IT security is needed everywhere, especially by businesses. Gavin Dennis is a senior IT security consultant working in Germany on security projects supporting companies around the world. We asked him to share his experience in the industry and any advice he has for people considering the field.
What do you do?
I currently work in a consulting firm in Germany, and my department provides IT security services, such as penetration testing, to corporate clients around the world. Penetration testing helps identify gaps that may cause systems to become unavailable, disclose confidential information or corrupt the integrity of their data.
I've been in the security field for approximately four years and have worked with companies in industries such as telecommunications, banking and finance, education and technology. Clients have varied in size, from small to large, some with a customer base exceeding 50 million. Before my roles in security consulting, I worked for several top consulting firms in the fields of audit and assurance in the Caribbean.
How did you get into cybersecurity?
My current career path in cybersecurity started from me deciding to follow my passion for IT seriously. About five years into audit and assurance, I realized I was far more passionate about IT while moving closer to feeling unhappy in audit and assurance.
I decided I was going to follow my passion, and I started studying immediately while hunting job opportunities in IT and security. I could have been anywhere in the IT field, but security interested me the most. So far it has been gratifying, as I now travel the world helping companies to protect their digital assets.
What does a typical day look like as a security consultant and penetration tester?
On a typical day, I would be a part of a team interrogating a company's network from the perspective of an internal or external attacker to identify security issues and vulnerabilities.
Also, I may be blogging about security, developing educational security content or remotely mentoring people around the world who are trying to transition into security or improve their career.
How does penetration testing and IT consulting compare to other jobs?
Penetration testing gives me the opportunity to add value to a business by finding ways malicious parties may misuse a system, its users and data. It also allows me the freedom to be creative and appreciate the value of being proactive, determined, diligent and wise.
Many traditional business roles confine you to a routine set of tasks that should be followed like a script. Working with multiple companies and their different technologies and implementations blesses me with continuous education, fights away boredom and gives me an edge when I share my knowledge to help others wherever I go.
What do you love most about being an IT security consultant?
I love that my job allows me to travel the world, work with amazing clients, and experience the wonders of different cultures. My work travel allows me to naturally see the beauty of the world; learn about multiple languages, cultural practices, religious beliefs and false stereotypes; and develop relationships with people in incredible places.
Do you have any advice for people who are new to or considering a career in penetration testing?
Most certainly! Penetration testing requires determination, focus and a strong desire to learn and defy limitations continuously. Embrace and develop the skills people often neglect or underappreciate, such as being curious, taking initiative, being determined, understanding the psychology behind social interactions, continuously learning, tackling challenges, having integrity and avoiding distractions. Always align your studies and practice to maximize your professional growth while being consistent.
Anything else you would like to share about your experience in cybersecurity?
Don't accept the limitations people set for you. Always stay focused on your goal and work toward it, despite the criticisms of others. Maintain a good work–life balance and take care of your health, family and well-being. Also, be positive, practice good habits and try to help others where you can.
Ready to start your penetration testing career? See if CompTIA PenTest+ is right for you