Interview with Cybersecurity Talent: Steve Nyan Lin
1) A bit about yourself
I am Steve Nyan Lin, currently working as a Security Consultant in Singapore, and have been staying here since my secondary schooling days. When I am not working, I like to play chess, watch football and listen to music. I currently hold a Bachelor in Engineering (Electrical and Electronic Engineering) from Nanyang Technological University.
2) What made you obsessed with Cybersecurity?
I was first exposed to the penetration testing role during an internship role in university days. Before that, I had no idea about the concept of cybersecurity, the roles available in this field and how to go about becoming a cybersecurity professional. Even though I was not studying anything IT related during my schooling days, I felt passionate about pursuing a career in cybersecurity when I step into the working phase.
To prepare myself before graduating, I have pursued and successfully attained CCNA Routing and Switching, CCNA Cyber Ops and CompTIA Security+. Even though these are pretty basic, I felt that for anybody planning to pursue a career in cybersecurity, it is very important to get the basics right. The IT world is massive, with different areas of technology and a cybersecurity professional needs to be familiar with the foundations such as networking, application security, IOT and infrastructure security.
3) Please share how you achieved the Certified Red Team Expert certification.
I have always been interested in Active Directory, and since Pentester Academy seems to be offering certifications related to attacking Active Directory, I have decided to take up the challenge. As I had no Windows Server background previously, I enrolled into the Attacking and Defending Active Directory course before taking up the Windows Red Team Lab course which would lead me to the Certified Red Team Expert (CRTE) certification.
To any prospective students planning to enrol in this course, I would highly recommend buying at least 60 days of lab access so that you will have ample time to experiment and toy around with the different concepts taught in the course. The most important mindset to have is not to simply get to the answers, but to have logical thinking, step by step in deriving the solution. The journey is just as important (if not, more important) than the destination. If I could go back and do things more differently, I would have paid more attention to the minor details and to understand the concepts as well as taking my time to experiment with different techniques in the course. The exam is quite challenging, with 48 hours allocated to tackle tasks highlighted. It is important to plan your days carefully to avoid burnout.
4) How do you foresee yourself in the next couple of years?
I would like to focus more on enterprise security and learn more about red teaming. If possible, I would also like to get more exposure in Active Directory so that I can do security assessments in this area, if work permits. Other than that, I will keep on trying to obtain more red team certifications and share my learning experiences, whenever I can.
5) What do you like to tell about anyone pursuing cybersecurity?
Be passionate. If money is the only motivating factor for you to pursue this career track, it will get very, very tough and you'll be called out by those that are truly passionate about pursuing cybersecurity. As long as you have the drive to succeed, there will always be resources out there that can help you to obtain more knowledge on the area of interests that you have. Do not be discouraged if you have 0 certifications compared to someone who has dozens, because, at the end of the day, you should just focus on your journey and become a better person each day. Look beyond certifications, and try to truly grasp knowledge in all forms.
6) Please share how someone can follow you in a social or professional network.
Hit me up on twitter - @nyanlinsteve or on Facebook - Nyan Lin Steve