Start Your Career In Cyber

Simon Fraser University
Surrey Campus

The Next Regional Competition Starts In

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

Start Your Career In Cyber

You Can't Get a Job Without a Resume...

And you can’t build a resume without a job.
Break that cycle!
Earn a real cyber job working with top cyber professionals.
Full time & fully paid. You won’t be working a helpline or fixing printers. 

One-Day Event in Your Region

Cyber*Sci is Hacking in the morning, interviews in the afternoon, and summer job/intern/co-op offers  by supper. Full-time positions may need follow-up interviews later in the week.

Win National and International Travel

Winners in each region advance to CyberSci national finals, and top teams there go on to represent Canada at international events – in Prague, Vienna or Athens.

h

Eligibility and Rules

Regional events:  Participants must be
1.)  full-time students at a Canadian university or college and  2.) must be eligible to work in Canada.
National finals: You must also be a Canadian citizen or landed immigrant.

Got an Elite Team Already?

Prove it.  Come and compete against the best in the Canada, Europe, and the rest of the world.

u

Just Beginning?

Cyber*Sci is a great place to start. There will be mentors and coaches. This is a fantastic learning opportunity.

Who Can Send a Team?

Cyber*Sci welcomes Canadian college and university teams. Up to 4 members per team. 2 teams per school.

Details For Students

If you’re looking for a great job in this field, and if you’ve done a few courses and practiced some skills, then this is the event for you. The sponsors hiring at this event are not stuck on your resume, they are looking for people who can show they’ve got talent. You can break out of the trap of “can’t get a job due to no experience, and can’t get experience due to no job”. This is your chance to break into a career in cyber security!

Your future responsibilities

You will work on live cyber security projects with supervision and coaching from experienced security professionals in a full-service IT security department.

You will get real-world experience and have the opportunity to work with and receive training from members of teams such as:

  • Cyber Operations: Security monitoring and security device management services.
  • Security Assurance teams: Vulnerability management, security assessment and pen testing services.

    You are a team player with a strong interest in cyber security who can plan and organize work and react quickly to change. You provide consistent attention to detail and monitor the quality of your work. You are also able to manage protected and confidential documents and information. As well, you possess strong written and oral communication skills.

    Responsibilities may include:

      • Performing vulnerability management testing of information systems and applications
      • Producing written and analytical reports and dashboards on key cyber risks
      • Monitoring security alerts of potential hacker attacks detected by security systems such as: Intrusion Detection & Prevention Systems (NIDS/NIPS, HIDS/HIPS, WIDS), Log Monitoring, File Integrity Monitoring and SIEM
      • Investigating and reporting on potential security incidents
      • Assisting with IT security investigations, exercises and tests
      • Identifying and notifying organization of discovered security threats
      • Providing recommendations to clients to assist with eradicating discovered threats

    Must possess:

      • An interest in the cyber security field
      • Solid skills with Linux commands and/or Windows PowerShell
      • A moderate to advanced knowledge of networking protocols and configuration gained from class work, labs and probably hours of tinkering with your home network (physical or virtual routing and switching)
      • Perhaps some experience with cyber challenges (CTFs) either in person or online
      • A strong desire to learn and grow while working alongside highly experienced members of a well-established IT security

    For Cyber*Sci events, the following skills will be used:

    Networking fundamentals
     – How a network device communicates over TCP/IP.  (first 4 layers of TCP stack)
     – How traffic flows between networks/subnets.
     – Network commands and tools
        – The “route” and “ip” commands.  Some “netstat”.
        – Nmap, including outside of local subnet.
    DNS commands and tools
        – Host, dig, nslookup
        – DNS configuration
        – Bind configuration files.

    HTML / Web servers
        – Formatting tags.  GET and POST.
        – Very elementary JavaScript.
        – Understand web exploit techniques such as SQL injection, File includes, Directory traversal, simplistic Cross-site scripting, etc.

    Network File Sharing
         – UNIX: mount and umount.
        – Windows: net use and  netsh.

    Basic SQL
        – Show, describe databases and tables.
        – Basic “Select” statements and wildcards.

    Hacker Tools
        – Password cracking
        – Traffic monitoring
        – Metasploit Framework  (using existing exploits, no development)

    Not these…
    For our Regional cyber challenges, you will not needs these skills:
     – No reverse engineering.  No memory inspection/manipulation.
     – No interaction with routing protocols (RIP, BGP, OSPF, etc.)
     – No coding needed during the event.

    And remember:
    It’s a hacker event; there will be surprises, and no apologies for them!

     

      Suggested Resources for Learning IT Security

      To Get Started:
      1. Build a home lab. Any PC or laptop with an i5 and 8GB of memory will be excellent, but you can get away with even 4GB for two Linux VMs.
      2. Try some exploits Install VMware Player or Fusion then add a Kali VM for an attack platform and Metasploitable 3 as a victim.  (Get help online.)
      3. If you have time, try some of the blogs, books or news feeds from the list below. Pick the one you like best, and keep up.

      Books:
      The Hacker Playbook 3
      Linux for Hackers
      Rtfm: Red Team Field Manual  (Older, but still useful)
      Kali Linux  (Finally, a newer Kali book. 4.5 stars)
      The Web Application Hacker’s Handbook  (Older than the dinosaurs, but no one has even tried to do a better one – beginner and intermediate)

      News:
      The Hacker News (Points to latest news stories. Find what you’re interested in and navigate to the original stories)
      risky.biz  (Easy-listening weekly podcast. More professional and credible than any other)

      Online challenges & training:
      Hack the Box  (Freemium)
       – Hack-the-Box Walk-Throughs  (Saved write-ups for HTB)
       – Hack-the-Box Meetups  (Live monthly workshops to solve HTB with others)
      TryHackMe  (Hack the Box alternative)
      Virtual Hacking Labs  (Paid)
      Offensive Security (OSCP)  (Top of the line, but expensive!)
      https://www.blackhillsinfosec.com/blog/webcasts/  (Free webcast & training)
      https://portswigger.net/web-security  (Free training)
      https://pentesterlab.com/ (Paid)
      https://www.wizlynxgroup.com/pwntilldawn-ctf/ (Free)

      Build a home lab:
      – VMware Player is free.  Run 3 full, or 10 small VM’s on a PC or nice laptop.
      – VMware Workstation costs a few hundred $ and adds more networking support.  Free for students.
      – VMware ESXi is free, highly professional, and will help you in corporate IT Centers where real companies with massive installations use VMware all the time. You must be able to work in a VMware environment if you want to be a pentester.  However, you need to dedicate a computer to build an ESXi server. HapiRat runs 32 VM’s and 20 virtual networks on ESXi using an i7 box with 16GB mem.  http://hackingaway.org/small-esxi/  Any PC or laptop with an i5 (or i3 with multi-thread support) and 8GB of memory will be excellent, but you can get away with even 4GB for two Linux VMs.

      Tools for your home lab:
      https://www.kali.org/  (Includes nmap, Metasploit, ncrack, john-the-ripper and many other important tools!)

      Add or import some vulnerabilities to your home lab:
      https://www.vulnhub.com/

      YouTube Channels:
      Ippsec 
      TCM
      Nahamsec

      It is important to note that students who wish to participate in Canada’s Cyber Security Challenge cannot register directly through our site. You must register through your education institution in order to verify that you are an eligible post-secondary student.

      Find a list of all eligible schools and see registration info here.

      If your school is not listed, you may contact one of your professors or teachers to inquire about having your school register to participate in the Challenge.

      Unfortunately, we cannot register you or your school without having a teacher contact us about having your school added to the list.  

        Video of Regional Hiring Event

        Top Schools Participate