The exponential rise of the internet and digital technologies have given rise to many opportunities not only for businesses but also for hackers and cyber attackers!
Kavita Sah, our next pathbreaker, Cyber Security Engineer (R&D) at ExtraHop, researches threats related to Network Detection and Response (NDR) in order to identify malicious activity in enterprise networks.
Kavita talks to Shyam Krishnamurthy from The Interview Portal about gravitating towards a career in Networks & Security after doing her graduation in Electronics and Telecommunication engineering and masters in Security.
For students, the security domain is vast, and with technologies such as AI/ML becoming mainstream, the opportunities in this domain are limitless !
Kavita, your background ?
I grew up in Vadodara and since my father was in the army, my schooling was in Kendriya Vidyalaya. I was a bright student with interests not limited to just books. I was very active in extracurricular activities and sports. I represented my school in basketball for 3 years. I would participate in debates, extempore, and would give speeches in the morning assembly quite often.
Just like any other kid, I wanted to become a Pilot! There was enough career guidance for being a doctor or an engineer but not enough for a pilot! I did not have enough clarity to choose a career when I was in 12th grade until one day my father decided to send me to Kota to prepare for the IIT entrance exam!
Little did I know that I would hardly secure a rank, I was all set to move away from family for the first time in life! Students start preparing from class 9 for IIT, and there I was, hoping to crack IIT in just 8 months of preparation!
Obviously, I did not get into IIT! Forget IIT, I couldn’t secure a rank into NIT! Life had better plans for me!
What did you do for graduation/Post-Graduation?
I got into a college in Pune University specializing in Electronics and Telecommunication. I focused on the Network engineering part. In my final year, I focused on preparing for Cisco Certified Network Associate (CCNA) and got certified. I also did a Masters in Telecommunication at the University of Pittsburgh, majoring in Security
How did you end up in such an offbeat, unconventional and unique career?
Soon after college, I started working as Technical Support at Mphasis (I just didn’t want to sit at home after my graduation) and continued to study for Cisco Networks. After 6 months, I secured a job as a Network Engineer at Compucom India! That was my first breakthrough in my dream job!
You start dreaming as soon as your one dream comes to life! And that was the case with me! Or you may also call it, “progressing in life and career”! I quickly grew in my job and started preparing for “Security” domain jobs. Soon I started preparing for Cisco Security certification and simultaneously preparing for my GRE to secure a college for master’s in security, all while working full time! My plan A was to do security certifications in India and plan B was master’s from the USA.
Tell us about your career path
My transition to security was actually very smooth. I was working as technical support at Mphasis for Bank of America. My role at Mphasis involved troubleshooting issues for Bank of America (BoA) clients.
I got introduced to security after I started working at Compucom India! I was a network engineer but I wanted to do more and soon my interest piqued in security.
My role at Compucom involved configuring, maintaining and troubleshooting network issues of customers like 7-Eleven, CVS, Gamestop. I was also the representative to report and discuss daily network activities with the client everyday.
I got admitted into the Masters Program in Telecommunication at the University of Pittsburgh, majoring in Security! That was another dream come true! I ended up securing an internship at ExtraHop Networks as a Security Engineer! That was my first break in the Cyber Security industry!
My role at ExtraHop is very different from the previous company. Compucom was a service based industry and I was interacting everyday with the customer. ExtraHop is a technology product based company, they build security products for enterprises. Working for a product based company is an excellent experience as you get a chance to work with cross-functional teams, see your ideas coming to life, and constantly stay in touch with cutting edge technology.
Tell us about some of the challenges you have faced?
● Preparing for exams while working and staying away from family was a little challenging as you have to do everything on your own. But that’s what makes you grow and opens your mind. There is so much scope to learn other than academics when you live on your own.
● Moving to the United States was challenging as I was a student again, working part time to pay my bills and constantly hunting for internships and jobs. Life is hard here if you’re from a middle class family, but it’s more than worth it. Your mind opens up like never before!
● You see life with a different perspective. You value things/relations/families/people more than ever. I would say, being in the USA has taught me to be a better and considerate person more than anything else.
How did you get your 1st break?
I ended up securing an internship at Extrahop Networks as a Security Engineer! That was my first break in the Cyber Security industry! Later, I also received a full time offer from ExtraHop.
Tell us about your current role
I work for ExtraHop Networks as a Cybersecurity/Threat researcher. They specialize in Network Detection and Response (NDR) which is relatively a newer domain in the security industry.
NDR means Network Detection and Response. Just like antivirus is installed in your computer to protect it from virus and malware, NDR is installed in the enterprise network to detect malicious activity before it hits your endpoint device like a computer.
I like to explain it with the analogy: Assuming you live in an apartment and you have put a mousetrap outside your door. A mouse is running across the hallway and tries to enter your house, but is immediately trapped in the mousetrap! That’s it, Detecting Threats on the Wire!! That’s what Extrahop does! Your apartment is the “end-point” or computer , Mousetrap is the NDR product, Hallway is the medium through which data travels.
What’s a typical day like?
Our daily work is challenging as we are constantly working to safeguard our clients from bad actors/hackers. The challenges make you learn something new everyday and enable you to grow in a way you never expected!
I primarily work on exploiting Common Vulnerabilities Exposure (CVE’s), Malware, command-and-control (C2), ransomware etc.
I am working everyday to acquire new skills. The only constant skill is “constantly learning new skills”.
What do you love about your job?
I love my job because first, it helps safeguard our customers from security attacks. Second, it makes me learn something new everyday. And third, It makes me grow as a person.
I am also an advanced yoga practitioner and teacher. It keeps me in check in the stressful private industry where you are working on constantly evolving technologies.
How does your work benefit society?
This fact is known to everybody how rapidly the internet has grown! With that growth come bad actors! If you simply google “Number of cyber attacks per day” , the numbers are horrifying! 64% of the companies worldwide suffer from some form of cyber attack. Knowing that my work helps protect enterprises from cyberattacks so that their business runs smoothly makes me feel satisfied and happy.
Future Plans ?
● This was the future I envisioned for myself, so right now I am just cherishing it. I am letting everything sink in before I move to my next dream. We often forget to celebrate our victories in lieu of continuous growth. Sit with yourself and breathe!
● Oh, BTW, I completed my Yoga Teacher Training last year which was my dream. I am very much about work life balance. Yoga is that aspect which if you start, you will never stop! Hit me up for an interview on Yoga!
Your advice to students ?
● I grew up in a middle class family where people don’t even dream of coming to the USA. I did everything myself including financing my journey (this is true for most students coming to the USA). Dream big and work dedicatedly towards achieving it.
● Acquire as many skills as possible related to your career.
● Focus on networking, connect to relevant people. Stay active on LinkedIn, it’s very powerful!
● If you’re looking for a career in cybersecurity, start watching tutorials on youtube, it’s free! Spend half an hour everyday studying security concepts.
● Take hacking courses. There’s ton of free courses out there.
● Academic life is almost the same for all the students, what matters is what you do outside of that and how you use your experience in making you a better person!
● Enjoy the PROCESS of becoming a better person. It’s very rewarding!
● And in all that, don’t forget to BREATHE and stay HAPPY!
My 2 cents!
● Dream big and work towards it.
● Don’t be hesitant asking for help or reaching out to people. People actually like helping or mentoring! ● Be fearless and keep in mind, action is better than inaction.
● Cherish your growth but continue to grow. ● Have a hobby other than your work.
● Always be grateful to your friends and family. Life is nothing without them!
● Remember it’s better to cry in a Mercedes than in a bicycle!
● Respect your mind and body! It’s a gift in itself!
Just for your reference:
Security umbrella is very vast and it’s actually difficult to know different areas unless you work in the security domain.
Security related jobs can be:
Internal security (working just for the company’s security)
End-point Detection and Response
Managed Detection and Response
Network Detection and Response