Top 10 Skills to Land Your First Cyber Security Job
Hola hackers, This blog will be different than the rest of my write-up. In this write-up, I will give you a kick start to get hold of the Top 10 skills in cyber security to land your first cyber security job. This blog will be a bit long, I hope you will hang with me till the end. So let’s get started.
Basic Skills:
- Linux: Hands-on experience with a Linux environment including usage of Linux commands, file system, network configuration and connectivity, user and group management, process and system monitoring, log management and log forwarding, and file permission.
- Web fundamentals:
- What happens when you search google.com in your browser?
- HTTP and HTTPs
- Request Headers
- SSL and TLS
- DNS
- Type of records(CNAME, A, TXT, MX)
3. Computer Network — Must have knowledge of Firewall, TCP, UDP, Port, IP, CIDR, Protocol, and Network Layers.
Scripting Language
Scripting language comes into the picture to write scripts or automation to detect or find security issues and help in developing tools. I suggest having good in Python. Apart from that you can also go with Bash, Go Lang or Rust.
Penetration Testing:
- Web Application Penetration Testing: To perform penetration testing of web applications, you must have knowledge of OWASP Top 10 and CWE Top 25.
- API Testing: Knowledge with OWASP Top 10 API Checklist.
- Mobile Application Security Testing: Mobile application testing includes skills from traffic analysis(API Testing) as well as you have experience with SSL pinning bypass, Frida, MobSF, and OWASP MAS.
Apart from that finding security issues in API and Application is not enough. You must have the knowledge to remediate the issue so that you can provide recommendations to the developers to fix the issues.
WAF (Web Application Firewall)
Almost every company uses a Web application firewall to protect the website from malicious attacks. Either they use open-source ModSec or WAF service providers like Cloudflare, Akamai, Prophaze, etc. The below skill is required for WAF
- Different types of firewalls
- How web application firewall works
- What is a proxy server: Reverse proxy and forward proxy
- Onboarding a Domain on WAF
You can create a free account on Cloudflare and explore the features of Cloudflare WAF. You can also set up a ModSec WAF on your own self-hosted server.
Cloud Security
Nowadays almost every company is using cloud services(AWS, GCP, Azure, etc.) to host the servers. Securing the resources on the cloud is important. So understanding of cloud services and types of misconfiguration in cloud services is required. Most of the company use AWS so I will mention services based on AWS:
- AWS Foundational Security Best Practices and CIS AWS Foundations Benchmark
- VPC, Subnet, Internet Gateway
- Security Groups
- Cloudtrail and Cloudwatch
- Inspector, Security Hub, and Guard Duty
- IAM Roles and Policies
- AWS Lambda
- KMS
- Integration of Open Source tool like Security Monkey, ScoutSuite with cloud
You can create a free account on AWS explore all the services and can have a hands-on experience. Just make sure to delete everything once you are done with the practice.
CI/CD Security
The security stage in the CICD pipeline adds an extra layer of security by performing security checks like Static Application Security Testing(SAST), secret scanning, and dependency scanning on the source code during the deployment of the code on the environment. Below are the skills which will give you the upper hand in the interview
- Integration and implementation of SonarQube: You can install SonarQube on a local device or server and explore it.
- Security stage in Jenkins or CICD Pipeline:
- SAST as SonarQube
- Git Secrets for secret scanning in source code
- Trivy for docker image scanning
- Any Dependency checker to scan vulnerabilities in 3rd party libraries or packages
To integrate Trivy into the CICD pipeline, I have written a blog you can read here.
Network Security
Knowledge and experience with below topics and tools is required:
- TCP/IP, UDP, and ICMP protocols.
- Routing and switching principles.
- Firewalls like Fortinet, routers, and switches
- Wireshark and tcpdump for network analysis
- WEP, WPA, WPA2 and WPA3.
- Uses and experience in Nmap and Metasploit
- Active Directory
VA Scan
To perform a vulnerability scan(VA) on the server, either the server is on the cloud or onPrem server. You need hands-on practice on:
- Implementation or installation of VA scanners like Vulns, OpenVAS, and Nessus in the server.
- Configuring and scheduling a scan using VA.
SOC
A Security Operations Center (SOC) plays an important role in defending organizations against cyber threats. This includes Log Monitoring and Analysis, Incident response, and management. Familiarity with the below knowledge will be a plus point.
- Wazuh
- Set up of a central Wazuh server
- Installation of wazuh agent on server
- Creating Search on Wazuh.
- Creating a Visualization Dashboard on Wauzh based on received logs
- Decoder and Alert rules in Wauzh - Threat Intelligence Portal
- Shodan
- Censys
- LeakIX
- OSINT
- VirusTotal
- AlienVault OTX
Risk and Compliance
- Risk Assessment: Ability to conduct risk assessment on tools, vendors and procedures.
- Policy Drafting: Skills to draft, review, and enforce security policies and procedures.
- Knowledge in Compliance framework like SOC2, ISO270001, GDPR, HIPAA and PCI DSS
- CIA triad — Confidentiality, Integrity, and Availability
Having theoretical knowledge on each topic is not enough, you should install each tool or software on VMs or even on your local device to get some hands-on experience.
At the end, I want to mention that don’t limit yourself to the mentioned topic only there are plenty of resources available over the internet to master the skills.
Thanks for reading, hope you will deeply learn the mentioned skills and land your first job in cyber security. Best of luck for your job hunting. Do clap and share if you like. Sayonara and Happy Hacking!
Twitter: 7he_unlucky_guy
Linkedin: Vijeta
