From Aimless IT Support Staffer to Professional Hunter of Hackers

rachelcantu

From Aimless IT Support Staffer to Professional Hunter of Hackers

As a security analyst at Rackspace, working in our 24x7 Customer Security Operations Center, I’m pretty much always on the hunt, eyes on our customer environments, actively searching through real-time host and network data.

My objective: sift through this vast amount of data to spot unusual, potentially malicious activity.

When anyone on the team spots something suspicious, we come together to determine the legitimacy of the event. If it proves to be malicious in nature, it’s all hands on deck and we transform into full incident response mode. It’s up to us to fully investigate the activity, determine its effect and eliminate the threat.

It’s an exciting, fulfilling career, yet it’s one I almost didn’t pursue, even though I’ve been interested in all things computer and sci-fi since my nerdy 90s childhood.

A statistical anomaly

As a woman in cybersecurity, I know I’m a statistical anomaly in the workforce. The majority of my co-workers are men — extremely bright, skilled and amazing individuals. Working on teams of mostly men doesn’t bother me. What does is the idea that the numbers may be discouraging other women from entering the field.

Please don’t let it. Cybersecurity as a profession is still a relatively new industry. And thanks to the field’s rapid growth, it has created many, many new jobs, yet the industry as a whole is hurting for new talent. I share my story in the hopes that other women, if they have an interest, even if they don’t currently have the right background or training, consider taking the leap.

Any action that requires someone to step out of his or her safe zone and pursue something largely unknown can be, in a word, uncomfortable. This was extremely true for me when I made the decision to change careers, from hairdresser to cybersecurity analyst.

An early interest, a long road to get there

I’ve always been interested in tech and sci-fi. My older brother and I thrived on video games, electronics and late 80s-90s sci-fi and action flicks. My brother was always working on a computer or electronic project and really, I wanted to be just like him. I could not have been older than 7 when I was scolded for taking apart small household appliances and electronic toys to see how they worked. At one point, I am certain my parents revoked my screwdriver privileges. Being a kid-sister during this time period shaped my interests and ultimately created who I would become later in life. Movies like Hackers and Tron captivated me, and I have always been a huge fan of the cyberpunk genre.

Trouble was, when it was time for college, I had no idea I could actually get a job in cybersecurity (true, back then it was a much smaller field, but still). I enrolled in some courses, but without a clear path, I lost motivation quickly and ended up with miscellaneous college credits and no degree. Rather than carry on aimlessly, I took time off and worked in a variety of tech jobs. I started at an electronics and computer store selling computer hardware, which we offered to assemble in house as a service. I found myself drifting to the assembly area, talking to our computer techs and learning all that I could.

I went from computer and electronic sales, to tech bench, to phone network support tech — I even worked as a satellite cable installer. But constantly job hopping was discouraging and finally, my mom suggested I go to trade school. I took a leap across the board and attended cosmetology school — but I couldn’t let my IT interests go. I remember sitting at my station one day, listing out careers that I wanted to pursue in my notebook. Cybersecurity was at the top of that list.

I worked as a hairdresser for all of about a year, but having a stable profession turned out to be the perfect launch point to go back to school. And this time, I knew what I would pursue.

The first step was re-enrolling in college. My field of study was primarily network and systems administration, but those courses didn’t cover cybersecurity in detail, so I decided to look at each lesson from a security standpoint and the perspective of a potential attacker. I spent many hours outside the classroom, delving into books and online resources. In essence, I created my own program to supplement my coursework.

While in school, I applied for a security analyst internship at Rackspace, which ultimately evolved into my current career.

From classroom to real world

Applying knowledge gained in school to the real world can be difficult, so internships are a great way to get some of that experience. I was thrilled to be offered an internship as a security analyst with Rackspace Managed Security. By far the most beneficial part of the entire experience was being able to connect with cyber security professionals of every level.

It was a little intimidating at first; the analysts at Rackspace have such a vast amount of technical knowledge. I was afraid I would never be able to get on their level. I spent the first two weeks getting familiar with the tools and the overall processes in place. After that, I essentially functioned as a level one analyst, with guidance from the entire team.

By the time my internship turned into a full time job seven months later, I was confident, and even more excited about the field I had chosen. Cybersecurity can be a technically challenging profession, but for me, that’s only served as motivation. The knowledge is out there, open source, readily available to anyone with the desire to learn more. Self-study is really a wonderful thing and something I use daily on the job. I encourage anyone curious to go online, discover resources, start exploring and challenge yourself to learn something new every day.

Cybersecurity analyst: hunter of hackers, protector of systems

Between investigating security events, proactive cyber hunting and incident response, analysts at Rackspace get to spend time in research mode, reading security articles, working on our technical skills and generally becoming stronger analysts.

When it comes to cybersecurity, not keeping up is not an option. Hackers are gonna hack, and they spend a lot of time building their skills. Security professionals have to be equally driven if we plan to gain any ground against them.

Luckily, actively hunting hackers is fascinating. Every customer’s environment we manage is unique, and the type of activity we search for varies from company to company. Our searches cover every step of the attack lifecycle and we work closely with our threat intelligence team to create hunt campaigns based on current vulnerabilities and exploits. Looking at system behavior and patterns over time, we are able to spot anomalies and potential vulnerabilities. We are the first responders in the event of a compromise.

Once malicious activity is detected, the clock starts ticking. While we work to shut down the attack, we also have multiple streams of communication going. We are in constant contact with other Rackspace teams, plus providing updates to the customer. Incident response mode is the prime time to see our teams shine. Each analyst has his or her role and skillset, and it takes us all working together to complete the task.

From my experience, cybersecurity is full of people who love what they do. We love the opportunity to pass knowledge on to those who have the desire to learn. I encourage women — anyone, really — with an interest in cybersecurity to pursue it. Look for cybersecurity meet-up groups in your area and sign up. Depending on location, there may be conferences and events to attend. Find a mentor to learn more, and even help you create a career path.

No matter your background, if you have the interest and the mindset, we need you!