Skip to main content

Posts

Cloud Security Engineer: The Role That's Reshaping Cybersecurity

Cloud security engineering is the fastest-growing specialty in cybersecurity right now, and the demand gap is not closing it is widening. Every organization that has moved workloads to AWS, Azure, or GCP has created a security engineering need that most traditional security programs are not staffed to meet. If you are looking for a role where your skills will be in high demand, where the work is genuinely complex and interesting, and where the market will pay you well from day one, cloud security engineering deserves serious attention. What I want to be direct about upfront: this is not a role you can credential your way into. Passing the AWS Security Specialty exam without hands-on cloud engineering experience will get you through a resume screen and fail you in the first technical interview. Cloud security engineering requires you to actually understand how cloud infrastructure works not just the security controls layered on top of it. That distinction matters enormously for how you ...
Read more
Recent posts

InfoSec Certifications, Home Labs, and the Skills That Actually Get You Hired

Most people trying to break into cybersecurity spend too much time debating which certification to get next and not enough time building the hands-on skills that hiring managers are actually filtering on. Certifications matter — they validate knowledge, signal commitment, and open doors with recruiters who use them as keyword filters. But a candidate with a modest cert stack and a strong lab portfolio consistently outperforms a candidate with an impressive cert stack and no practical experience. The sequence matters, the context matters, and the hands-on work is not optional. This post is the follow-up to  Breaking Into Information Security: The Complete Guide for Beginners . That guide covered the foundational path. This one goes deeper: which certifications actually align with which career tracks, what your home lab needs to contain, what skills hiring managers are genuinely filtering on, and how to build a portfolio when you have no job history to point to. The Certification Lan...
Read more

Breaking Into Information Security: The Complete Guide for Beginners

Information security is one of the most in-demand career fields in the world right now, and there is no gatekeeping requirement that says you need a computer science degree or twenty years of IT experience to get in. What the field actually needs and what it is actively hiring for is smart, motivated people who are willing to put in the work to build a real foundation. The path is not easy, but it is accessible, and the demand for qualified professionals is not slowing down. I have been in this field for over two decades. I came up through the technical ranks, spent years building and running security programs, and I now serve as a CISO at a publicly traded manufacturing company. Along the way I have hired entry-level analysts, mentored career changers, and reviewed hundreds of resumes from people trying to break in. This guide is the honest, direct version of what I would tell someone today if they sat across from me and asked: “How do I get into InfoSec?” The Honest Truth About Break...
Read more

Project Glasswing & Claude Mythos: What CISOs Need to Know Right Now

Anthropic just released the most capable offensive cybersecurity AI ever built, found thousands of previously unknown zero-day vulnerabilities across every major operating system and browser, and then decided the model was too dangerous to release to the public. That is not a hypothetical scenario. That is what happened on April 7, 2026, and every CISO needs to understand the full weight of what it means. The model is called  Claude Mythos Preview . The initiative built around it is called  Project Glasswing . Together, they represent something genuinely different from every AI-in-security announcement that has come before — not because of marketing language, but because of what the model demonstrably did when turned loose on real production software, autonomously, without a human guiding each step. What Claude Mythos Preview Actually Did Anthropic used Claude Mythos Preview over several weeks to conduct autonomous vulnerability research across critical software infrastructure...
Read more