Name: Jasmin Landry
Title: IT Security Analyst
Employer: SecureOps
Location: Montreal, Canada
Years in IT: 4
Years in information security: 3
Cybersecurity certifications: SSCP, OSCP, CEH, eJPT, CCNA: Security, MCSA

 

How did you decide upon a career in cybersecurity?

It all started when I was a teenager. I enjoyed video games and I was curious about how they were created, so I decided to pursue education in programming. I quickly switched path though, after my first networking class. The teacher introduced us to Wireshark and I was just so amazed at what it could do, and what I was able to see with it. After taking more and more classes related to networking and security, my interest in information security continued to grow.

 

Why did you get your SSCP^®?

I earned my SSCP because I wanted to validate my knowledge and experience in information security, and learn new material and to apply at work. By adding the SSCP certification to my resume, it also proves to future employers my worth in information security.

 

What is a typical day like for you? 

A typical day for me consists of doing vulnerability assessments on the network with automated scanning tools and also doing web application penetration testing. And of course, I have to make reports of my findings so that the vulnerabilities found can be patched. If I have free time, I look at bug bounty reports and research on new techniques to get better as a web app penetration tester.

 

Can you tell us about a personal career highlight? 

I started doing bug bounties as a hobby on my free time earlier this year on platforms like BugCrowd and HackerOne. Early on, I really had a hard time finding bugs on these two platforms so I decided to hunt for bugs on Microsoft’s program instead. I got lucky and quickly found a bug which I reported to them right away. A month later once the vulnerability was patched, they thanked me by putting my name on their Security Researcher Acknowledgments page. They also paid me for this which is pretty awesome! Doing bug bounties really helps in gaining new skills that I can then apply on my day job.

 

How has the SSCP certification helped you in your career?

The SSCP has definitely helped me understand the business side of things that I might not have really understood at the beginning of my career. From risk management, to business continuity planning, and the importance that information security has in a company. Also for my career, it allowed me to get a new job that I might’ve not gotten without the SSCP.

 

What is the most useful advice you have for other information security professionals?

Never stop learning. In infosec or in IT in general, things change all the time, so we must stay up to date on new technology. For whatever kind of role you have, there’s always something new out there which we have to know about to be better at our jobs and continue growing as professionals.

 

For more information on the Systems Security Certified Practitioner certification, download our Ultimate Guide to the SSCP .