Training to become an Assured Ninja
by Benjamin Svensson 2017-09-04
Assured runs something we like to call the "Assured Expert Consultant Program". It's a training program for new-hires whose interest and passion for security is more important than their actual time and experience in the field.
Over six months, the new consultant will endure both internal and external courses, focused on honing their expertise in IT-Security. Internal training is held by other Assured consultants where they speak about their specific field within IT-security. External courses could be anything of the consultants' choice as long as it's connected to security and the specific area the consultant wishes to improve in. The training hopefully results in a confident Assured consultant and security expert who will be able to deliver quality work on any assignment (s)he'll take on!
My name is Benjamin and I was the first guinea pig in the Assured expert consultant program which started in April of 2017. My first week at Assured began by setting a rough plan for my program. One day per week was set aside for internal training held by Assured consultants, the rest of the time was open for me to work together with my technical mentor Jesper and for external training.
As I mentioned, the internal training was scheduled for once a week and held by an Assured consultant. My colleagues spoke about a subject within their area of expertise like PKI, OpenSAMM, Security Operations and Network and web penetration testing, to name a few. This wasn't only educational in the sense of me acquiring knowledge, I also got a good understanding of which part of the IT-security area my colleagues are specialized in, and they got a better understanding of my base knowledge within the different fields.
All assignments I worked at were led by Jesper, and he had all the responsibility to deliver quality work to the customer. That made me feel more relaxed during my first months as I wasn't under as much pressure, but all the motivation to do quality work. During every assignment, we discussed the goal we had and how to get there. I got to be involved every step of the way and in every decision we had to make. During a few assignments Jesper only stood by as a mentor and I did close to all the work required. I quickly learned how Assured was working with customers and how to produce good and manageable results which I as an Assured consultant can stand for.
A few assignments however were very complex and had to be delivered after a short period of time. This made it difficult for Jesper to mentor me properly during that period. That's when online training comes in handy. Doing CTFs, wargames and research developed my technical knowledge and were a lot of fun at the same time!
During my last weeks in the program I took Offensive Security's Cracking the Perimeter course. It was a very difficult but educational course as it touched an area in which I had next to zero experience, reverse engineering.
To sum up the past five months at Assureds expert consultant program I've increased my security knowledge exponentially, mainly within network security and penetration testing. I've also gained a lot of experience as a consultant in how to engage customers and how to provide them with quality results to help improve security in the world of IT.
If you're interested in embarking on the same journey I've been on over the last months, shoot an email over to firstname.lastname@example.org and we'll talk! If you want to reach out to me directly: I'm on Twitter (@bewniac).