Breaking into

Information Security Career

Shafeeque Olassery Kunnikkal

C|EH, E|CSA, C|HFI, C|EI, MCP
Founder & CTO
Graytips Cyber Technologies
Email: shafeeque@graytips.com
Mobile: +966 545446150
 TOPICS
1. Cyber Security ?
2. Cyber Security Job Classification
3. Information Security Career Path
4. Various Jobs and General Job Roles
5. Certification Bodies
6. Questions
1. Cyber Security ?
2. Information Security Job Classification

• Refer : Info_security.pdf
 3. Information Security Career Path
Log Analysis-> Server Hardening ->
Vulnerability analysis ->
Penetration Testing junior team member ->
Penetration Testing team lead ->
Security Architect -> Consultants ->
Chief Information Security Officer
 VARIOUS JOBS
AND
GENERAL JOB DUTIES
General Classification
»Tier 1
»Tier 2
»Tier 3
Tier 1 - JOBS
 Log Reviewer
• Periodically review critical log data within the environment.
• Logs originate from Applications Devices like router, firewall and
Webserver
• Logs will be centrally pulled by in SIEM - Security Information and
Event Management for easy monitoring
• Normally found in SOC - Security operations Centre
• Two types of Logs: Debugging/Informational and security.
• Informational logs are used for trouble shooting applications
• Security logs - may contains information such as the attacks
originated, what type of the attack is etc.
• General job duties
– Reviewing logs
– writing log filters
 Patch Management
• Ensuring patches are applied to computers and
devices.

• General job duties

– Testing Patches on non Production systems
– Setting up system for automatic Patch
management distribution
– Documenting the application Patches.
 Help Desk
• Supporting customers and employees for
daily operations

• General Job duties

– Directly answering in the phone
– Respond to email
– Working with tickets raised by customers or
employees
 System Administrator
• Job hours are different upon the size of the organization
• Some organization will have lesser number of computers to
manage
• Whereas large organization will have more number of Systems to
manage.
• General Job duties
– Reviewing escalated trouble tickets.
– Writing documentation. Writing scripts. Backup and restore
– Specifying reviewing, testing installing new software and
hardware
– Patch management
– Future platform planning and budgeting for system
 Network Administrator
• Complete management of the network
infrastructure of a company
• depends on the size of the organization, job
hours will be varying

• General Job duties

– Making standard changes to network
equipment based on predefined procedures
 Subject Matter Specialist
• A knowledgeable skilled and educated person
in a particular are

• General Job duties

– Research
– Documentation
– Mentoring
– Teaching
Tier 2 - JOBS
 Pen Tester
• One who tests network and web applications for vulnerabilities
• It includes testing Mobile Apps, Network devices and computers
• Wireless Network security testing.
• Many challenge to face.
• Technically sound knowledge is desirable for a Pentester.

• General Job Duties

– Performing scans, Finding vulnerabilities in devices and
computers
– Performing Social engineering
– Creating test reports, Creating exploits
– Doing research
– Presenting the research in security conferences
– Frequently travels, very good work load
 Vulnerability management
• Performing vulnerability analysis and creating
final reports

• General Job Duties

– Performing vulnerability scans
 Risk Assessor
• Part of Risk management team
• Identify critical risks to the organization and
classify the category for known risk
• Assessing overall risk profile of a organization

• General job Duties

– Performing risk assessment
– developing risks reports
– Travel based on location to location of the
organization
 Auditor
• Ensuring that an organization is doing what is
supposed to be
• checks against it's on policies and procedures
or a external standards like ISO 27000:2013

• General Job Duties

– Running audit against standards
– recommending remediation for issues
found
 Incident Responder
• Being Part of Incident management Process
team
• Addressing the issues reported and taking
actions based on the severity of incidents

• General Job Duties

– Forensic Analysis of Storage media,
computers, devices and network traffic
Information Security Trainer - Educator

• General JOB Duties

–Training the staff
–Developing Course contents
–Mentoring the team security team
members
–Researching
–Presenting security research in public
conferences.
 Subject Matter Expert
• Expert in one area or technically sound in
many information security area
• General Job Duties
–Researching
–Mentoring
–Writing white papers
–Documentation
–Reviewing others work
Tier 3 - JOBS
 Pentest Lead

• Leading the pentest team, involve in

customer interaction, assigning pentesting
tasks to team members
 Security Architect
• Responsible for Building a secured
network infrastructure

• General Job duties

–Technical Analysis
–Reading and summarizing papers,
–Presentations,
–Writing papers
 Lead Auditor
• General Job Duties
–Review Standards
–Set Specific Requirements
–Manage/Supervise other auditors
write reports
–Present summaries
–Run Audits
 Lead Security Risk Assessor
• General Job Duties

– Security Audit and risk document writing

– Editing review
– Executive presentations and summaries
 Security Consultants

• Give all technical analysis, suggest how to

build a Secured network, applications etc

• Responsible for giving suitable solutions

required for building highly secured
environment
 Security Management (CSO,CISO,
CPO)

• Chief Security Officer - Chief Information

Security Officer - Chief Privacy Officer
 Out of BOX Thinking
• Researcher, Security Blogger, Security Evangelist
• Speaker in Conference and Security Events
• Developing Security Open source based Security
tools
• Webcasts
• Running Live Security chats
• Building Information Security Communities and
Forums
• RED TEAM MEMBER/TIGER TEAM MEBER

• People having DEEP hacking and security testing

knowledge

• BLUE TEAM MEMBER

• Defending team while attack is happening in the

network
• They knows to respond to a security testing drill
5. Certification Bodies
• https://www.isc2.org/
• http://www.sans.org/
• http://www.crest-approved.org/

• https://www.isaca.org
JOB POTENTIAL
Our Initiatives http://www.ncdrc.res.in/
http://cyberdome.kerala.gov.in/
ACROSS GLOBE
CSOINLINE - REPORT
BURNING-GLASS REPORT
ETHICAL HACKING AND PENETRATION TESTING
• “Give me six hours to chop down a tree and I
will spend the first four sharpening the axe.”
Abraham Lincoln
 Reconnaissance/Footprinting/
Information gathering
• Depends on the attacker’s objective, they do
collect various information about the
target/victim
• It is the most time consuming phases in
hacking
• Two Types
– Active Information gathering
– Passive Information gathering
 Assume – Hacker Wants to
1. Compromise a Webserver - then he will collect
1. OS details
2. Services running
3. Web application Technologies
4. Webserver Details
5. Database Details
2. Wants to Steal your important information through
Social Engineering Attack – then he may collect
1. Email Addresses
2. Gather Sensitive information from your profile
3. Build a relationship with you
4. Exploit the relationship
5. Extract the information required.
 Demo time
• Netcraft, wappalyzer, telnet
• Google Hacking
• Port scanning – NMAP – Half open Scan
• Identifying Services and Version
• Looking for known vulnerabilities
• Attacking a machine Vulnerable Linux Machine
 Malware Threats
• Trojans
• Demo – nJRAT – Only in Instructor PC
• Packing inside a Game
• Antivirus evasion
– Veil-evasion
– Shellter
 Hacking Web Servers and Web
Applications
• SQL Injection Attack
• Cross Site Scripting Attack
• DEMO on Live Website - Steal website
credentials through the above attacks and
gain the access
 Android Hacking
Dangers of downloading and installing unknown
android packages.

Android Hacking on Live TAB

 Wifi - Attacks
Creating Fake Open Wi-Fi
Demo - Dangers of Connecting to open wifi –
How attackers steal your credentials while you
browse connecting to Open-WiFi
 How to Become
Professional Ethical Hacker
• Course and Career Path
?
THANK YOU