And Now for Something Completely Different...
24 Sep 2015In the words of the immortal Graham Chapman of Monty Python, “Right, what’s all this then?”
I have a confession: I’m burnt out.
I’ve been a security professional for the better part of seven years now. I’ve done everything from incident response, to network security (think firewalls/IDS), to risk assessments and security architecture. My industry demands that I be a jack-of-all-trades because we’re perpetually underfunded and undermanned. I’m the only person dedicated to security at an organization that protects almost 11-thousand users. Being spread that thin for that long will wear anyone out.
That said, I love my field. Information security is my passion and I want to continue to learn and grow. In an effort to focus that desire and avoid letting burnout beat me, I’ve decided to lay some groundwork for continuing professional development and share the journey here, mostly from a technical perspective.
So, other than a security professional, who am I? First and foremost, I’m the father of two wonderful children who challenge and delight me on a daily basis. I’m also a bit of a history/politics nerd, which actually serves me well in the information security field. I’m a football fan and a lover of craft beer. Finally, when I manage to carve the time, I still enjoy a good PC game; it’s hard not to when you were raised on Doom, Quake, and Descent.
What’s on tap? Much like Sir Bedevere, “I have a plan!”
Thankfully, my plan does not involve the misuse of Trojan rabbits. This blog will likely discuss professional development and my own journey from time to time, but the focus will be on the technical aspects of that work. I hope to share my experience as both a personal archive of the work and so that others may potentially benefit from the information. I have decided to focus my efforts on incident response, malware/intrusion analysis, and the curation and operationalization of threat intelligence. These are things I work on from time to time professionally, but despite the fact that I enjoy them immensely, they are not the focus of my job. I believe these areas are extremely valuable to any mature information security effort and I’d like to expand my horizons with regard to these specialties.
Thanks for reading, there’s more to come soon!