The latest articles on DEV Community by Adeyanju Michael (@hackrowdsec). https://dev.to/hackrowdsec https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F468893%2F7e12231c-784d-4fce-9f60-a81a9c6e3529.png https://dev.to/hackrowdsec en Adeyanju Michael Sun, 29 Jun 2025 04:49:43 +0000 https://dev.to/hackrowdsec/everything-i-learned-in-my-first-year-as-a-security-engineer-47i0 https://dev.to/hackrowdsec/everything-i-learned-in-my-first-year-as-a-security-engineer-47i0 <p>When I transitioned into cybersecurity, I thought I had a clear picture—firewalls, exploits, vulnerability scanners, maybe some red teaming. What I got was far more layered, practical, and challenging.</p> <p>This post outlines the key lessons, tools, habits, and mindset shifts I experienced in my first year as a Security Engineer. If you're getting into cybersecurity or wondering what the day-to-day looks like, this is for you.</p> <ol> <li> <strong>Security Is Everyone’s Job, But You’ll Still Be the First Call</strong> In theory, everyone shares responsibility for security. In practice, when something breaks or a vulnerability is found, the spotlight is on you.</li> </ol> <p>Lesson: Learn to translate technical risks into business impact. It's not enough to say "we're vulnerable" — explain how it affects uptime, data, compliance, or customer trust.</p> <ol> <li> <strong>Mastering a Few Tools Beats Knowing Many</strong> In my early days, I tried to explore every tool: nmap, Wireshark, Burp Suite, Nessus, Metasploit, and more. It felt overwhelming.</li> </ol> <p>Lesson: Focus on a core toolkit and go deep. Learn how and when to use each tool effectively.</p> <p>My go-to tools:</p> <p>Burp Suite (Web app security testing)</p> <p>nmap (Network reconnaissance)</p> <p>Nessus (Vulnerability scanning)</p> <p>LinPEAS/WinPEAS (Privilege escalation scripts)</p> <p>Wireshark (Packet inspection)</p> <ol> <li> <strong>Fundamentals Matter More Than Flashy Hacks</strong> Most real-world issues I encountered weren’t elite 0-days. They were simple but dangerous oversights:</li> </ol> <p>Open RDP ports</p> <p>Weak credentials</p> <p>Misconfigured S3 buckets</p> <p>Missing critical patches</p> <p>Lesson: Focus on the basics. Understand how networks work, what HTTP is doing under the hood, and how permissions are managed in Linux and Windows.</p> <ol> <li> <strong>Automate Repetitive Tasks</strong> Re-running scans manually or writing the same report every week is not scalable.</li> </ol> <p>Lesson: Use scripting to automate scans, reporting, and ticket generation. Learn Python or Bash and save yourself hours every month.</p> <p>Bonus tip: Integrate Jira, Slack, or GitHub into your workflow early.</p> <ol> <li> <strong>Perfection is a Luxury, Not a Requirement</strong> You won’t always get to lock down every system. Business needs, legacy tech, and time constraints will force compromises.</li> </ol> <p>Lesson: Security is risk management. Know when to fight for a fix, when to suggest a workaround, and when to accept documented risk.</p> <ol> <li> <strong>Communication is a Core Skill</strong> I didn’t expect to spend so much time explaining findings, writing reports, and giving presentations.</li> </ol> <p>Lesson: You need to communicate clearly with both technical teams and non-technical stakeholders. Make your reports actionable and your conversations solution-focused.</p> <ol> <li> <strong>Learn Consistently or Fall Behind</strong> Cybersecurity changes fast. Exploits, tools, and threats evolve quickly.</li> </ol> <p>What worked for me:</p> <p>Weekly reading from sites like Hack The Box, TryHackMe, and CVE writeups</p> <p>Following trusted voices on LinkedIn and Twitter</p> <p>Blocking out time weekly for hands-on practice</p> <ol> <li> <strong>Incident Response is About Preparation, Not Panic</strong> My first incident was chaotic — scattered logs, no central visibility, and unclear roles.</li> </ol> <p>Lesson: Build and test an incident response process. Keep logs centralized, define roles, and practice with tabletop exercises.</p> <ol> <li> <strong>Document Everything</strong> Every time I figured something out—solved a bug, scripted a process, or handled an incident—I documented it.</li> </ol> <p>Lesson: Your future self will thank you. Plus, documentation turns into blog posts, talks, or internal guides.</p> <ol> <li> <strong>Impostor Syndrome is Normal</strong> There were times I felt like I didn’t belong, especially around senior engineers or when reading complex CVEs.</li> </ol> <p>Lesson: Feeling like an impostor doesn’t mean you're unqualified. It means you're growing. Keep learning, ask questions, and take notes on your wins.</p> <p>My first year in cybersecurity was a steep but rewarding learning curve. It’s a field that forces you to think critically, stay adaptable, and never stop learning. You’ll be part detective, part developer, and part negotiator.</p> <p>If you're just starting out or considering a career in security, I’d be happy to answer questions or connect.</p> <p>Let me know what your first year was like — or what you're hoping to learn in your first.</p>