What I do as a Cloud Security Engineer

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Going to admit I didn’t watch the full video but most of it. Question I had is, how often are you tooling custom solutions like deploying lambda functions to accomplish some cloud security goal versus just deploying a COTS cloud security solution (CSPM/CWPP) configuring that and helping clients just establish a program around it, eg, here are your SOC SOPs based off certain alerts?

Edit: Just trying to gauge how much of a cloud engineer role is dev skills vs just analyst skills. Understanding being able to write scrips and custom things are powerful but at this point in time are people still needing to come up with custom cloud security tools or are things commoditized enough where it’s more about being able to leverage existing tools than building your own?

👍︎︎ 5 👤︎︎ u/clayjk 📅︎︎ Feb 13 2021 🗫︎ replies

Even this conversation is too high level to me that means I am too noobiw

👍︎︎ 2 👤︎︎ u/godsubscribersme 📅︎︎ Feb 13 2021 🗫︎ replies

Bro how are you not gonna put your dog in front of the camera? Give the people what they really want.

But actually I appreciate the videos and thoughtful content for beginners

👍︎︎ 2 👤︎︎ u/macknasty321 📅︎︎ Feb 13 2021 🗫︎ replies

Right now im young in my cybersec career, have a nice job with an agency as an analyst. Work isnt very rewarding though and want to pivot private sector in either the pen or dev side of things. I have a decent understanding and ability in C++ and python (and powershell but 🤢). Going forward what language do you recommend for increasing my job prospects?

👍︎︎ 1 👤︎︎ u/ChadAndBradsXbox 📅︎︎ Feb 14 2021 🗫︎ replies

Any advise from OP or anyone else:

I’ve been in infrastructure for 8 years. Always as this weird Sys Admin/Jr Engineering role/Network Admin role.

I’ve been going to college for longer than I’m willing to admit but when you’re an adult, it takes longer. I just transferred out of a BCIS degree to CS and start this summer. — Hopefully to graduate within 2 years.

It’s taken me awhile to figure out exactly what I want to do. I guess I’ve know for awhile but could never really answer if anyone asked me. Because as you kinda stated, no one really talks about what CS is. I mean, as an infrastructure guy, we always try to focus on security (or at least my previous employer made us.) Anyways, a about a month ago I realized it was cloud sec.

So here I am cramming for my Sec+. No employer has ever made getting certs a priority. I have taken InfoSec classes and actually watched some Lydia videos for said InfoSec classes. So the cramming is a refresh for a couple of weeks away.

Besides the get to knowing python answer (I also know Java, C++, and Obj-C), what else should I be doing to get a job into CloudSec?

It seems super hard to break into something I feel like I want to do. Especially with the experience I have.

👍︎︎ 1 👤︎︎ u/ManuTh3Great 📅︎︎ Feb 14 2021 🗫︎ replies

Late to the party, but I'm a freshman in college right now leaning towards a concentration cybersecurity majoring in Comp Sci. Are there any tips worth knowing?!

👍︎︎ 1 👤︎︎ u/_YouSaidWhat 📅︎︎ Feb 16 2021 🗫︎ replies

Hi i am working as SOC Analyst Level 1 and interested in a cloud security. So should I get experience of traditional Security and later on jump to cloud security or jump right now to Cloud Security basically my company is providing services of Cloud also and managing Azure Sentinel but currently i am looking only Splunk.

👍︎︎ 1 👤︎︎ u/securitygusf 📅︎︎ Feb 20 2021 🗫︎ replies

Captions

hey y'all welcome back to my channel my name is andrew and i'm currently a cloud security engineer working and living in boulder colorado now my videos are kind of geared towards helping people integrate themselves into what they can expect when they join the field of cyber security or software engineering or technology in general but i don't really give a lot of insight to what i actually do for my actual profession uh again i'm a cloud security engineer i've been one for about three years now and i came over from a kind of a software engineering role and i really think that whether you want to go into my exact specialization or you want to become an analyst or you want to become you know an infrastructure engineer any of these kind of things that you can really learn a lot from you know my kind of journey and what my day-to-day responsibilities are and you can you know check some things off of your list and actually see if this is a job that you could want um so without further ado today i'm going to be showing and telling you guys what i actually do in my day-to-day as a cloud security [Music] engineer [Music] so as i told you guys before i've been a cloud security engineer for about three years now and my day-to-day responsibilities vary pretty greatly um especially coming over from a small startup well it wasn't exactly a small service a startup of about 300 people but it was a very fast-moving startup and now i work for a government contracting company where we work with big government clients as well as you know federal and state um regulators so my day-to-day now is actually a lot different than it was before but now what i do on most days and again this is more of a generalization in terms of what i do some days it's different some days it's not some days i have to do policy and document work i hate that kind of work but it has to be done and i still learn a lot from it but on most days what my job is going to be is taking high level requirements that i get from you know government csos managers or my own project managers and trying to create solutions with them now what does that mean i know you guys have probably heard that a bunch of times and it it sounds even more vague when you say it more often so i'm really going to try to help explain what that actually is and what you would be doing if you got a job that's the same as mine so on a day-to-day basis i could get you know a list of requirements coming down from a client that's going to ask me uh hey we're aligning ourselves against you know fedramp moderate we're aligning ourselves against this csf we're landing ourselves against nist 853. those are all different frameworks that as a cybersecurity professional or engineer you're going to have to know in order to get your first job and also to you know be really really sharp in terms of aligning yourself against frameworks and being compliant so when a client comes down with a list of requirements that they need or list the controls from a framework that they need covered they usually give me a vague list where it's like hey we need monitoring and logging on this we need to have an extra password policy on this we need to make sure that we have a fail safe or data monitoring solution in place so we can go back and get a system of record of all the you know api calls that are happening in our cloud infrastructure any of those kinds of things so to give you guys an example one of my latest projects was i had to create a configuration management system now what that is is all it does is go through and check based on a list of you know rules that i give it uh if configurations are compliant now that checks if the password policy is as complex as we need it to be or as the client wants it to be checks if we have monitoring and logging with cloud trail logs cloud watch events and it checks that they're all being you know logged to a database or an s3 bucket or anything like that and there's about 20 different roles that actually created for this solution and every single one gets logged on a daily basis gets sent to a database and the client you know can pull the records of that uh that of that log to see you know kind of a system of record what's actually happened in their infrastructure now as a cloud security engineer my job is to actually take those requirements like i said and the requirements that i got were we need to just manage configuration and i had to come up with this solution so my job was to not only research that solution but conduct cost analysis on that solution as well because even though you're just an engineer a client especially when you're in a client-facing business like i am right now and client's not going to want to pay a ton of money for the next you know greatest coolest solution that you can think of although that would be great as an engineer to be able to do that the client is really going to want to stay cost effective right so it's going to be your job to not only research the solution but also do a bit of cost analysis to see if the solution is good compared to others or if you could you know take away a little bit of functionality in the actual code or the cool part that us engineers like to do to save a little bit of money that's also going to be part of your job now in terms of the actual solution that i created and solutions i've created in the past they all have you know some of the same kind of technology that i would be using i'm always using the aws cdk as you guys see in my past videos it's one of the the best technologies that i've actually learned i'm also using sdks from aws itself uh the aws python libraries such as like moto 3 or the apis and all these things come together in creating comprehensive solutions whether it's through you know the cdk and the actual infrastructure roles that i'm creating or the infrastructure itself or lambdas that are actioning on pre-existing or infrastructure that i'm creating my on my own all this has to do with cloud native tooling and things like ansible and puppet and chef and things like that that you can take cloudformation you can deploy it across a wide range of accounts now this might seem like a repetitive theme in my channel talking about you know automation cdk all these kinds of things but think of it as you know kind of like a technology agnostic channel or technology agnostic theme because automation is what clients actually want so in my role again as a cloud security engineer you're going to have to do a lot of automation clients want to take away those manual hours of having to pay people for operational work and they want to pay you up front you know not technically me but the company i work for upfront to create a comprehensive solution that's going to do that repeatable task over and over and over again now the thought process behind that is you're going to pay more first because you're paying highly skilled knowledge workers to create solutions but in the long run you're gonna not have to pay you know an operational worker to complete those tasks on a daily basis because the automation's gonna take care of it for you so a large theme of what i actually do is using infrastructure as code like i always talk about so cdk terraform all these kinds of things but some skills that i think you should have in order to get a job and do kind of what i do if you want to is you really have to be able to critically think and and research this kind of tooling very very well because people are going to expect you not only to know the kind of tooling that you're bringing up and proposing for these solutions but they're going to expect you to know how much it costs and trust me i've made mistakes in the past where i you know conjure up these amazing solutions and little do i know they're going to cost 800 a month in a small account and that's never fun so if i was to give you guys another example of you know kind of a solution that i've created in the past and and one that you guys can you know try to research yourselves and focus on sorry those my dog research yourselves and focus on so if you want to get a job as a cloud security engineer you can kind of have a leg up on the competition another one that i created was in cloud accounts you're always going to have access keys right you're gonna have an access key secret access key and that's gonna be kind of the identity management system it's the same thing as a username and password people protect them with their lives and it really gets you access to everything in the cloud or anything that's connected to the cloud so access keys are a huge part of security and a huge part of just devops and and working in the cloud in general so as a security professional you're going to want to put requirements on those specific access keys whereas you don't want someone have an access key over 90 days because then it's just too long to have an access key that's essentially like having a password for 90 days and not changing it that's just bad practice so if you have an access key over 90 days i created this slack bot that actually prompts you to change your access key by authenticating to aws from slack so something that's really cool is you know this was more of a startup so it's a lot more versatile on agile but the solution itself is actually creating a slackbot that says hey your access key is about to expire in five days why don't you log in and change it here's the link now that might seem dumb at first right but security is always seen as an abrasive you know restrictive team so if you actually interact with people in a fun way and we actually had this cute little robot picture as the actual slack bot itself so when it prompted people to interact with it it was it was kind of fun it was cool um so security is always seen as this restrictive thing so if you kind of bridge the gap a little bit and say hey you know this is my job i want to do it this is going to keep us safe but here's a fun way and an easy way in which you can you know help me out that's where automation comes in that's where operational tasks are going to have to take a backseat that's why these companies are going to pay you to automate in the way that i've been automating so those are just some of the basic solutions that i've created in the past i've created many more other than that if you want to talk to me about those or ask any questions about them feel free to dm me on twitter or join the discord or whatever you want to do so that's kind of my job at a high level right i take requirements given by clients i research and create solutions based on those requirements and i kind of do a bit of maintenance on the solution itself because you know code bases have a bit of upkeep to them i don't really want to tell you guys what i do on a day-to-day basis day-to-day basis and not really tell you some skills that you can get in order to actually become a cloud security engineer or a security engineer if you want to become one so one thing that is really daunting about the field that i'm in is when you first come into it as a junior engineer if you don't really come from a technical background you come from as an analyst you kind of know how to do a bit of scripting and automation but you know it's very daunting at first because you're being asked to create these solutions and it's not like operational work where there's a clear end to it right engineering work there's no end to it it's knowledge work that's why you know the salaries are really great the job is really fun if you like to solve problems but it can be a bit stressful if you you know get tasked with a solution that you don't necessarily know the answer to right away so one piece of advice that i would give you guys is if you get into a field like this a knowledge work field and you know you're feeling overwhelmed because you get a task your first week or you're scared to get into the field because you feel like you're gonna be overwhelmed just remember that although i really like to think that the solutions that i've created are really cool chances are i'm not the first person to do it right google is your friend you're not gonna be the first person to create a solution and if you are the first person to create that specific solution i guarantee subsets of that solution would have already been created whether it's from github repos like cdk examples or there's tons of repos and i'll try to post some in the description below as to what you can kind of get your what you can kind of base your solutions on but you're not the first person to create these solutions and if you are good for you you're going to do great but there's always going to be help and resources that you can use to create solutions like this whether it's teammates i've always worked in you know small teams so i kind of had to use my own knowledge and a lot of googling to get by but i've also had really great mentors as well especially my last job and in this job as well um so you're not gonna be the first person to create that solution and your team if you're in a good team and you'll know right away if you're not but if you're in a good team your team's not going to expect you to create comprehensive solutions day one when you come in as an entry-level engineer so if they do i hate to break it to you you're not in the right company finding your job but you can really rely on other people in this field right and another skill that you're going to have to bring is basic knowledge of python you know c plus plus java some sort of programming language obviously that's a prerequisite to getting an engine any engineering field in terms of computer science or computer engineering but you don't need to become a an expert so much as you think right if you have great knowledge of not only the cloud and how it works in terms of apis and resources and different you know resources that you can use learning a bit of python and coming in with a base knowledge of python and being able to create simple functions can go a long way in terms of interacting with you know the aws apis the aws sdks and the adiabatic cdks i mean you can use typescript you can use python you use java c plus plus golang any of these other languages now the final skill i'd recommend you guys to have is just confidence have confidence that if you have put in the work it's gonna pay off have confidence that you can ask questions if you don't know what you're talking about don't sit there and you know muddle over one thing the entire day ask a question if you have a great team like you should they'll answer your question it'll get solved a lot quicker if you just have a bit of confidence to say hey i don't know something because i guarantee no one knows everything in the engineering field it's a huge field you know all too often in engineering fields i see people trying to take on tasks that they don't really understand and there's it's it's not you know so much of a confidence thing it's the fact that someone might have used that technology or tooling before you so they should you know get tasked with that story or that task instead of you right so if you speak up and say hey i've never done this before can i have a little bit of help maybe someone takes that off your plate and you get another task sent to you that you actually have experience with so never be afraid to you know kind of speak up and use that confidence and actually um collaborate with a team like it's supposed to be so i hope you guys gained a little bit of more of an understanding of what i actually do as a cloud securing engineer and you know what kind what you can kind of expect if you go down this path i think a lot of the issue in cyber security is the ambiguity in terms of cyber security is such a huge field and no one really talks about what exactly it is in granular detail and what kind of specializations you can go to and what you should be focusing on in school or before you actually go and try to apply for those specific job roles in cyber security you know that's really the barrier i'm trying to break down i think there's a lack of knowledge in terms of that there's always a lot of you know show in terms of uh cool tooling bug bounty hunting and things like that and that's great but we really have to get people in on the ground floor of cyber security and i learned the hard way i had no idea what i was doing when i first started i couldn't even tell people what i did when i went to college and it really is a great feeling knowing what kind of niche role that you're meant to be in and what kind of niche role that you want to actually go in so you can study with a little bit of you know ferocity into that specific role now if you guys have any questions on anything i talked about or you just want to learn more about what i do in general or any other jobs that i'm familiar with feel free to leave a comment down below you know dm me on twitter give me a discord join the discord and ask someone in there but definitely ask a question if you're someone that's trying to really crack into this field as always i really appreciate you guys for watching remember to subscribe if you haven't already and i will see you guys in the next one

Info

Channel: Andrew Roe

Views: 17,069

Rating: 4.8949342 out of 5

Keywords: Amazon Web Service, Engineering, Technology

Id: 8fBEQCgFPMU

Channel Id: undefined

Length: 15min 1sec (901 seconds)

Published: Fri Feb 12 2021