One of our Slackers (people who hang with us on our Slack Channel) mentioned that he was in a program created by the UK Government to train high school and/or people headed to university in skills without the traditional 4 year education track.
I was very intrigued by this, since we don't appear to have anything like this, outside of interning at a company, which means you're not considered a full-time employee, have no benefits, and there's no oversight about what you are learning. (Your mileage may vary)
So we asked Liam Graves (@tunnytraffic) to come on and discuss his experience, and how he was enjoying it. We discuss various methods of alternative educations here and in the UK, as well as why someone should possibly consider an apprenticeship. We also discuss how that would work in the US (or could it?)
Also, I very sorry Ireland ... :) I did not mean to lump you in the rest of the Commonwealth...
Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw
“Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/
Join our #Slack Channel! Sign up at https://brakesec.signup.team
#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast
#iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/
Comments, Questions, Feedback: firstname.lastname@example.org
Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast
#Twitter: @brakesec @boettcherpwned @bryanbrake
#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr
#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
UK apprenticeship schemes:
long established though a recent focus shift back from academic achievement to hands-on skills and understanding/applying more than just remembering.
End Point Assessment - project based final assessment.
A mix of targeted learning and on-the-job experience working towards a brief: https://www.thetechpartnership.com/globalassets/pdfs/apprenticeship-standards/cyber-intrusion-analysis/occupational-brief-cyber-intrusion-analyst.pdf
Boring - but some background reading. Apprentices at this level will use levels 1-3 of Bloom’s taxonomy (https://en.wikipedia.org/wiki/Bloom's_taxonomy) 1) Remembering (What type questions). 2) Understanding (Which of these/Why type questions) 3) Applying (It this then what scenarios and questions)
Other schemes include (new and existing):
- Cyber Intrusion Analysts
- Cyber Security Technologists
- Data Analysts
- Digital Marketers
- Infrastructure Technicians
- IT Technical Salesperson
- Network Engineers
- Software Developers
- Software Development Technicians
- Software Testers
- Unified Communications Trouble-shooters (no idea what these ones are)
- Unified Communications Technicians
https://www.gov.uk/apply-apprenticeship (links for Scotland & Wales on the same page).
https://www.thetechpartnership.com/about/ - employers drive the training for the type of employees they need.
Routes to employment - fast paced industry so 1) older pathways may not be relevant. 2) there are so many ways in to the industry pick the right one for you - there’s a difference between people who appreciate structured learning, are autodidactic, learn extra and over what’s expected, dev, risk, red/blue team, academic, hands-on, etc.
Internships (rarer, though some degrees offer a year in industry and will assist in making positions available)
Graduate schemes - very common, will give a grad opportunities to move around the business. Direct hires from uni.
IBM has a trade school - hiring 2,000 US Veterans in the next 5 years
DoL apprenticeship programs
Difference between ‘for-profit’ and ‘trade schools’
Internships = some companies are paying fat bank:
Washington State trades/apprenticeships
Mostly ‘blue’ collar positions
Few ‘technical positions’
Not sure there is an ‘apprenticeship’ in the US, outside of ‘internships’ that are given to college students
No ‘junior security architects’, or ‘junior pentesters’
Yet non-technical positions have junior slots
Manager / Senior manager, Project manager / Sr. Project manager
Difficulty in infosec apprenticeships
What are the ‘starter’ jobs?
All available apprenticeships:
For people looking to pivot from non-Infosec jobs into cyber security: