Shaz Baig: Infosec Accelerate Scholarship Winner

The life of a professional cyber threat hunter

Daily, Baig works to support a vast cyber threat intelligence apparatus supporting Citigroup, the international financial services business. 

“We gather intelligence for various sources, use security tools to pivot on [indicators of compromise] IOCs, try to find more intelligence and move on toward more IOCs,” shared Baig about his current team, “We then feed that to the security operations centers and provide assistance to other threat intelligence gathering such as tracking tactical threats or a bunch of campaigns from one strategic threat actor.”

Ultimately, Baig and his team combine all of this data and analysis to the senior technical and operational leadership, giving them the information they need to better understand the threat landscape and how they should respond.

“It can get stressful at times.”

Life is a journey, not a destination

In contrast to the highly technical nature of his current role, Baig’s relationship with technology wasn’t always at this point.

“I first became interested in it when I decided, ‘You know what? Computers are really intriguing. I don't know much about them. I would like to learn more about them,’” reflects Baig. “So I started taking courses online, whatever I could find.”

During this journey, Baig learned about cybersecurity, which immediately piqued his curiosity. “I saw the need for it, and it clicked with me as something that's interesting and challenging,”

As with many in the field, Baig has thrived because he realized early that cybersecurity requires practitioners to embrace self-teaching. Fast forward to today, and Baig now holds multiple cybersecurity certifications.

The recipe for a successful cybersecurity professional

While Baig believes many qualities make for a strong cybersecurity professional, one trait, in particular, stands out.

“I would say the most important one would be to take accountability for what you need to know and what your responsibilities are.”

Whether that person works alone or as part of a team, Baig believes that this self-accountability and drive pushes a professional forward and helps them to make a more significant impact. “They need to take their craft seriously and teach themselves.” This is especially true today as technologies, threats and attack surfaces constantly evolve.

In particular, Baig highlights the qualities innate in today’s military veterans. “Veterans are a natural fit for the cybersecurity industry and will undoubtedly make valuable contributions to it,” said Baig, “Veterans have proven themselves as natural go-getters, which is an essential trait in a field where trust must be placed upon a few subject matter experts for the security needs of an entire enterprise or organization.”

Not only that, Baig emphasized veterans’ rugged work ethic and ability to focus, especially during emergencies or incidents when calm and focus are essential. 

Regardless of one’s military service, however, Baig recommends junior practitioners identify the position they want to be in 5 to 10 years and identify a specific plan to obtain the skills and experiences those roles expect.

Looking ahead to expanding his impact

Baig hopes to amplify this impact in the field by starting his own cybersecurity company, offering a complete range of threat intelligence and security services.

First, Baig wants to offer incident response, incident handling, forensic work, offensive security and threat hunting.  “Once that gets going, I want to branch out into managed threat and create my own intelligence department.”

Backed by the full suite of Infosec training and bootcamps and a mindset for service, and the motivation to own his own business, we expect to hear a lot more about Baig’s successes.