Hey folks, I'll be at DEF CON in Vegas this year! Would love to see you all there!

• 
  
• Jack's Parties: https://twitter.com/JackRhysider/status/1686785376327987200
• 
  
• 
  
• Checkout Miscreants at the Vendor Area: https://www.miscreants.com/
• 
  

See omnystudio.com/listener for privacy information.

Journey into Cybersecurity and OSCP Certification with Rana Khalil

This episode features Rana Khalil, a Senior Cybersecurity Assessment Analyst with a rich background in pen-testing, especially in the financial sector. Rana shares her non-traditional entry into technology, starting with a dislike for her first laptop and phone, transitioning from biochemistry to a math degree, and eventually finding a passion in computer science, leading her to cryptography and cybersecurity. Her academic journey includes significant work in cryptography, under the tutelage of Carlisle Adams, and a master’s project on web application vulnerability scanners. Rana discusses her motivation and relentless pursuit of the OSCP certification, highlighting the importance of hands-on experience, teaching, and documenting the learning process through write-ups. She also conveys the value of previous experience in related fields, the significance of specializing and pacing in learning, and shares insights into her career progression, including valuable advice for people aspiring to enter the cybersecurity field.

00:00 Introduction and Guest Background

01:47 Rana's Journey into Cybersecurity

02:45 Rana's Early Interest in Mathematics and Cryptography

05:47 Transition into Computer Science and Web Security

10:52 Master's Research on Web Application Vulnerability Scanners

13:02 First Security Job and the Impact of Public Speaking

15:11 Journey to the OSCP Certification

17:36 The Value of Self-Study and Accountability

18:53 Reflections on the OSCP Experience

20:59 Understanding the OCP Exam

21:13 The Importance of Lab Time

22:18 The Value of Documenting Your Journey

22:49 Introduction to the OSWE Certification

25:07 The Role of Experience in Security

25:16 The Life of a Security Professional

25:25 The Importance of Specialization in Security

26:24 The Value of Previous Experience in Security

29:55 The Challenges and Rewards of Pen Testing

30:43 The Balance of Work and Personal Time in Security

34:58 The Importance of Focusing on One Area in Security

37:07 The Importance of Understanding Source Code

38:11 Final Thoughts and Advice

Norman Weekes is on the Security Operations Team at Salesforce. He is in charge of scanning their infrastructure and ensuring that everything is set up and operating properly.

Norman already spent almost a year in the information security world. This is also his first official full-time security job. After going through different job contracts, he believes that if everything's shut down early, there's no reason not to just get in a good routine and go after whatever certification or whatever job you want. This episode will undoubtedly inspire and assist job contractors who are considering a career in the information security world.

LINKS

Linkedin: https://www.linkedin.com/in/normanjr/

Intro Music: https://trash80.com/#/content/133/weeklybeats-2012-week5

Security and Privacy Framework: iapp.org

Full Show Notes: https://www.gettingintoinfosec.com/

See omnystudio.com/listener for privacy information.