Jesse Rasimus isn’t afraid of throwing himself into things. It’s a quality that got him working in physical security. But a friend introduced him to the exciting world of infosec. Eventually, Jesse found a home in F-Secure’s Cyber Security Academy. He hasn’t looked back since.
“It’s an emotional roller coaster. You’re always learning new things. So it goes from really difficult, to easy, and then really difficult again,” says Jesse. “I first thought about getting into cyber security after a friend of mine demoed some pretty cool stuff he was working on. He also told me that companies are basically running out of people to hire, so switching seemed like a good move.”
The switch was a pretty big adjustment. In some ways, security is security. But comparing the two, Jesse explains that physical security is all about what’s happening on the outside. And cyber security is about what’s happening on the inside.
It’s a big change. But a welcome one given the high demand for skilled cyber security professionals. Numerous studies have been published on the critical shortage of skilled cyber security workers. Not nearly as much has been said about efforts to solve the problem. F-Secure’s Cyber Security Academy has the distinction of being one of the few initiatives that give people a hands-on way to learn the specific, practical skills they need in a cyber security career.
So what’s the first thing Jesse learned?
“Linux. I knew the basics of Linux. But we use it a lot, so I had to learn the internals rather than just how to click around,” he says.
Jesse also needed to learn more programming. But it might surprise many people to learn that while programming is very important, it’s not everything.
“I actually don’t need to do that much programming. But it’s something I struggle with when I do need to use it,” he explains. “Programming, or maybe getting accustomed to using business English for writing reports, have been the most challenging things to learn. I think everyone in the academy was surprised by the high standards required for these reports, so they’re actually quite difficult to write.”
Jesse recently completed the “intensive” part of the academy. But that doesn’t mean the work is going to get easier. Now, he spends his days shadowing consultants while they work with clients.
“I try and break stuff designed to be unbreakable. Then I try and help clients fix problems before bad guys find out about them,” is how he describes his work.
While his initial focus was learning about red teaming, going through the academy drew Jesse toward new areas, like incident response and risk management. And he says he’ll most likely continue to branch out.
As for advice for future Cyber Security Academy participants, Jesse says you just have to jump in.
“You just have to go full on and don’t be afraid to throw yourself in. Don’t let anything hold you back,” he said. “Also, the interviews are…I wasn’t completely prepared for the questions they threw out there, so expect the unexpected.”
For those interested in opportunities like this, Jesse found the position simply by browsing F-Secure’s career pages. And you can check out this blog post for some additional tips on how to break into cyber security.