Kali on My Mind
This week I branched out a little in my job search and applied for a governance and compliance job for the first time. Up until now I had been looking for SOC analyst and helpdesk jobs, but a job posting for governance scrolled by and it caught my eye. Why not? I enjoyed looking into GDPR guidelines during my studies and wrote a few papers on it that I was actually pretty proud of. Maybe I could help protect consumers and prevent breaches from a different angle than hunting down breaches and malicious actors.
Cyber security and protection comes in many different forms but up to this point I had really only considered if my focus would be on red team or blue team. Maybe I would become a penetration tester, or maybe I would work against them, but now I think maybe I should be considering other ways to work within Cyber. Even if it ends up not being governance, I’ve mentioned before in this blog the need for adequate training among an organization’s employees so that they know what to look for and how to reduce risk to the network. There are many possible paths ahead and I may be doing myself and potential future employers a disservice by not considering these other paths.
Then again, a friend of mine showed me a buffer overflow for the first time this week too and watching him compromise a virtual machine by sending 2560 “A”s into an input field (plus other code after that obviously) was incredibly interesting. So maybe more than changing focus I’m thinking of broadening my options. There’s no reason I can’t learn about compliance while also learning about buffer overflows and how to stop them. One doesn’t preclude the other. And at some point when I find the right opportunity, this way I’ll be ready for whatever comes my way.