NSA is at the bleeding edge of global cybersecurity. Here's how the build skills and qualify for a job with this elite team.
The earliest uses of cryptography go back more than 3,000 years. A clay tablet dated from 1,500 BCE contained a coded representation of a recipe for making a pottery glaze, which must have been a closely guarded trade secret at the time. Codes have been used throughout the ages to protect personal, trade, and military secrets.
But where there are codes, there are code breakers. Strategic decision-making can be far more accurate with detailed knowledge of an adversary's plans and positions. By cracking codes used to communicate, it's possible to gain insight into the status of a competitor, an enemy, or even a trusted but secretive ally.
The origins of the National Security Agency (NSA) can be traced back to 1917 and the organization of an office called the Cipher Bureau. Code-breaking was an integral part of America's successful decision processes for both world wars. Of course, back then, computer technology was barely in its infancy.
Today, NSA is not only concerned with cracking codes, but with protecting cyberspace itself. NSA is the world leader in cryptology, the art and science of making and breaking codes. With the growth of cyberattacks, along with the use by terrorists of a wide range of digital technologies, NSA has more work than ever to keep Americans safe and keep our leaders fully informed.
Looking for a few good people
The never-ending nature of this calling means NSA is hiring. This could be an important opportunity for IT professionals who may want to grow in their careers and contribute to the country's safety and well-being.
While there are many jobs at NSA, let's look at what it takes to become a technical contributor. For most entry-level cyber positions, NSA is looking for people with a BS or even an AA in IT, network engineering, cybersecurity, computer science, or a related field. Really solid technical skills are absolutely critical.
At the most basic level, you need to know both Linux/Unix and Windows network administration cold. All an enemy actor needs to do is find one mistake, one incorrectly configured setting, one poorly coded routine, and they'll gain a foothold. The good guys have to be able to dive deep inside both operating systems and know their way around various versions, patch levels, and distros.
Detection and prevention
Now, let's talk about defense. There are two main categories of cyberdefense practice: finding vulnerabilities and eliminating them and finding intrusions and neutralizing them. Candidates for positions at NSA should have strong expertise in both penetration testing and intrusion detection.
Obviously, if you've been there and done that, that's a strong point in your favor. Nothing beats real-world experience defending against dedicated adversaries. If you work at NSA, though, you'll be moving beyond the big leagues and playing at the all-star level.
Foreign adversaries range from organized terrorist groups to nation states. In today's world, the challenges are even harder, because many of these groups work together.
Rogue nation states sometimes outsource their cyberwarfare activities to crime groups, terrorists often recruit disaffected professionals, and so on. The job of NSA is to get in front of all of this, block attacks, probes, and intrusions, and build both defensive practices and active offensive tactics and strategies to protect American citizens and America's interests worldwide.
If you've never defended against a true real-world attack, experience in cyberattack simulations is also a plus. If you've ever played on the red team, planning and carrying out a wargame attack against professionals playing defense, you have valuable experience. Likewise, if you've been a blue team participant, you'll understand the scope of challenge in defending against all forms of attack, while the attackers need only find one minor flaw.
Get in the game
Gaining experience, improving reaction time, sharpening your technical skills, and learning how an adversary thinks are all skills you can build through cyber challenges and competitions. Many schools now teach this discipline, so many students now have the opportunity to put on the red or blue and fight for their honor and bragging rights. Find ways to get on teams, help out, find internships, and learn as much as you can.
Of course, real cyberwar is deadly serious. Bragging rights don't matter when your company has been P0wn3d. When it comes time to protect secrets that can save lives, a cool head and unwavering professionalism are critical.
In terms of other skills you should have, keep in mind the tasks you may be asked to perform. You'll need to dig into malware and vulnerabilities. You'll need to reverse-engineer enemy code and methods, so digital forensics knowledge is a must.
You'll need to sift through mountains of data looking for little clues or indicators of enemy behavior, so your data mining, quant, and mathematical analysis skills need to be razor-sharp. If you really enjoy puzzle-solving and finding answers, you'll look forward to every day's new challenges.
Being on the front lines of an entirely new and dangerous battle domain gives you an opportunity to help protect everyone in this country. But there's more to it than that. For people with the right skillset and mindset, this is also quite possibly the coolest job on the planet.
Are you up for the challenge? If you need to build your skills, do the training. Do the reading. Join the teams and learn. If you're already at the top of your game, let NSA get to know you. They really do need high-caliber professionals, and so do your fellow citizens.