What do Amazon, Jeff Bezos, ‘Lord of the Rings’, rocketships and non-disclosure agreements have in common? The answer is CAT Network Security Specialist graduate, Zach Haight.
CAT: When did you graduate from the Network Security Program?
ZH: I graduated in 2015.
CAT: What has your employment journey looked like since graduating?
ZH: To begin with I contracted through Ci2i Solutions at Microsoft. Then I got a full time job working identity and access management in the IT department at Providence Healthcare. I then applied and was hired after an interview where Checkpoint Software Technologies flew me to Dallas, Texas for 12 nationwide jobs with 126 applicants.
I worked as an Associate Engineer for two years, and was promoted internally at Checkpoint through every rung of their engineering organization working directly with enterprise customers, and finished there as a Cloud Solutions Architect specializing in our technology integrations with public cloud service providers
I decided to spread my wings and moved to Palo Alto Networks, covering the Amazon account specifically, as well as all 27 of their (at the time) subsidiaries in the major accounts engineering organization.
I recently moved to Crowdstrike to expand my security breadth from firewall-focused security solutions to endpoint detection and response technologies as a Sr. Solutions Engineer.
CAT: How did you get your first job?
ZH: A family friend gave me an opportunity to interview.
CAT: We hear you have been involved in lots of cool projects, some of which included travel – can you tell us about any of them or are they top-secret?
ZH: I can name a few that might be interesting to some of the students…
I worked on security infrastructure design and implementation on both the mission control center and the rocket itself for both commercial and government contracted space flights at Blue Origin (Bezos’ space company).
I did security and infrastructure design for the production and editing environments of the upcoming ‘Lord of the Rings’ TV series at Amazon Studios – as well as many secret Amazon productions that will be announced this year.
I created cloud security architecture and assisted implementation for WeedMaps (a recreational marijuana store finder application).
In my last role at Palo Alto Network, I was also in early stages of discussions with a robotics arm at a large distributor about securing their IOT robotic devices. Ultimately I won’t be able to finish this project and I wish I could provide more detail but there is a textbook sized NDA (non-disclosure agreement) for that project.
I worked on security infrastructure design and implementation on both the mission control center and the rocket itself for both commercial and government contracted space flights at Blue Origin (Bezos’ space company).Zach Haight
CAT: Who are you currently working for, and what is your job title?
ZH: I currently work for Crowdstrike (CRWD) – the industries leading endpoint detection and response company who touts the first cloud-delivered, kernel-level solution.
My title is Senior SE (Solutions Engineer), Amazon. I support Amazon’s one million plus currently deployed endpoints and new business within Amazon/AWS and subsidiaries.
CAT: Tell us about your current employer and how you found your job with them…
ZH: I have made a little bit of a name for myself within my niche of the industry and I was actually contacted by both management and recruiters and asked to join their team. I was looking to make a move to a smaller more ‘start up-like’ company and had a few offers, ultimately settling in Crowdstrike because of their culture and frankly, industry dominance.
I did security and infrastructure design for the production and editing environments of the upcoming ‘Lord of the Rings’ TV series at Amazon Studios – as well as many secret Amazon productions that will be announced this year.”Zac Haight
CAT: Talk us through your typical workday…
ZH: I am fortunate to not really have a typical work day. I very rarely do the same thing two days in a row unless we have an in progress architecture design with the same team from a given customer that stretches over multiple days.
Things I do on a day to day really vary, some of the things include:
- Initial discussions with customer engineers around specific products within my companies technology stack.
- Creation of cloud-based demo environments for purpose of testing or demonstration in what I like to call “malware shootout”. This can sometimes be with known malicious content, content with an edited hash (zero day simulation) or newly emerging threats that we’ve seen hit some of our customers recently that we’re attempting to better understand.
- Conferences. In a non Covid world I attended blackhat/defcon yearly, as well as a number of local ISSA conferences and vendor conferences – to both learn for myself what emerging technologies look like in the security space, as well as educate others on what my company has to offer to assist them in their security journey.
- In-depth architecture deep dives, when a customer has decided on a specific direction they want to take their solution (ex. Deploying EC2 hosted next-gen firewall technology in AWS) – complex architecture based on use case becomes the next step. These sessions can span multiple days/sessions, ultimately dependent on the customer and of course the use case we’re trying to support.
- Discussions with Project Management about the direction of our solutions. We – as field engineers (customer facing architects) – are often asked by PM for feedback surrounding use cases we’re seeing in the “wild” so that the company as a whole can make effective changes to the solutions we offer. Sometimes we will go to them with a request, and then discuss why that particular feature or functionality, may or may not work within our software stack.
Without my courses with Rich Teer at Centre for Arts and Technology, I wouldn’t have had the slightest clue how to navigate a Bash shell.”Zach Haight
CAT: How did your time at CAT help you prepare for your current role?
ZH: One of the things I learned when I got into the industry and really started applying some of the things I’d learned at CAT is that most people don’t seem to focus on the core fundamentals in their education and that leaves real gaps when you start trying to advance.
Example. With my first role in security with Checkpoint Software Technologies, there were over 120 candidates for just a handful of roles. In an effort to weed us out immediately, the first thing we did was take a practical exam around networking basics (OSI model, subnet calculation, powershell script comprehension, etc) – CAT more than prepared me for that.
All of the companies I’ve worked for since my graduation have relied heavily on Linux operability in some form or fashion; most have a proprietary version of Linux on which their entire security platform is built. Without my courses with Rich Teer at CAT, I wouldn’t have had the slightest clue how to navigate a Bash shell.
CAT: What was your favorite thing about your time at CAT?
ZH: The educators and small class size. Anyone that taught me at CAT can tell you, I needed the focused attention of a classroom size like CAT offered and I’ll be the first to admit I was not the easiest student to teach. Mohammed Zubair, Rich Teer and Randal Typusiak, I will be forever grateful to, for not giving up on me.
CAT: What top tip/tips do you have for other NAS/NSS students?
ZH: There is value in the course material you’re learning there, whether you apply it directly to the security industry or whether you go more heavily into the network focused aspects of the industry upon graduation.
There are so many different niches in this industry, one built for each one of us; from the outgoing personality in the room who can’t shut up (even when he should; me!) or the shy engineer who finds comfort in putting on a headset listening to music and turning widgets. Find where you fit, and you’ll go places.
CAT: What one top tip would you give to people about network security in general?
ZH: Open yourself to constantly learning, if you’re a security professional it will be required! Your adversaries are always adapting their strategies to beat you. Preventing instead of reacting is up to you!
Find where you fit and you’ll go places.”Zach Haight