains (ISC2 CBK) •Security and Risk Management •Asset Security •Security Engineering •Communications and Network Security •Identity and Access Management •Security Assessment and Testing •Security Operations •Software Development Security Primary Experience Secondary Experience
  • 8. Security Operations Roles Tier 1/2 Support Analyst Security Analyst Expert Security Analyst Tier 2/3 Incident Investigator Threat Hunter SOC Consultant Management Shift Leader Incident Manager SOC Manager
  • 9. Security Engineering Roles Build Associate Security Engineer/Consultant Security Engineer/Consultant Lead Specialist Security Engineer Consulting Security Engineer Manage Managing Consultant Principal Security Engineer
  • 10. Personal Journey Consultant Engineer Analyst • IT Technician (2006) • Desktop Support (2011) • Senior Security Analyst (2013) • Security Engineer (2014) • Security Consultant (2016) • Senior Consultant (2017) • Managing Consultant (2018)
  • 11. Emotional Journey In Denial / Imposter Terrified Scared
  • 12. Foundational Knowledge & Skills Technical Competence/Experience Communication Skills Interpersonal Awareness
  • 13. Interviewing Tips • CV (2-3 Pages, Clear, Concise, Skills, Community, Basics) • Preparation (Research, Interviewers, Arrival) • Situation, Task, Action, Result (STAR for Competency Questions) • During (Breathe, Vocalise, Water, Questions) • After (Relax, Review, Repeat)
  • 15. Resources • Meetups • Splunk User Group Edinburgh • Security MeetUp Scotland • Cyber Scotland Connect • The Cyber Academy • ENU Security Society at Edinburgh Napier • Sigint Security Society at the University of Edinburgh • ISC2 Scottish Chapter • 2600 Edinburgh • ISACA Scottish Chapter • OWASP Scotland