I am on an ongoing journey to learn and work around cybersecurity. ClankHead is a personal website that blogs to document this journey.
It is descriptive and to some extent, prescriptive. Descriptively, it details the topics/concepts which I learn and practice, along with the reference materials I used for doing so. Prescriptively, it can help you as a reader to have some recommendations for your learning if you have keen interest in cybersecurity as well.
My name is Jay Lim.
I have completed a bachelor’s degree in business management from the University of London (International Programmes), and a diploma in mechatronics engineering from Nanyang Polytechnic.
Currently, I am aspiring to achieve a bachelor’s degree in cybersecurity and at the same time to gain enough training and practical experience to start a career in information security.
In my free time, I’m into computer programming to improve my problem solving and logic skills. I am also an avid reader with a diverse range of reading interests including economics, politics, culture, science-fiction etc. In addition, one of my creature comforts is indulging in video games. Oh yes, and I am trying out playing the piano 😉
How my interest started
When I was an intern at Schneider Electric in 2017 I met a colleague who was working in network security. Although I was from the logistics department, he was keen to share with me about the nature of job which I found quite interesting. Perhaps it was the way he described it which made it sound exciting. Hence out of personal curiosity, I tried to “teach” myself cybersecurity.
After a year or two with tons of books, exercises and online resources, my interest began to grow after reading about historical cyberattacks, hackers and the popular culture influenced by them. Thus, despite having work experience from other fields, I decided to strive towards breaking into information security.
The rough road
Despite learning a lot of buzzwords, trends and general concepts about cybersecurity, I am still far from being accepted for a information security position. My knowledge is hardly translated into actual workable skills which it can actually add value to the security industry. This was evident from the amount of silence I received after sending out my resume with hopes of landing any entry level cybersecurity position (including internships).
From this shortcoming, I came to realize that although it is important to allow one’s curiosity to drive his passion to learn, sadly, curiosity and passion alone can only get me so far.
At the end of the day, I believe any hiring decision is often made based on whether or not the hiring manager thinks that a candidate can effectively contribute to the employer’s goals within the shortest possible time. This led to a chicken-and-egg situation; companies won’t hire you unless you have work experience, but you can’t gain work experience unless you are hired. It’s possible that many companies simply want to pass the risk of training fresh candidates to someone else before considering to hire them.
Therefore, with this reality coming to light, I took more personal responsibility over my own training by revamping my approach of gaining information security experience. Although I have always been a self-starter with a DIY attitude, I was usually too spontaneous and lacked a methodical approach. Hence, I created a plan for building the experience needed to perform the roles and responsibilities expected of an InfoSec personnel.
My plan involves breaking down my self-learning approach into four areas; systems, software, security and human factor. Each of this area consists related sub-areas such as computer networks, cryptography etc. This is a way of keeping track my learning progress to ensure that I adequately cover the areas I need to know.
Click here to see the details of these four areas.