April 27, 2021

Mechanical Engineer Wanting to Dabble in Cyber/InfoSec

I’m a mechanical engineer with about 10 years professional experience. I started as a Computer Engineering major but switched to ME after the first year of CE (just enough to get my feet wet with Java, Matlab, basic transistor layouts, etc). I still have an interest in computer-related stuff though I’m behind the times due to not staying up-to-date with the latest hardware and software. What would some advice be if I wanted to eventually get into Cybersecurity or closely related? Coding? Website admin? Server admin? Thanks!

Comments

eNomineZerum

You are asking a wide open question there and posted 4 distinct domains. It is as much me asking if I should go into electric generators, diesel engine design, or explore turbines. But, gotta start somewhere.

If you want to get into cybersecurity, you first need to find where your passion lies. Security exists as an overlay over every bit of IT and as such you can start a career in say server administration before going into security, with a strong background as a Sysadmin. You could go straight into security though, you just have start studying.

As for paths, Security is more or less two distinct paths, blue team or red team. Blue team tends to be defensive stuff where you are using tools to defend, setting policy, trying to be proactive while also responding to threats as they emerge. Red team tends to be offensive stuff, where you stay up to date on threats and either create your own or tweak other’s tools to try and legally get into environments. I’d say Blue team has more job openings because everyone wants a security team to defend their company.

Of course my blue/red team statement is largely focusing on IT and not even digging into the programming aspect of things. If you really want to go into coding and start working on the solutions that stop threats, or crafting your own threats, that is a different skillset.

As for what to start studying. Until you are more aware of what specifically interest you, just pick up some security books and start reading. Listen to podcasts. I’d suggest podcasts like Hacked, Darknet Diaries, and maybe even TWITs Security Now. For reading, start with something like Sandworm or Click Here To Kill Everybody. For training, Ensure you have a computer capable of decent virtualization and pony up the money for a buffet-style video on demand site like Plural Sight. There are WEEKS of video you can start exploring and consuming before finding a path that suits you. If you really want a more focused path to study for, look at the CompTIA Sec+, CompTIA CySA+, and Cisco CyberOps Associate certs. If you need additional video sources, Udemy always runs crazy sales on training videos and even if a course is $200, expect it to drop to $20 at least weekly.

As you study, skills that have near universal appeal are networking, cloud, and automation. If cloud appeals to you, Azure and AWS are both fine choices and both have baby, intermediate, and security certs to learn their respective technologies.

Sorry if this is rambling, your question is pretty wide open and there isn’t a straightforward answer.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.