Hacking into Security - Career Talks Ricki Burke

In this episode, we catch up with Jacqui Loustau, the Founder of the AWSN (Australian Women in Security Network) and Principal Security Consultant for Cynch Security.

Jacqui gained excellent experience working overseas in security was planning to come back to Australia and had more difficulty than she expected in landing a job. We walk through Jacqui's story of getting into security, her challenges in landing a job, what got her to start what would become such an influential security community, the future for AWSN and how organisations can do more to attract a more diverse culture.

Knowing Jacqui over the years has given me some insight into the incredible demand in starting a security community. Impressively, Jacqui decided "to take 6 months and get it (AWSN) up and running properly!" and is now getting paid for her AWSN work.

In this episode, we catch up with John Jackson (@johnjhacking) an Application Security Engineer at Shutterstock.

John never thought he would have a career sitting at a computer, let alone in cybersecurity. We walk through John's journey from being a Petroleum Engineer in the United States Marine Corps to eventually working in application security, penetration testing, security research and bug bounties.

We also discuss the reality of applying for hundreds of jobs to land something, taking different roles to help him progress and a story that highlights some of the dangers that can happen to curious security researchers.

In this episode, we catch up with Charl van der Walt (@charlvdwalt), Head Of Security Research at Orange Cyberdefense and one of the original founders of SensePost.

We talk through the origins of how SensePost got started, what it was like to build a business over 20 plus years and eventually sell and become part of a much larger company.

Charl also spoke about a personal topic he is driving around gettings organisations to think differently in their approach to gender diversity.

In this episode, we catch up with Keith Hoodlet (@securingdev) Senior Manager, Application Experience at Thermo Fisher Scientific.

Keith has a strong background in application security and is the former host for 55 episodes on the Application Security Weekly podcast. I saw a tweet by Keith and wanted to dig deeper in that. The tweet was responding to Dino Dai Zovi who said "Security" as a single dimension of expertise increasingly makes no sense. Saying that you are a "security expert" is like saying you are a "computer expert." Computing is a part of everything we do and we don't isolate expertise on all of it within the "computers team.", Keith said "Agreed; in the same way that Ops became part of the Software Engineering team, we need Security to become part of the Software Engineering team.

This is why I say that Security is a Feature, because features are:
- Funded
- Have time allocated to them
- Are tested and maintained"

We also walk through Keith's journey into the industry and also share advice to companies looking to mature their Application Security and DevSecOps.

You can watch Keith's keynote talk at OWASP AppSec Day Melbourne 2018

https://www.youtube.com/watch?v=QT_omddhJzo&list=PLPvxR0i93gjQjrIJK0PdMdFkUbnHhRBRN&index=2&t=0s

In this episode, we catch up with Toni James (@_tonijames), Security Advisor and CHCon co-organiser.

Toni was a snowboarder, managing a large team but wanted more. She decided to go back to university as a mature student and mum. Not easy to juggle! She went on to finish her Computer Science degree, an Google Anita Borg Scholar, then Software Engineer and started getting into the security community.

Toni talks very openly about her journey, the challenges she faced and shared excellent advice to others out there.

In this episode, we catch up with @mubix (Rob Fuller), a is red teamer turned purple teamer. He started his career in the United States Marine Corps working with explosives and has gone on to have a highly successful career in the security industry working at companies like Rapid7, GE, Uber, Cruise Automation and now Balck Hills Information Security, as well as contributing back in many ways to the security community and speaking at many conferences around the world.Mubix shares his journey, stories along the way, as well as going deeper into both red and purple teaming.