Behind the scenes: A day in the life of a cybersecurity expert

3 years ago 448

Leading a squad is benignant of similar erstwhile a burglar alarm goes disconnected and "you're the police," says the caput of cybersecurity astatine ExpressVPN.

aaron-solo.jpg

Aaron Engel 

Image: ExpressVPN

Aaron Engel was calved successful Seabrook, Texas, a Houston suburb with astir 10,000 people, successful 1984. His dad, a precocious schoolhouse teacher, scored discounts connected machine products, truthful Aaron got a Commodore 64 astatine a "very, precise young age." But Engel's archetypal imagination occupation astatine property 10 was to beryllium an accountant. It was "a spot unusual," helium said, "but I liked to enactment with numbers, and thought it would beryllium a unchangeable occupation that was bully and secure." Later, his uncle encouraged him to deliberation astir a vocation successful computers. 

"He said: 'Hey, Aaron, I've got an thought for you. You similar computers a lot. You should cheque retired machine security,'" Engel recalled. His uncle told him astir the Information Assurance Scholarship Program tally by the US Department of Defense, "and, he's like, 'if you get this, your beingness is set.'"

Now the caput of cybersecurity astatine ExpressVPN, wherever helium leads a squad of cybersecurity engineers, Engel tin hint his involvement successful the tract backmost to that point. He did get the scholarship, which meant helium got a afloat thrust astatine the University of Tulsa, and a guaranteed occupation astatine the Defense Department afterward. That progressive traveling to subject bases crossed the U.S. doing cybersecurity work, similar reverse engineering of malware, integer forensics, and helium was a systems administrator, essentially, for the national government.

SEE: Security incidental effect policy (TechRepublic Premium)

Engel said helium yet grew bushed of the relation and got a occupation astatine IBM arsenic a information analyst, "looking for intrusions, moving connected it, analyzing it, and moving with the U.S. authorities still, indirectly, arsenic an worker of IBM," helium said. Later, helium transitioned to information engineering, with much originative control, and became information engineering squad pb astatine IBM. Then, helium moved to JPMorgan Chase arsenic a SOC analyst, which was breathtaking for Engel, helium said, due to the fact that it brought him to London and past Singapore. 

A twelvemonth and a fractional ago, Engel moved to ExpressVPN, his existent employer, successful Singapore. ExpressVPN supports clients connected Windows, Macs, Lennox, Android and iOS devices, securing web information earlier it gets sent out. "It's precise user-friendly," Engel said. "You fundamentally pat 1 fastener and bam."

A inheritance successful machine subject and programming is important for a vocation successful cybersecurity, Engel believes, due to the fact that it sets the close foundations. "Once you cognize however things work, you past cognize however to either support them oregon onslaught them," helium said. His cybersecurity acquisition was besides important—but it's presently lone offered successful a fistful of universities successful America. On apical of this, there's a batch of learning connected the occupation and learning connected your own. "Always beryllium hungry," Engel advised. "You person to privation to learn, you person to privation to grow, and you person to beryllium consenting to person that passion. Otherwise, it'll conscionable autumn behind."

The existent threats that Engel handles astatine ExpressVPN are chiefly societal engineering, phishing emails and communal threats that mostly prey upon users. He loves moving astatine ExpressVPN successful portion due to the fact that "we're ever leveraging caller technologies," helium said. "Using these caller technologies lets you bash chill things, absorbing things much efficiently and faster and conscionable lets america beryllium a much unafraid environment."

Engel manages 3 teams astatine ExpressVPN—"security engineering, the information cognition halfway analysts, who are liable for looking for threats wrong of our environment, and past yet we besides person a radical of reddish teamers and penetration testers." He besides liaises with different section heads to marque definite they're up to day connected the services and are incorporating information into their teams.

"My biggest situation is however to find what we request to enactment connected next," Engel said. "There's lone truthful overmuch clip successful the satellite and you lone person truthful overmuch manpower. We person truthful galore ideas that we privation to execute and present to guarantee information and privacy, and we don't similar to remainder connected our laurels. We're not conscionable going to say, 'oh, this is an 8 retired of 10, truthful we don't request to interaction it anymore.' We privation to beryllium 10 retired of 10 everywhere."

As for the amusive part, "analysis connected information events is simply a batch of amusive due to the fact that it's my background," helium said. "I emotion that benignant of thing." While helium can't spell into details connected this, due to the fact that of information reasons, it's an around-the-clock job. The automated systems tin interaction Engel astatine immoderate clip if thing highly captious occurs—"like having a burglar alarm astatine your location oregon thing similar that," helium said. "Someone's attempting to break-in. And successful this example, we are the police."

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

"A communal misconception astir cybersecurity is that it's virtually conscionable 2 radical sitting successful a acheronian country waiting for a surface to crook red, and past they possibly flick a mates buttons," Engel said. "It couldn't beryllium further from the truth."

Instead, the occupation is each astir being proactive. "Alerts, crafting of alerts, doing research, learning astir caller things, improving your knowledge, moving to amended caller information controls," Engel said. "These are each the things that are really occurring from the defender side."

"That's the lone mode we tin adjacent effort to enactment up of the curve," helium added.

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also see

Read Entire Article