Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
It’s one thing to hear about the need for trained cybersecurity professionals from a trade publication or news article.
It’s another to hear of the need first-hand from an experienced military veteran like Shaz Baig, who is already serving in the trenches of enterprise security.
“It is in the American national interest and an imperative for America to be able to defend itself against attacks and neutralize an enemy’s offensive capabilities to conduct those attacks,” states Baig. “It is likewise imperative that active duty military cybersecurity experts and practitioners have access to the training needed to better themselves.”
It’s perspectives, motivations and skill sets like those of Baig’s that exemplify the purpose behind Infosec’s Accelerate Scholarship and why he has been named to the 2022 class of winners.
FREE role-guided training plans
The life of a professional cyber threat hunter
Daily, Baig works to support a vast cyber threat intelligence apparatus supporting Citigroup, the international financial services business.
“We gather intelligence for various sources, use security tools to pivot on [indicators of compromise] IOCs, try to find more intelligence and move on toward more IOCs,” shared Baig about his current team, “We then feed that to the security operations centers and provide assistance to other threat intelligence-gathering such as tracking tactical threats or a bunch of campaigns from one strategic threat actor.”
Ultimately, Baig and his team combine all of this data and analysis for the senior technical and operational leadership, giving them the information they need to better understand the threat landscape and how they should respond.
“It can get stressful at times.”
Life is a journey, not a destination
In contrast to the highly technical nature of his current role, Baig’s relationship with technology wasn’t always at this point.
“I first became interested in it when I decided, ‘You know what? Computers are really intriguing. I don't know much about them. I would like to learn more about them,’” reflects Baig. “So I started taking courses online, whatever I could find.”
Baig learned about cybersecurity during this journey, which immediately piqued his curiosity. “I saw the need for it, and it clicked with me as something that's interesting and challenging,”
As with many in the field, Baig has thrived because he realized early that cybersecurity requires practitioners to embrace self-teaching. Fast forward to today, and Baig now holds multiple cybersecurity certifications.
The recipe for a successful cybersecurity professional
While Baig believes many qualities make for a strong cybersecurity professional, one trait, in particular, stands out.
“I would say the most important one would be to take accountability for what you need to know and what your responsibilities are.”
Whether that person works alone or as part of a team, Baig believes that this self-accountability and drive pushes a professional forward and helps them to make a more significant impact. “They need to take their craft seriously and teach themselves.” This is especially true today as technologies, threats and attack surfaces constantly evolve.
In particular, Baig highlights the qualities innate in today’s military veterans. “Veterans are a natural fit for the cybersecurity industry and will undoubtedly make valuable contributions to it,” said Baig, “Veterans have proven themselves as natural go-getters, which is an essential trait in a field where trust must be placed upon a few subject matter experts for the security needs of an entire enterprise or organization.”
Not only that, Baig emphasized veterans’ rugged work ethic and ability to focus, especially during emergencies or incidents when calm and focus are essential.
Regardless of one’s military service, however, Baig recommends junior practitioners identify the position they want to be in 5 to 10 years and identify a specific plan to obtain the skills and experiences those roles expect.
What should you learn next?
Looking ahead to expanding his impact
Baig hopes to amplify this impact in the field by starting his own cybersecurity company, offering a complete range of threat intelligence and security services.
First, Baig wants to offer incident response, incident handling, forensic work, offensive security and threat hunting. “Once that gets going, I want to branch out into managed threat and create my own intelligence department.”
Backed by the full suite of Infosec training and bootcamps and a mindset for service, and the motivation to own his own business, we expect to hear a lot more about Baig’s successes.