My Awesome IT Job: Senior security engineer, VoIP carrier

Hey, we all complain about work from time to time; we've all had lousy jobs. But before you call it a day and head off to the support group that meets at the bar, here are a few words from IT pros that love their work.

Hey, we all complain about work from time to time; we've all had lousy jobs. But before you call it a day and head off to the support group that meets at the bar, here are a few words from IT pros that love their work.

"I do whatever needs to be done, including windows--and I don't just mean the operating system!"
Name: J. Oquendo, CEH, CNDA, CHFI, SGFA, SGFE

Location: New Haven area, Connecticut

Profession, specialization: Nerd at a VoIP carrier specializing in doing whatever needs to be done including Windows (and I don't solely mean the operating system). There are so many tasks involved with my job its difficult to pinpoint a specific title. My business card says Senior Security/VoIP Engineer, I believe its because the printer couldn't fit: Network Analyst, Network Forensic Investigator, Network Engineer, Network Designer, Security Engineer, Incident Handler, IT Forensics, Penetration Tester, Linux/BSD/Solaris/Windows Administrator and VoIP (CCM, CME, Asterisk, Nortel, Avaya, etc) Administrator/Engineer all on the same card.

Hobby: Reading RFC's! Not kidding. I have a strange hobby of reading RFC's in hopes to trick myself into understanding technology. Because the majority of things I've learned have been from experience, self-taught, I've found that maybe I should have taken the time to understand things from the ground up, understand how it all combines together to work properly.

... Did you mean hobbies outside of computing? Are there any?

Last book read: Extrusion Detection by Richard Bejtlich... I like Richard's style of writing and he to me is one of the competent individuals in the security arena. When it comes to books, the ones I read are all tech; I never liked fiction, I figured that I should use time productively and spend it on useful things.

Because of these types of books I read, I barely read them from start to finish and often read about 4 to 5 at a time. Here's the entire list of books I either keep in my messenger bag, desk or at home and mix and match for the moment: Extrusion Detection, Security Data Visualization: Graphical Techniques for Network Analysis by Greg Conti, Security Metrics: Replacing Fear, Uncertainty, and Doubt by Andrew Jaquith and The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments by Douglas J. Landoll--5 books with enough words to fill a paragraph! I'm starting to ponder why new studies say reading is declining, maybe the titles are books in themselves.

Latest accomplishment: Created a VoIP Intrusion Detection System from scratch. Since I deal with anywhere between 15 to 20 million minutes of VoIP traffic, there wasn't a definitive product I could find that could protect our particular infrastructure from toll fraud. I looked at all sorts of offerings and none were really a fit. I tried the open source route (modifying Snort), the pay for play route (Sentivist modified) and could not find anything that was suitable to our needs. I decided to make one on my own using the standard tools on the operating system receiving the logs.

It was a lesson in regular expressions, heavy networking, heavy log correlation, abstraction, how much coffee to avoid drinking on a daily basis, you name it I went through it. All in all I accomplished what I set out to do almost 100% the networking side of things are still being tweaked.

Toughest technology lesson learned: Its better to do a uname -a before you issue a reboot or shutdown -h! Humor, humor, humor! I spend about 85 to 90 percent of my day with an excessive amount of terminals logged in. If I'm writing a script or doing some programming (perl, shell, etc) sometimes I switch to another shell (e.g. from bash to csh), it becomes difficult to remember at times: "Which machine am I on again".

Once about 9 years ago I issued a shutdown command to what I thought was my then E450 development machine. Turned out to be a live system, you can imagine the horror of a 15 minute downtime from powering off a live server. At the time we had a failover plan, it was just horrible though when I wondered why the E450 by my foot never turned off, and oh by the way, why is this alert annoying me!

Technology can be a tough lesson to learn in itself. Things change so rapidly and I don't believe there is the one definitive lesson to learn, I look at many experiences as a lesson learned, tough or not.

Advice to an up-and-comer:

1. Be honest with yourself. Do you really want to put "Cross Reference Anomaly Processing" in your resume when all you've really done is configure Snort without really understanding it. I'm often tasked to interview candidates here and when I see someone's resume filled with so much fluff, I often play the dumb role to amuse myself. I've asked what are supposed to be experts simple questions and have gotten "deer in headlights" looks when I ask them these questions. ... If you don't know something, doesn't mean you can't learn it.

2. You're never to young or old to learn something new. Take a moment every here and there to explore, try something different, learn something new. One of my colleagues is a great guy, he's from the old days of IBM and has an insanely "Beautiful Mind", he decided to come back into IT after retirement and is now learning VoIP security from the ground up. I applaud his effort and his desire to learn anything and everything he can.

3. Relax. A machine can only output what you input period. Take your time and think about things on a logical bare bones level. You'll eventually find the answer. Going at things with frustration, anger, will get you nowhere, you won't be able to think straight.

[Know someone who thinks their IT job is awesome? Introduce them to me at debperelman [at] gmail [dot] com.]