Interesting Data Gigs # 21: Get a job inside the CyberSecurity industry and skyrocket your career - Part I
Cloudflare, Mandiant, CrowdStrike, SentinelOne and Palo Alto Networks are 5 great choices, but who will win this battle? Let's find out.
SPONSORED BY NOTION
I'm using Notion to capture all ideas/resources and more great things for some digital products I’m creating. I genuinely love the power of Notion.
So, I partnered with the team to give you a great offer you can't refuse to start this year with an incredible pack of resources.
Hello Data geek and welcome to the new incredible 350 folks who subscribed to this newsletter in 2023.
First, I wanted to say Happy New Year 2023.
Unfortunately, this year started with a series of layoffs in many organizations in the tech industry:
I know this is highly complex news but stay with me here because perhaps this could be a unique opportunity for your next career move in 2023.
BTW: a significant positive outcome of this mess is that the Carbon Health team did something remarkable: they asked the tech community to share which companies were hiring in this market, and the response was simply overwhelming.
Bravo Eren Bali and team:
We had to make some really hard decisions at @CarbonHealth. We're unwinding major initiatives like public health, RPM, hardware, chronic care programs to focus on our core primary care & urgent care service. And we've reduced our global work force by more than 200 people.
— Eren Bali (@erenbali)
Jan 6, 2023
You can read in this link all companies hiring today.
So: if you are actively looking for a role, check out this list above.
Now, let’s concentrate on the CyberSecurity industry.
Your next role could be in CyberSecurity
Among some beers and a good piece of Cuban-style roasted pork, I was sharing some memories from the last year with a group of friends, and one of them asked a very interesting question:
I thought for a moment because I knew that one or two of them will actually listen to this and apply my advice, but my answer was a little surprising for some of them:
But before continuing, let me clarify this as well: this industry is not excepted of layoffs as well.
Many security-focused organizations have downsized their workforce as well: to be exact 48 companies and 4093 professionals were part of these layoffs, according to the website layoffs.fyi.
Some of the best-known names were:
(writer of ) was one of the first ones to report the Lacework layoffs:
Just in: @Lacework - data-driven security platform for the cloud - lays off ~300 employees, about 20% of staff today.
The layoffs come 6 months after the company raised $1.8B, valued at $8.3B.
Some people let go were hired 1-2 months ago. Company yet to post an announcement.
— Gergely Orosz (@GergelyOrosz)
May 25, 2022
But let me make this clear as well:
Even with all these series of layoffs in the industry, I still believe that there is a significant opportunity to be part of it and skyrocket your career
I’m not saying that you shouldn’t apply for these companies that conducted layoffs, you just have to be more careful about it, and try to understand the financial health of each company you will apply for.
Why CyberSecurity? Let me try to expand on that
There are several reasons why I would choose CyberSecurity, but from my perspective, these 2 are the key.
1. Cybercrime operations are growing more than ever and are more sophisticated every time
Unfortunately, cybercriminals don’t rest and the services from companies like Cloudflare, Palo Alto Networks, Crowdstrike, SentinelOne, Mandiant (now part of Google Cloud after being acquired in 2022), and many others are in huge demand for all this.
Just look at this interesting image below from Surfshark:
Cyber attacks global increase by 125%
Ransomware new vector attacks are just increasing and the predictions are not pretty
I encourage you to read this interesting article from Yotam Gutnam (Director of Marketing at SentinelOne) team called The True Costs of Ransomware Attacks: 6 Factors to Consider.
And if you have followed some of the recent cyber attacks on well-known companies in 2022, you will understand that this trend only will grow with time.
Some of the most recent ones were:
First in-the-wild 0-day of 2023 🔥
CVE-2023-21674: Windows ALPC elevation of privilege discovered by Avast
— Maddie Stone (@maddiestone)
Jan 10, 2023
2. CyberSecurity shortage of professionals is severe
There is a big shortage of Cybersecurity professionals globally.
According to a recent study by the (ISC)², The World’s Leading Cybersecurity Professional Organization shared that the industry needed at least 3.4 Million new cybersecurity professionals to cover the demand:
When others see problems, we have to see this through other lenses: there is a big opportunity here to enter this industry and see your career skyrocket if you apply the right strategy.
These two big things could be your “door of entrance” to the industry.
Cloudflare, Mandiant, CrowdStrike, SentinelOne, and Palo Alto Networks are leaders in the industry, but which one to choose from them? Let’s get deeper here
Layoffs are not going to go away for a long time.
So: my advice to you is to analyze deeply your next opportunity, not only the potential growth of your future role but the financial health of the company you want to work for.
In this article from the last year, I shared some ideas on how to do that with some key questions to answer about this:
The questions were:
Is the company profitable? Only 1 of them is profitable
Is the company inserted in a growing or lagging industry? Growing Industry
Has the company you are applying for made a layoff? None of them, but nobody is safe these days. Plan accordingly
Has the role you are applying for an actual growth trajectory in this company? Let’s chat about how Data plays a key role in these organizations
Which strategies/initiatives are the company taking to retain its employees? Idem
1. Profits, profits, profits
Let’s try to answer these questions here for Cloudflare, CrowdStrike, SentinelOne, and Palo Alto Networks using this table to see the financial health of these companies:
Sources for this table:
Of course: this table doesn’t count the whole story about these companies:
Cloudflare has an incredible asset on its global network with more than 275 cities, 95% of the population within ~50ms, 11,000 interconnects, 172 Tbps capacity, and its strategic China Network
CrowdStrike and SentinelOne are skyrocketing sales here, especially the second one. And don’t forget the big milestone from CrowdStrike of $2 Billion in ARR
Palo Alto Networks’ key strategy relies on a keyword: CONSOLIDATION.
In a recent conversation between Lisa Martin (Anchor and Tech TV and industry analyst theCUBE), David Vellante (Co-founder & CEO & CO-host of theCUBE), and Zeus Kerravala (Founder and Principal Analyst at ZK Research); they shared the same sentiment about consolidation:
You can enjoy the entire conversation below:
Now, in the case of Mandiant, we have to make an exception here because now it’s part of Google Cloud.
If we analyze the Google Cloud business itself is not profitable yet, reporting a net loss of $699 Million in the Alphabet Q3 2022 Results, but if you analyze the whole conglomerate, it generated $13,910 Million in Net Income and it reported Total cash, cash equivalents, and marketable securities of $116 Billion. Basically a cash cow.
Again: you have to be careful as well after the news from Alphabet:
Alphabet just cut 12000 jobs: So: even one of the most profitable companies in the history of Mankind just cut 12k jobs to please investors. That was the actual reason behind it.
Alphabet’s industrial robotics subsidiary Intrinsic layoff 40 employees
Verily layoffs 15% of staff or 250 employees
Google Cloud’s Top U.S. Sales Execs Depart in Shakeup as Profits Remain Elusive
I will write a second part of this series to focus only to analyze a role inside Mandiant.
Make sure to subscribe to stay tuned:
Apple is the only company from MAANG that has not done any layoffs yet, according to a recent article from CNBC:
4. Data is the central backbone of these companies
If you choose to apply for a Data-focused role, you will be in a very good position.
If you analyze all the core businesses behind these companies, everything is related to Data in one way or another.
So: if you are going to apply for a Data Engineering or a Data Analytics role, be prepared to be challenged here.
5. Employee retention???
The biggest asset that all these companies have is their people, especially after seeing the big shortage of well-prepared professionals in the CyberSecurity industry.
So, they are pushing a lot of initiatives to retain those incredible employees.
Palo Alto Networks
For example, Palo Alto Networks announced a new initiative called FLEXWORK in May 2020, a unique employee-centric program to bring more benefits and perks personalized for each employee.
These initiatives have allowed Palo Alto Networks to earn incredible recognition from their employees and the industry in general:
The Muse’s 2022 VIBE Award winner in FIVE categories! Health & Wellness, Professional Development, Vacation/Time Off, Office Life & Perks, and Work Flexibility, according to a post from Liane Hornsey (EVP & Chief People Officer at Palo Alto Networks)
We are excited to announce that our Early Talent team won @ripplematch’s 2023 Campus Forward Award in the Enterprise Early Career Program category for the second year in a row! Learn more: #LifeAtPaloAltoNetworks#RippleMatch#EarlyTalent
— Life at Palo Alto Networks (@WeHireLeaders)
Jan 11, 2023
They are investing a lot of resources in their employees. So, I see this as a big positive thing for the company.
Another incredible initiative from Palo Alto Networks is the CyberSecurity Academy, where employees can upgrade their CyberSecurity skills as well. This is one of my favorite things about the company.
Now, in the case of CrowdStrike:
In the case of Cloudflare, they are doing amazing stuff and strategies for employee retention and happiness.
If you analyze deeply Cloudflare’s culture, you will see that they care about a diverse workforce, not only about races, religions, skin color, and more but a diverse pack of knowledge as well.
According to Matthew Prince (CEO and co-founder of the company), you can see a person with a Ph.D. working side by side with a person who didn’t finish high school. Why?
Because the most important qualities for a Cloudflare employee are: Curiosity and Empathy
One last thing. The two characteristics we most look for (regardless of the team) are: curiosity and empathy. We'd take those over education, experience, GPA, IQ or anything else.
— Matthew Prince 🌥 (@eastdakota)
Dec 31, 2021
Actually, I encourage you to read the entire discussion he wrote on Twitter about why hiring well is the most important thing for Cloudflare, and how he chats with 25% of the candidates:
@Cloudflare I still talk to about 25% of candidates. And @zatlyn@jgrahamc or @janetvh talk to all the rest.
— Matthew Prince 🌥 (@eastdakota)
Dec 31, 2021
This number proves that they truly care about this.
And when I see people who left Cloudflare and have returned again to Cloudflare again some years later, this is a strong sign that they love the culture of innovation and empathy inside $NET.
In order to understand why they were in the Top 100 of the Most Loved Workplaces in 2022, they conducted several surveys to actually understand their employees better, and the answers are simply amazing.
One of my favorite ones is this one:
This says a lot about the management team of Cloudflare. They truly listen to their employees from the bottom to the top, and these days, that matters.
The big winner here? All of them
Why all of them?
The average estimated annual salary, including base and bonus, at Cloudflare, is $138,324, or $66 per hour, while the estimated median salary is $141,266, or $67 per hour
The average estimated annual salary, including base and bonus, at Palo Alto Networks is $147,968, or $71 per hour, while the estimated median salary is $154,819, or $74 per hour.
The average estimated annual salary, including base and bonus, at SentinelOne is $141,237, or $67 per hour, while the estimated median salary is $139,978, or $67 per hour
And the average estimated annual salary, including base and bonus, at CrowdStrike is $113,357, or $54 per hour, while the estimated median salary is $107,367, or $51 per hour.
And we analyze the average total compensation using Glassdoor’s data, which tells a very similar story.
And about the innovation department: all these companies are doing a remarkable job, with many of them building cutting-edge products for their very diverse group of customers.
So, selecting one of them to build a career is very challenging because they are truly amazing.
But I know you are waiting for my pick here and I will do it:
Palo Alto Networks in the first place
CrowdStrike in the second place
Cloudflare in the third place
Mandiant in the fourth place
SentinelOne in the 5th place
Why Palo Alto Networks?
Again: this is my personal choice and it’s a matter of a combination of:
The good financial health of the company (it’s the only profitable company of this group)
I love their strategy to consolidate all Security solutions under one umbrella
They have an amazing culture in place as well
I have a deep respect for Nikesh Arora and I love how he has managed the company since he took the CEO job
When you read the earnings call of Q1 2023, you see that they care a lot about profitability and the consolidation of the market, and I love that:
Palo Alto Networks’s M&A strategy
Another thing I love about Palo Alto Networks is its M&A strategy: picking leaders in their respective Security fields and integrating them in a very seamless way into Palo Alto Network’s offerings.
A good example of this strategy is the acquisition of Cider Security, an Application Security leader which helps its software supply chain from code to cloud, which it’s now integrated with Prisma Cloud.
Nikesh Arora shared this about this particular acquisition:
Cider Security’s capabilities will help Palo Alto Networks to consolidate even more its Security offering, by giving existing customers the ability to protect their code and infrastructure using a shift left security strategy.
I firmly believe that more and more companies will use this, so this could be the tip of the spear to win new accounts.
Why? The President’s Executive Order 14028 is a very strong reason to believe that, especially Section 4 of it:
Palo Alto Network is ready to tackle those challenges because they are already working with federal agencies and with Prisma Cloud + Cider Security tools, they are investing in the right technologies and capabilities at the right time.
So, it’s time to see some ideas on how to get a role at Palo Alto Networks.
Let’s discuss a straightforward idea on how to approach this job application (THE REAL MEAT)
Idea 1. In order to be part of the industry, you have to keep yourself updated and fresh about the last cybercrime trends, attacks, breaches, and more
There are so many ways to do this, but my favorite resources to monitor the last cybersecurity news are:
And of course, many security research blogs from some of these companies are excellent as well.
Some of my favorite ones are:
Idea # 2: Try to apply the Shift Left Security strategy in your own organization and take some notes
Perhaps this could be your “door of entrance” for Palo Alto Networks. Chat with your colleagues and co-workers about this strategy to develop software today in your own organization with the tools you already have in place.
For example, you could use GitHub Secrets Scanning to accomplish this using this interesting post from the TELUS team, or perhaps you can start with these two series of posts from Alok Shukla from the ShiftLeft here:
With these guides, you could start implementing a Shift Left Security approach inside your team, test it and then present it to your organization or division.
By doing just that you could have a more practical way to enter Palo Alto Networks, and an even better story to tell.
Just analyze this: what is better here?
It’s a matter of perspective and experience.
Even if this was a Proof of Concept in your organization, it’s amazing to bring this story to your resume.
Time to get that role at Palo Alto Networks my friend.
Here are some of the most interesting roles I saw today (January 23rd, 2022):
One More Thing…
One last thing to note here: It seems Palo Alto Networks is using Google Cloud Platform for everything related to Data.
So: it’s a good idea to review some GCP based solutions for Security Analytics, especially if these ones involve services like Dataflow and BigQuery.
I let you with some of my favorite resources about these services:
Good luck with your application.
Other jobs in the Interesting Data Gigs Jobs Network
Just remember that you can be part of our Talent Collective here, and put your profile in front of dozens of companies actively hiring here.
And for companies out there actively hiring, we have 19 active candidates ready for interviews.
Interesting resources of the week
[VIDEO] Backfill Streaming Data Pipelines in Kappa Architecture, by Sundaram Ananthanarayanan and Xinran Waibel from Netflix. Slides here
If you’re finding this newsletter valuable, consider sharing it with friends, or subscribing if you haven’t already.
Thanks for reading Interesting Data Gigs Weekly! Subscribe for free to receive new posts and support my work.
Thanks a lot for reading and I would love to hear your feedback about it in the Chat created for this post.