Career Hacking: Tips and Tricks to Making the Most of your Career

Career Hacking: Tips and Tricks to Making the Most of your Career

Build a Strong Network

You cannot have a successful career on your own. You need to have a team that you can work with and rely on to get things done. Networking and team-building are about being able to fill in your skill gaps with the help of friends and colleagues and being able to fill in their skill gaps with your own knowledge. Great teams aren’t great teams just because they have skills though; they must communicate and trust each other. This section provides a few different methods that I have used to hack my professional network to build trust and tear down barriers between teams.

One Up, One Down, One Left, One Right

This concept is simple: learn the basic job of the folks around you so you can provide better support to them and communicate with them on their terms. For example, if you’re a SOC analyst and you work with the risk team a lot, spend some time learning their terminology and regular processes so you can provide better input into their work-stream. They will be grateful that they don’t have to translate your inputs into their standard language and tasks will get accomplished more effectively for both teams.

  • Volunteer to support projects that you hear about
  • Engage them in a brief side convo after a meeting or near the coffee pot
  • Read team documentation that is available… yes, even if it means using SharePoint

Attitude is Everything

Building your network requires having the right attitude. You don’t want to be the person on the team that says, “I’m not here to make friends” or “I’m just here for the paycheck”. Nobody wants to work with that person, and you won’t find yourself getting a lot of support from teammates. Instead you want to engage others with a positive attitude, showing them that you are grateful for their time and expertise.



Being truly grateful and sincere with those that have done great things can go a long way to tear down barriers between teams and individuals. One of the methods that I’ve used previously is to send strategic “thank you” notes to the managers of another team to thank them for the great work that an individual did on a project or in a meeting. If you’ve ever had someone publicly thank you for your efforts, that feels pretty awesome. It feels even better when they thank your manager directly and you hear from your leadership that someone appreciates you. This method works to engage both the individual and the manager, and it can lead to improved relationships in future projects.

Good afternoon,

I just wanted to drop a note to say that we appreciated <name>’s help in today’s <name of meeting/project> meeting. Their assistance brought a lot of value to the discussion and we wanted to say thank you for their invaluable time.

Celebrating Team Wins

Recognizing, celebrating, and documenting team wins is another great way to build an awesome team. This means that you shift your language from “I” and “me” to “we” and “the team” when you talk about success. This goes a long way to build team morale and it prevents you from alienating anyone on the team that may be struggling.

Good afternoon,

On March 3rd, <TEAM NAME> published a Flash Report on tax-themed phishing emails. Multiple stakeholders provided feedback and kudos on the report, and at least five users submitted phishing samples to the team mailbox for further analysis. The team is collaborating with the Malware Lab to extract samples and conduct analysis of the submissions.

Leveling up Your Skillset

Working on yourself is critical to your career growth. You can start by having a plan for your future and working towards those future positions by learning new skills, filling new roles, and crushing accomplishments along the way. There are plenty of resources and mentors that are available, but ultimately this work is up to you.

Know Where You are Going

Infosec is a huge field that requires a lot of different personalities and skills to function. You do not need to master them all and getting into this field can feel like you are climbing a mountain. So let’s start with a few maps that will make that climb a bit easier. The idea here is to find the ideal next role and work backwards to identify what you must achieve to reach that next position. What skills do you need? What intermediate positions do you need to fill?


NICE Self-Assessments

So now you know where you want to be going, time to have a little honest time with yourself. I use the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework to gauge what I know and what I need to know to be successful in my role. The US-CERT website is hosting a great lookup tool to navigate the NICE dataset. You can look up your specific role and figure out what the government and industry have defined as the expected Knowledge, Skills, and Abilities for that role. Here’s there Threat Analysis description that I use to track my career.

US-CERT’s NICE Framework Tool View of Threat Analysis Role
KSA’s for Threat Analysis
NICE Self-Assessment Example

Passive and Active Learning

Traditionally, passive learning is listening to a professor or reading through material without real engagement. I use audiobooks, podcasts, and even webinars as my passive learning sources. I will listen to these sources while I drive, wash dishes, and other repetitive tasks. This is a great way to get exposure to wide breadth of material and topics.

Learn — Train — Do

This is a technique that I heard on a podcast years ago and I really wish I could give proper credit, but I cannot remember the source and my Google-Fu didn’t help (10,000 internet points to any OSINT-warriors out there that can find the original source for me!).

  • Learn a new skill or process that supports your career path
  • Train an existing skill or process to mature your existing capabilities
  • Do a task that you must do, but don’t necessarily find pleasure in

Hacking the Humble Bundle

No not like that. Humble Bundle is a great org, don’t pwn them.

Moving on up!

It is super scary to decide when its time to move on to a new role or company. Is it the right time? Is this the right fit? My take on this will be relatively short, and I have links in the last section of this article that are written by some folks that are far smarter than me. For now, here’s my take:

  • Has it been a few months since I’ve been excited about this work?
  • Am I re-solving problems that we fixed years ago?
  • Am I no longer getting management’s buy-in for new projects?

Recap & Closing

Ultimately, it is your career. You can have awesome managers, mentors, and colleagues. You can watch all of the right talks and read all of the right books & blogs. But it is your career. Only you can put in the work to build a strong network, a strong skillset, and a strong drive to mature in your career. Here’s a quick recap of tools that I keep in my toolbox for those tasks:

  • Strategic THANK YOU!’s
  • One Up, One Down, One Left, One Right
  • Celebrate and document the Team Wins
  • Know yourself and your where you want to go in your career
  • Learn, Train, Do
  • Read, watch, and listen to a variety of content
  • Be awesome

Awesome Resources:

As promised, here are some amazing resources from those far smarter than me, so you’ll be left in great hands.

And one last Hat/Tip:

Chris Crawford, I reference as “the Professor” in the video, has is own amazing content here on Medium. He was also kind enough to peer-review all of my slides for this talk and he gave me some amazing and honest feedback. So if it still sucks, its his fault too :) Thanks Chris!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Andy Piazza

Andy Piazza


I enjoy writing, mentoring, and sharing knowledge. I’m klrgrz (killer grizz) on Twitter. I do stuff n things with cyber threat intel.