Behind the scenes: A day in the life of a cybersecurity expert
Leading a team is kind of like when a burglar alarm goes off and “you’re the police,” says the head of cybersecurity at ExpressVPN.
Image: ExpressVPN
Aaron Engel was born in Seabrook, Texas, a Houston suburb with about 10,000 people, in 1984. His dad, a high school teacher, scored discounts on computer products, so Aaron got a Commodore 64 at a “very, very young age.” But Engel’s first dream job at age 10 was to be an accountant. It was “a bit unusual,” he said, “but I liked to work with numbers, and thought it would be a stable job that was nice and secure.” Later, his uncle encouraged him to think about a career in computers.
“He said: ‘Hey, Aaron, I’ve got an idea for you. You like computers a lot. You should check out computer security,'” Engel recalled. His uncle told him about the Information Assurance Scholarship Program run by the US Department of Defense, “and, he’s like, ‘if you get this, your life is set.'”
Now the head of cybersecurity at ExpressVPN, where he leads a team of cybersecurity engineers, Engel can trace his interest in the field back to that point. He did get the scholarship, which meant he got a full ride at the University of Tulsa, and a guaranteed job at the Defense Department afterward. That involved traveling to military bases across the U.S. doing cybersecurity work, like reverse engineering of malware, digital forensics, and he was a systems administrator, essentially, for the federal government.
SEE: Security incident response policy (TechRepublic Premium)
Engel said he eventually grew tired of the role and got a job at IBM as a security analyst, “looking for intrusions, working on it, analyzing it, and working with the U.S. government still, indirectly, as an employee of IBM,” he said. Later, he transitioned to security engineering, with more creative control, and became security engineering team lead at IBM. Then, he moved to JPMorgan Chase as a SOC analyst, which was exciting for Engel, he said, because it brought him to London and then Singapore.
A year and a half ago, Engel moved to ExpressVPN, his current employer, in Singapore. ExpressVPN supports clients on Windows, Macs, Lennox, Android and iOS devices, securing network data before it gets sent out. “It’s very user-friendly,” Engel said. “You basically tap one button and bam.”
A background in computer science and programming is important for a career in cybersecurity, Engel believes, because it sets the right foundations. “Once you know how things work, you then know how to either defend them or attack them,” he said. His cybersecurity education was also important—but it’s currently only offered in a handful of universities in America. On top of this, there’s a lot of learning on the job and learning on your own. “Always be hungry,” Engel advised. “You have to want to learn, you have to want to grow, and you have to be willing to have that passion. Otherwise, it’ll just fall behind.”
The current threats that Engel handles at ExpressVPN are mainly social engineering, phishing emails and common threats that largely prey upon users. He loves working at ExpressVPN in part because “we’re always leveraging new technologies,” he said. “Using these new technologies lets you do cool things, interesting things more efficiently and faster and just lets us be a more secure environment.”
Engel manages three teams at ExpressVPN—”security engineering, the security operation center analysts, who are responsible for looking for threats inside of our environment, and then finally we also have a group of red teamers and penetration testers.” He also liaises with other department heads to make sure they’re up to date on the services and are incorporating security into their teams.
“My biggest challenge is how to determine what we need to work on next,” Engel said. “There’s only so much time in the world and you only have so much manpower. We have so many ideas that we want to execute and deliver to ensure security and privacy, and we don’t like to rest on our laurels. We’re not just going to say, ‘oh, this is an eight out of 10, so we don’t need to touch it anymore.’ We want to be 10 out of 10 everywhere.”
As for the fun part, “analysis on security events is a lot of fun because it’s my background,” he said. “I love that kind of thing.” While he can’t go into details on this, because of security reasons, it’s an around-the-clock job. The automated systems can contact Engel at any time if something highly critical occurs—”like having a burglar alarm at your house or something like that,” he said. “Someone’s attempting to break-in. And in this example, we are the police.”
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
“A common misconception about cybersecurity is that it’s literally just two people sitting in a dark room waiting for a screen to turn red, and then they maybe flick a couple buttons,” Engel said. “It couldn’t be further from the truth.”
Instead, the job is all about being proactive. “Alerts, crafting of alerts, doing research, learning about new things, improving your knowledge, working to improve new security controls,” Engel said. “These are all the things that are actually occurring from the defender side.”
“That’s the only way we can even attempt to stay ahead of the curve,” he added.
Cybersecurity Insider Newsletter
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays
