Chapter 1: Curiosity Sparked
As a child, I was always naturally curious about technology. I remember being fascinated by computers and the potential they held for unlocking new possibilities. This interest only grew as I got older, and I found myself drawn to the cybersecurity field.
My journey in cybersecurity started when I was in the fifth grade. I remember encountering a computer game called Mario for the first time. Despite the warning from our teacher, I couldn't resist the allure of the game. I was immediately hooked, and that first encounter opened the door to a lifelong love affair with technology.
As I progressed through my studies, I found myself increasingly drawn to the cybersecurity field. I remember spending countless hours reading books and researching the field. I was particularly interested in the idea of hacking and how individuals could exploit vulnerabilities in computer systems.
I remember once hacking into my sister's account to practice my skills. Of course, I had her permission and was careful not to cause any damage, but it was a thrilling experience nonetheless. It was through experiences like this that I began to realize that I had a natural knack for cybersecurity.
Chapter 2: University Days
During my university days, I found theoretical classes to be dull and often sought out other ways to expand my knowledge. It was during this time that I discovered the cybersecurity field in earnest. I began attending industry events and conferences, and I started to immerse myself in the world of cybersecurity.
After completing my degree, I worked in a few different companies for short periods to gain experience. I worked as a developer and a tester, but I quickly became bored with the work. Eventually, I found my way back to my first love, technical support. As a technical specialist, I provided support to customers on various hardware and software components, including printers, PCs, laptops, mobile devices, and internet connectivity issues. I installed and configured hardware and software components from vendors like HP, VMware, and Cisco, conducted technology assessments, and recommended upgrades and complementary products to improve customer security. I also assisted in the development and maintenance of technical documentation and training materials and trained customers on the proper use of hardware and software applications.
However, I still felt that I was not fully utilizing my potential, and I decided to pursue a master's degree in Information Security in Cyber Forensics. During my second year, I attended an event organized by Deloitte, which opened my eyes to the vast world of security and the many career opportunities available in this field. I was particularly interested in the MSS analyst role, and I decided to pursue it further.
As an MSS analyst intern, I analyzed security incidents and reported findings to relevant stakeholders. I utilized tools such as Security Onion, Cuckoo Sandbox, and Alien Vault to detect and investigate potential threats, technologies such as ModSecurity, Snort, and OWASP Framework to strengthen the security posture of systems, and demonstrated a working knowledge of monitoring global network intrusion detection systems, firewalls, and log correlation tools for potential threats. I also possessed knowledge of basic networking concepts such as the OSI model, TCP/IP, and Wi-Fi and leveraged SIEM tools to monitor, detect, and respond to potential security threats.
After completing my internship, I pursued my interest in criminal investigations by doing my final year project in criminal forensics. I also pursued diplomas in Forensic Psychology and Database Management system. During this time, I worked as a Cyber Security Specialist at Syscloud Technology.
Chapter 3: Discovering My Passion
After completing my internship as an MSS analyst, I realized that criminal forensics piqued my interest. I pursued my interest by doing my final year project in criminal forensics and also pursued diplomas in Forensic Psychology and Database Management system.
During this time, I worked as a Cyber Security Specialist at Syscloud Technology. Here, I conducted physical security assessments of servers, systems, and network devices to identify vulnerabilities and potential threats. I collaborated with management and IT teams to research, document, and discuss security findings and develop solutions. I provided support to other teams, including API testing, code deployment, continuous integration deployment, and human monitoring.
To enhance the security posture of Syscloud Technology's systems, I utilized various tools such as SonarQube, Sonargraph, and PHPStorm for static code analysis and integrated them with Jenkins for automation. I also conducted open-source code analysis using Checkmarx and ScanCode Toolkit to identify vulnerabilities and ensure compliance with security policies. I applied machine learning algorithms and security and compliance policies to identify and prevent threats related to confidential and sensitive data policy, suspicious login, excessive behavior, and life-threatening situations.
To ensure maximum security, I utilized CI/CD, CloudFormation, and Lambda functions in AWS to optimize deployment processes. This ensured that security measures were implemented right from the start, minimizing the chances of any security breaches.
My time at Syscloud Technology was incredibly rewarding as it provided me with the opportunity to work on diverse cybersecurity initiatives. I was able to utilize my skills and knowledge to strengthen the security posture of the organization and enhance the overall security awareness of the team members.
Chapter 4: A Freelance Cybersecurity Journey: Protecting Clients' Systems
As a freelance cybersecurity specialist, I had the freedom to choose my projects and clients. This allowed me to work with a variety of businesses and organizations, each with their own unique needs and challenges. My approach was to conduct a thorough analysis of their systems and identify potential vulnerabilities and threats. Once these were identified, I would work with the client to develop a plan to strengthen their security defenses and protect their assets from cyber threats.
One of the most important aspects of my work as a freelance cybersecurity specialist was providing training and guidance to team members on how to prevent or minimize cybersecurity attacks and build a culture of security awareness within the organization. This was a critical component of ensuring that the client's systems were secure and protected.
I would often work closely with IT teams, helping them develop best practices and policies for security. This included conducting training sessions to educate team members on the latest cybersecurity threats and how to identify and respond to them. I would also provide guidance on the implementation of security measures and ensure that they were being followed.
In addition to training and guidance, I also conducted security assessments and audits of client systems to identify potential vulnerabilities and areas of improvement. This involved analyzing network traffic, system logs, and other data to identify potential security weaknesses. I would then work with the client to develop a plan to address these weaknesses and improve their overall security posture.
One of the key challenges of working as a freelance cybersecurity specialist was building trust with clients. Many clients were hesitant to trust an unknown freelancer with their cybersecurity needs. To overcome this, I would often offer a free consultation to understand their needs and explain my approach. This would help me build a relationship with the client and establish trust.
Another challenge was staying up-to-date with the latest threats and vulnerabilities. The cybersecurity landscape is constantly evolving, and it's essential to stay informed about the latest threats and how to protect against them. To do this, I would constantly read up on the latest developments in cybersecurity and attend industry events and conferences. This helped me stay ahead of the curve and provide the best possible service to my clients.
Working as a freelance cybersecurity specialist was an incredibly rewarding experience. It allowed me to work with a variety of clients, each with their own unique needs and challenges. This allowed me to gain a wealth of experience in a relatively short period of time. It also helped me develop a unique perspective on the cybersecurity landscape, which has proven invaluable in my subsequent roles.
Chapter 5: Working for a Japanese-based company
After a few years of freelancing, I decided to take on a new challenge and join a Japanese-based company as a SOC Analyst | Forensic Investigator | Penetration Tester | Malware Analyst | Incident Responder. This company provided me with an opportunity to work with a variety of clients from different industries and regions around the world. One of the key challenges I faced in this role was the need to stay up-to-date with the latest threats and vulnerabilities. To do this, I constantly read up on the latest developments in cybersecurity and attended industry events and conferences.
Chapter 6: Conclusion
Throughout my journey in cybersecurity, I have learned that the field is constantly evolving, and it's essential to stay up-to-date with the latest threats and trends. This requires a willingness to learn, adapt, and be open to new ideas.
As I look back on my experiences, I realize that curiosity and a passion for technology have been the driving forces behind my success in cybersecurity. These traits have helped me stay motivated and driven in a constantly changing field.
If you are interested in pursuing a career in cybersecurity, I encourage you to be curious, ask questions, and seek out new opportunities to learn and grow. Whether it's through formal education or hands-on experience, there are many paths you can take to enter this exciting field.
In conclusion, my journey in cybersecurity has been an exciting and fulfilling one. I am grateful for the experiences I've had and the people I've worked with. I look forward to continuing to learn, grow, and contribute to the field of cybersecurity in the years to come.
