Remodeling your career

for little to no money down

Donald C. Donzal, CISSP, MCSE, CEH, Security+ SME

The Digital Construction Company

Editor-In-Chief of The Ethical Hacker Network

Founder & Organizer of ChicagoCon

Writer & Presenter

Who is this guy to talk to me

about careers?

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Great career opportunity

Let’s be honest - Indirectly promote my

business

Learn from you

Give back to those who gave to me

(Thanks Ed)

Pay it forward

Free will – I wanted to be here

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

NewbieExperienced

• Tech Guru

• Management

• Entrepreneur

• Consultant

Currently not in IT, InfoSec or Ethical Hacking

Hugely successful and just here to heckle me. Be gentle.

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Catch 22 of experience & getting the jobYou have a job and not a careerFlat out boredYou’re simply NOT Happy!!You could be like me 7 years ago

Only you can answer the question.

AA Examples• It’s easy to quit. Coming to the decision to quit is the

hard part.• Bag of Poop Analogy

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Take a good, hard look at:

You – Demeanor & Style Skills – Tech & Non-Tech, Innate & Learned Desire – Who do you want to be when you grow up? Motivation – What gets you excited? Time – What do I ‘have’ to do, so I can do what I

‘want’ to do? Priorities – $$$$, Fame, Respect, Self-Esteem,

Interesting work Family Concerns – Now and in the future.

So do you know what your superpower is?

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Where is the pen testing field going?• Growing

Compliance – HIPAA, SOX, GLBA… and the hits just keep on comin’!

Acceptance as a legitimate (& lucrative) career

• Maturing & Specializing

Network (Wired & Wireless), Web App

OS – Windows, Linux

Exploit Dev, Tool Dev

Physical, Social Engineering

Project Management

Trainer, Courseware Developer

Reporter, Reviewer

Sales, Marketing

CEO, Upper management

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Questions to ask yourself:

Are you management material?

Do you have the technical chops?

Do you have foundational knowledge in

either?

Large corporation, SMB, or roll your own?

What do you have to do to get where you

want to be?

Can you really do it?

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

What do I want to be 5 years from now?

Where do I have to be 2.5 years from now

to meet that goal?

What do I have to do in the 1st year?

How far along should I be in 6 months?

What do I have to do

right now?SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Don’t just ask the questions… Answer

them!

If you can’t, research. That means both

you and your career path.

Make a plan - It’s not real until you write it

down.

Make a commitment – Tell others what

you plan to do. Self-induced peer

pressure WORKS!!

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Promote Yourself with Cheap AdvertisingBlogosphere – Create your own or join a

community – People are watchingCerts – Boot camps are not the only wayResume – Print, Online, FlashyPublishing – Offer articles for freeTeaching – Keeps you fresh, meet up-and-

comers, get paid wellPresenting – Build resume and

communication skillsMake friends – Success through associationEvents – See and be seen

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Be your own best recruiter, motivator & advocate Be willing to do the grunt work Ask – You’d be surprised what you’ll get if you

simply ask for it Get excited – Enthusiasm is infectious Volunteer

• Local Non-Profit

• Hackersforcharity.org

• Other Business Unit

6-Month Cash Reserve Take Chances – Every now and then, say what

the Heck, and make your move.

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Human nature to enjoy talking about

yourself

The IT mindset is wired to share

Those you admire were just like you

Don’t be shy

Most in IT are approachable

Bring a little get a lot

Never BS a BSer

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Path To Your Chosen Career:

Gift of free will

Take action

Be happy

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

The Ethical Hacker Network Cccure.org SecurityFocus.com InfosecWriters.com SANS Reading Room, Internet Storm Center Top 100 Network Security Tools by Fyodor -

sectools.org Free Magazines – Certification, CSO, eWeek,

Information Security, InfoWorld, Redmond, SC, Security, TechNet

Podcasts – PaulDotCom.com, SploitCast.com Events – ChicagoCon, DefCon, ShmooCon Google is your friend

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net

Don

The Digital Construction Company

don@digitalconstructionco.com

The Ethical Hacker Network

www.ethicalhacker.net

ChicagoConwww.chicagocon.com

SANS Pen Testing SummitThe Ethical Hacker Network www.ethicalhacker.net