A Possible First Step Towards Cyber Security Employment - Advice Sought for CND Academy
Andy Cuff - FBCS VR ðŸŒâš“
CEO & Founder @ Computer Network Defence Ltd | Cyber Security | Superyacht Cyber
-
What Training Courses (16 weeks) Would you Suggest To Create a Cyber Consultant?
-
Are You Able To Recommend Any Students?
-
Starting August 2016
-
Cheeky, but please consider sharing, liking but especially commenting
We have been approached by a SIGNIFICANT Client to find 12 Cyber Security Graduates to enter into a Graduate Scheme of our choosing. The requirment has changed slightly and they now don't have to be university students, though they do have to be passionate about cyber security and capable with it.
Once the intensive training period is complete, they will spend a few weeks with the Pen Testing team and then out to work alongside mentors
After 12 months the candidates will move into either their Network Security consultancy, or their Penetration Testing Team, dependant upon the candidates/clients preference or candidates capability.
The candidates will be paid a salary, have all their travel paid for, all the training paid for, though they will have to sign a return of service, (not immediately). I would like the training to be World Class from the likes of Sans Institute, PGI International etc with a conference such as BlackHat/Defcon thrown in for good measure.
Our Year One Objectives
This first year, they would like us to recruit 8 from the UK (EU) and the client will send another 4 over from Australia for the training element. Obviously the students will need to be eligible to work in the UK and already have working visas. Student, or tourist visas will not suffice.
In subsequent years, the client will advise us about which countries they want us to recruit for
Training Programme
We need to come up with about 16 weeks of security training, I've done this before with military guys and taken them from zero to hero and planned on doing similar.
There will be an element of soft skills around emotional intelligence etc and we may need to fill some gaps between courses with CBT etc
These new recruits should be able to able to hit the ground walking and should therefore be able to skip the basics.
Are You Able To Help
I am wondering if any of my connections have any advice about how they would approach this, what courses they would recommend and even recommendations of awesome folk who are extremely capable and want to go to the next level as part of the scheme
we have our own ideas and thoughts on how to approach this and have a coarse plan already set up for the various courses we are consideing, though I'm mindful that some of my connections are truly awesome in such matters
image from http://engineering.nyu.edu/press-release/2015/11/16/worlds-largest-student-security-contest-names-top-cyber-sleuths
VP Services at Praetorian
9y"What courses would you suggest?" is the wrong question to be asking. If you've defined what successful (post academy) graduates and their attributes look like, then you can reverse engineer paths to get there. Once you pair that with preselection & continuous validation, determining which classes becomes fairly trivial.
UK & Aus Founder. Investor. CEO/Director. Scale-ups. Operational and policy expertise in data, cyber security, identity, privacy, cloud, AI and Deep Tech. Government, Defence and National Security experience.
9yAndy. A great initiative. I wish you success. If you haven't already you may want to speak to Claire Alexander at the Corsham Institute
Operating Partner at SYN Ventures
9ySpend a few days on history (at least back to the phone stuff from the 70's, maybe even some of the Berkeley/MIT roots in the 60s), towards the beginning. It gives a frame of reference through the training period (stuff you can reference back to). It shows the evolution of the environment, the good guys, and the bad guys. It can both inspire and ground them in the real world (seperate the fiction from the facts, which is often stranger). Too many fresh folks come up and spend too much time reinventing the wheel because they don't have a solid ground to stand on.
Group Chief Information Security Officer (CISO), BoD Member, & occasionally; speaker, author, advisor, and researcher
9yFor the best candidates focus on the fundamentals with deep knowledge of computer science, systems, architectures, networking, and with a willingness to learn. Then it's easy to teach the rest! There are a number of universities that run summer schools or masters courses, some even with industry backing or courses from SANS or CREST