Cloudflare TV
Powered by Stream

Careers in Threat Intelligence

Presented by Mia Wang , Amyn Gilani
Originally aired on 

Join Amyn Gilani (VP Product @ 4IQ) and Mia Wang (Special Projects @ Cloudflare) for a Q&A on how Amyn built a career in threat intelligence, beginning from his service with the United States Air Force.

English
Interviews

Transcript (Beta)

Hi everyone, I'm Mia Wang. I'm on Cloudflare's special project team and this segment is called Careers in Threat Intelligence.

Today we have Amyn Gilani who is currently a VP of product at a threat intelligence startup called 4IQ and he's had a fascinating career that we'll get into this segment and I don't want to spoil that yet.

But just some background is, you know, we're hoping to spend the next half an hour or so talking about what different career paths in security and specifically within the intelligence space could look like.

I know for me when I started my career in security, you know, I had no idea where it could take me and, you know, what the different options were.

So, Amyn, thanks for joining us. Appreciate you being here and answering a bunch of questions on what your career has been like so far.

Yeah, great to be here on Cloudflare TV. So, I guess let's start from the beginning.

So, you know, I know you spent pretty much your entire career in security and specifically around threat intelligence.

You know, you've done everything from red teaming to incident response, threat hunting and now building security products.

But if we start at the beginning again, how did you even get started in the space?

Was it something you, you know, you dreamed about growing up or, you know, did you sort of stumble into it?

I definitely stumbled into it, I think.

So, it really all started off me joining in the Air Force, joining the Air Force as an enlisted member back in 2004.

And I really didn't know I was getting into cybersecurity at that time.

I actually joined the Air Force when I was 17 years old.

So, I actually needed my mom's signature to get into the Air Force. And really what inspired me was, you know, after 9-11, you know, I feel like it was my calling and I wanted to do something different and kind of wanted to get out of South Carolina as well, which is where I grew up.

And so, you know, I wanted to join the Marine Corps at first because I saw this inspiring commercial while I was watching Scrubs, which was my favorite TV show at the time.

And so, I went to go to the Marine Corps recruiting office, but they were closed.

And the Air Force recruiter, you know, kind of just drew me in and told me all about the careers in the Air Force.

And eventually, I took the ASVAB test, which is like the military SATs.

And I kind of had scores and kind of, you know, different careers that would align with my aptitude.

And cybersecurity and intelligence was one of them. And so, you know, about a year later, after I joined, I did all this training.

And my first duty assignment was NSA, which is really where I was exposed to military operations, military intelligence, and kind of the forefront of, you know, offensive and defensive cybersecurity operations.

That's interesting. Who knew Scrubs was one of our recruiting agencies.

That's really fascinating. I imagine, I know for me growing up in the tri-state area, you know, 9-11 is something that hit me pretty hard personally and affected a lot of also for me why I wanted to be in the security space.

Did you find that to be sort of a kind of unifying kind of experience or feeling among a lot of people who joined at the same time as you did?

Yeah, yeah, I definitely think so, right. I think, you know, just being a part of a generation, even though, you know, being a millennial, we get all kinds of slack or a lot of flack for, you know, not being proactive or whatever.

But I think 9-11 definitely drove me for that.

And I think it was more of a cultural thing, too, because my parents immigrated here when they were teenagers.

And I feel like, you know, I wanted, you know, this country has provided a lot of opportunity for my family.

And so I wanted to also just do my part and contribute and be a part of that team as well.

That makes that what makes America great. Yeah, I mean, you and I have known each other for a while, and I don't think we've ever talked about this, but it was sort of the same thing for me.

Like my, you know, my parents came here when I was pretty young, I grew up here mostly, but I was born in China.

And it's, I know, you know, my life here is very different than what it could have been elsewhere.

And so I'm certainly very appreciative of that. So, okay, so you're 17, your mom signs the form, you join the Air Force, you're signed to the NSA.

So to the extent that you can talk about, obviously, you just maybe describe what type of work you were doing, or maybe what sort of skill sets you learned coming out of those those years.

Yeah, so in the beginning, so this was so I was first. So you know, I joined in 04, my duty assignment, but after all this military training, a year later, so a year later is when I really stepped foot into NSA.

And really, my first job was gathering intelligence.

So it wasn't really anything to do with cyber in the beginning for the first couple years.

So I did deploy to Iraq.

And really, what we're doing is we're tracking, we're tracking, you know, terrorist and terrorist cell groups, financiers, all the people that are like essentially conducting, you know, attacks against US troops in Iraq and Afghanistan, what we're doing is finding out where they were, who they were, and being able to detain them.

So we're using all types of intelligence methods, communications to really track down who these people are, so who these people were.

So we're developing targeting packages.

So it was very tactical that the mission was essentially finding the bad guy, right, and using all data sets available to us.

So I did that for a couple years.

And then once the operations slow down a little bit after the 2007 surge, led by General Petraeus at the time, in 08 is whenever my commander told me that, hey, you should you should move into this other place called GFCCNW, which is the Joint Functional Component Command of Network Warfare.

And I really didn't understand it at the time, but essentially was the offensive cyber arm of what today is known as Cyber Command, US Cyber Command.

So, you know, being in the forefront of that, too, that's when I picked up more technical skills, red teaming skills, and understand and understood how exploits work and the whole basis of kill chain of how to, you know, spear phish adversaries, and, you know, taking over accounts and stuff like that.

So that was a lot more fun, because you're actually doing operations, I feel like I peaked really early in my career, or I'm actually one of the most sophisticated, you know, attack methods.

So it's really cool.

And then so essentially, a couple years later, you know, GFCCNW, combined with, you know, you know, like, GTO, which was the offensive arm, I mean, sorry, the defensive arm of Cyber Command, they combined together, I think, in around like, 2010 timeframe, and that's when they became, you know, Cyber Command.

It sounds like it was a bit of, you know, obviously, a lot of hard work, and, you know, doing well in the missions that you're put on, but also a little bit of luck that that led you to, to, you know, network security, and then more technical.

Yeah, yeah, I've been blessed with a lot of luck of like, leading my career in in certain directions.

But yeah, I think that's when I really found like, my true calling, because I knew that, you know, mixed with, you know, defensive and offensive skills, it would transfer, those skills would be transferable to, you know, a variety of industries.

And at that point, I already hit my six year mark, right? Oh, four to 10.

So I had a six year enlistment with the Air Force. And by 2010, after I picked up all the skills, I felt like it was, it was time to time to leave and explore different, different avenues for my career.

Well, so that that sounds so perfectly to talk about how, how you thought about sort of leaving the Air Force, you know, leaving a world where from a security perspective, from a practitioner, practitioners perspective, you had access to, you know, some of the most interesting data sets in the world and the best tools in the world.

And, you know, super mission driven, you're probably working with people who were all really, really aligned on sort of the same mission.

So how did you think about sort of transitioning out from the military and into the private sector?

And, you know, was it something that you knew you definitely wanted to do?

Or were you like, you know, I'll see what's out there?

So my transition initially wasn't as, as exciting as maybe other people have where they, you know, they leave NSA and become founders of a very, like, fascinating company, right?

It wasn't like that for me.

I actually ended up doing almost the same job that I had in the Air Force, but as a contractor.

So I, so I figured that, you know, you know, I no longer wanted to be a part of, you know, like the military system, which was fine.

But I love the mission so much, where I, you know, turned in my government badge and receive a contractor badge at Northrop Grumman.

And I was basically working on the same mission at Cyber Command that I was before.

So I did that for a couple years. And I think that I'm really the biggest transition came whenever I left the entire DoD and military infrastructure to move on to, you know, Goldman Sachs.

And I think that's, that's whenever really, there was a bigger learning curve to understand how private sector really did.

And so, you know, that's where I met you. And of course, I was brought on initially to, to be a threat intel analyst and then moved on to, you know, within Goldman Sachs after a year to run the red team operations where we would do, you know, sophisticated attacks, emulated attacks towards payment systems and other, you know, critical business operation tools and processes.

And so one of the things that I think I appreciate about working in security and financial services sort of the, there's a lot of focus on security.

You know, everyone understands that the, the risk is really significant.

So there's, there's a lot of attention and focus and a lot of smart people around the problem.

But it's obviously, you know, it's mission oriented in a certain sense, but a very different mission than, than what you were used to doing before.

Was that a big part of the learning curve or was there something that was more challenging?

Yeah, I think it was mostly just business processes. And but I think a lot of this stuff converts over right before we do any operations in the government military.

I think that there's a lot of approvals, there's a lot of risk assessments, and just a lot of things that you need to measure, how you can measure your impact, your effectiveness and other things.

And so even though you're doing that military, they're just, it's just the same thing in private sector.

And in financial way, it's just called something different, right?

And you're doing the same due diligence, but just I think picking up on how financial services operates, was probably, you know, the biggest, the biggest learning curve, it was wasn't the technical side of things, it was always, you know, playing by the rulebook.

And I guess understanding this sort of business context around, you know, even something as simple as maybe like how to build an incident response process or something like that, it has to be something that fit the broader organization, which, you know, Goldman Sachs is not a security organization, right?

Like there's there's another kind of business purpose that you have to sort of realign yourself to.

I guess this is maybe a good time to ask that if we have folks who are watching who might be veterans, or, you know, who maybe recently left or thinking about leaving, how would you recommend, you know, everyone's path is obviously very different.

So I'm sure you'll, you'll caveat it. But how would you recommend exploring kind of private sector?

Because I know, oftentimes, it seems really opaque.

And, you know, different industries seem like all, you know, just jargon everywhere, everything seems really opaque.

So how would you recommend just navigating it and kind of understanding like, where to go?

Yeah, I think, so I think, for military in general, I think that, you know, understanding what your skill sets are, and how they translate into the private sector is really important.

And knowing what those terms are, so you can understand what those job references are.

But I think that, in general, I think military members offer just so much to, to any organization, as far as, you know, the ability to commit, understanding the mission.

So what I would recommend and kind of give advice for, you know, any veterans is that don't sell yourself short at all.

Right? I think that a lot of times, you know, for me being deployed to, you know, in Iraq, you just kind of deal with the hand that you're dealt, you kind of have to play it, maybe what you're given.

But the good thing about being outside of the military and big government organizations that you control your fate.

And, you know, if people don't realize the, the value and the skill set and the deep training and learning that, that, that veterans have received, if they don't value that, then they're not, not worth your time.

Right? So I think that, you know, just being realistic with, with everything that you've been given, you know, most veterans are Swiss Army Knives, they can adapt to anything and pretty much achieve any problem as long as they're given, you know, the right, right skill sets and tools to do it.

So I would just, yeah, definitely to stay resilient, right? Because, yeah, I just feel like, you know, veterans do kind of, in general are, you know, they can adapt to anything.

Yeah, I, I, your comment about, you know, don't, don't sell yourself short is something that I've, I've told a lot of my friends who are, who are veterans and thinking about navigating kind of the private sectors.

Like, if I think about sort of even just your experience, right, like between, you know, 17 and 25 or so, like the, the sort of hands-on experience, professional experience that you were getting is, you know, in those years, I was in college and, you know, maybe going to class and like learning a little here and there.

And that's just the type of experience veterans have is just a lot deeper in some, some ways.

And the resilience is, is, is key. It's realistically at work, right?

You know, most of the things we deal with aren't, it's not rocket science, right?

It's, it's sort of just having the resilience and willpower to, to power through these different problems to, to be analytical and, you know, keep, keep going.

I think dealing with like shiny ball challenges or, or any other taskers that could throw anyone off balance normally, I think veterans are so good at assessing and being able to control the situation because they'll know if it's life and death, right?

Like they can say that, hey, no one's going to die today based off of, you know, a feature that we may or may not add in our product.

Right. So I think, you know, a lot of thinking and just, yeah, nothing can rattle, you know, veterans cases, something that I've experienced.

Yeah.

So, you and I met at Golden, we were both there for a bit. And then, I know, you know, now, now being at a, at a startup, I'm sure there's a lot of experiences you've had that are transferable, but it's probably also a pretty big change.

So let's, let's do the same thing. So walk us through how, how you sort of made the decision to go from large companies, you know, you're at Northrop, at Goldman, and then to a startup.

Yeah. So I was actually just kind of demoing some threat Intel products.

And, and so one, so the CEO at the time of, of 4iQ came up to me and said, Hey, can you like check out this product and give us some feedback?

And I was looking at it. And essentially, there was just a bunch of like, like breach data.

And there was a repository, basically like a GUI, where you can search into all this breach data, and you can pivot off of it, and you can connect to social media profiles.

And essentially, I was typing in a couple of threat actors I'm aware of, and like just based on their like usernames from dark marketplaces.

And I was realizing that after a couple of pivots, you're basically finding the social media profile and the real identities, like LinkedIn profiles of threat actors.

Right. And I was like, I was like, at the time, like Monica, do you know that you basically solved like a part of attribution?

And she was like, did we? And I was like, yes.

And then so essentially, I gave feedback and feedback. And essentially, Monica said, you should just come on full time and build product for us.

Right. So you know, the mission that we were doing that we're doing at 4iQ now is, you know, unmasking threat actors, right.

And of course, it's very contentious, because usually when you hear like attribution, the next word everyone hears is like retaliation, like in the back of my mind, you're going to do attribution to really hack back and really, that's not the business that we're in.

What we're doing here is really creating a product where you can get the true identity of any kind of like phone number, email address, moniker, crypto wallet.

And all these things are very important, even if you're not going to, you know, unmask that person to go put them behind bars, because most people, most private sector obviously don't have that kind of authority to do that, right.

But, but law enforcement and intelligence community, they do, right.

So we help when it comes to that use case, we're helping the law enforcement I see, which is great for me, because I feel like I'm still part of that fight, right.

When I mentioned to you earlier, like, I feel like I peaked when I was like, at that kind of mission, this helps me get back into it and really make a positive impact.

And, you know, taking out the people that are that are hazardous to, you know, not only like our online community, but also, you know, hazardous to the financial, the economy of things, right.

So and, you know, I have a almost three year old son. So I want to, I want him to grow up where there's not that kind of, you know, predators and just bad people on the Internet, right.

So that helps with that mission. But also understanding the true identities behind certain monikers and different digital attributes is helpful for anti money laundering and helps you understand your customers.

So know your customer, you know, aspects within financial is still very critical.

Whenever you're, you know, onboarding a client, you want to make sure that this person is not associated with any kind of ransomware, or runs a child pornography ring, right.

So that's the kind of context that we provide. And so and so for the past few years, I've been at 4iq developing this product and trying to make it a lot more rich of data so that we can we can eliminate or at least reduce the amount of bad people that that are on the Internet.

So it sounds like in a lot of ways, I mean, it's so it's so directly related to everything you've done in your career up until this point, but it's a slightly different angle, whereas before you're sort of on the buyer side of practitioners and the thing.

In this case, you know, you're building the product you're selling to and partnering with private sector and public sector folks.

So how has that experience been? You know, is selling into the government or into, you know, the Goldman Sachs of the world?

Was that more difficult or easier than than you expected?

Yeah, it's definitely harder, right?

I think when you and I were both at Goldman Sachs, like I can bet we had probably 20 or 30 emails a day on vendors trying to sell into us.

Right. And so so, you know, having that perspective and knowing that, you know, just spamming people when they're trying to do important work, you know, defending their their network.

I mean, you can't you can't just like bother them. Right. So I think on that aspect, it's been very tough.

But I think really what's been selling what's what's been helpful to selling is relationships.

I think being kind and fostering relationships throughout your entire career is extremely important.

Right.

Like you and I still keep in touch after five years. Right. So it's incredible.

And I think, you know, fostering relationships, understanding the mission and always trying to be impactful in those in those ways is the most important thing.

Right. And if you if you provide value, then then, you know, deals will happen.

Right. And I think that, you know, selling to the government, it's not just relationships, but also, you know, putting your best foot forward.

So, you know, you know, applying for bids and, you know, trying to get contracts to open markets is extremely important.

You know, utilizing your relationships with integrators like, you know, I rely still on my older employers, right.

Like Booz Allen in Northrop Grumman to help me out, you know, spread my product more.

Right. And of course, the direct relationships that I've had with clients that, let's say, NSA are working at, you know, supporting the FBI to some extent.

It's good to keep those relationships to expand.

Right. So for any entrepreneur who's who's out there, who's trying to sell, I would say that the relationships are everything.

And even after your colleagues move on, they're going to be in similar spaces like going from private sector to public sector and vice versa.

That only helps your network even more.

Right. Helps you spread out more. So, yeah.

That's something where, you know, in the last three or six months, it felt like a year, but in the sort of quarantine world, I've asked a lot of people kind of how they're dealing with being remote, how they're dealing with selling to customers that they can't go visit anymore in person.

Right. And everyone comes back to the point of just relationships.

Right. Like there's that that's just something we're investing in that, maintaining it, staying in touch with people, trying to add value where you can like that.

That'll never hurt. Right. And to that point, and in this sort of remote world, I know you, most of your team and the company is based in the Bay Area and you are not.

So how have you found that experience to be in general?

And then have you found it to be easier or more difficult throughout the last couple of months or any tips?

I'm still trying to figure out how to do this well.

I'll take any tips. I wish I could say it was easier. I think there's pros and cons of both of it.

Right. Like there is, there is a thing called Zoom fatigue. Right.

And it's real, you know, just being on calls all the time is really tough, but, you know, just very simple things.

Like if I wanted to ask one of my product managers to, you know, get some feedback on a certain feature, if you want to talk it out, like we have to schedule meetings for it rather than, you know, if we're all in the same office, I can just like, you know, walk over five feet and just discuss it and call it a day.

Right. It wouldn't be an issue, but now you have to schedule meetings.

You have to talk about it. You have to show it, you know, share screens and stuff like that.

So it's a lot harder for some aspects, but I think the positive thing about this is that, you know, being home, I have, like I said, I have a three -year-old.

Right. And so it's so much, it's so great to spend more time with family.

You don't have to worry about commuting. You don't have to sit in traffic or on the Metro for too long.

Right. Cause really you just go upstairs or downstairs or even work in the living room for a lot of people.

Right. And so I think it's been a blessing more than anything to get that quality time, but also it's also a challenge to keep that three-year-old engaged.

Right. People learning.

So I think balancing is, is, is, is definitely a tough, a tough thing to do, but for the most part, you know, I feel like I'm more plugged in.

I can, I don't have distractions and I feel like people can excel whenever they're kind of in their own element.

Yeah. I think having, having, you know, sort of minimizing distractions, but then also sort of being able to just go downstairs and say hi to your son, even if it's for 30 seconds, right.

Like that, that does a lot for, for, for general sanity, but also for, for productivity.

And I think everyone hopefully is, is, is experiencing that a little bit.

I know I'm fortunate enough to be around my family in these past few months and it's, it's, it's sort of the one little silver lining of, of all of this is that you get to be hopefully close, closer to some of your loved ones.

Yeah. So, okay. So I guess we've, we've sort of walked through the, the, the range of your, your career.

It's, it's sort of like at the center of it has been security and threat intelligence, but you've seen it from so many, so many different perspectives.

To your point about relationships, have you found, you know, maybe mentors at different stages of, your career that, that have sort of helped you navigate each, each change or, you know, have there been people to, to really guide you through it or, you know, have, have a hand in that?

Yeah, that's a really good question. I think, I think mentorship is extremely important, right?

You obviously getting advice, but also giving advice too.

And really, I think my mentor circle has changed like for every phase of my career, right?

Like, obviously I've, I've gone, I've kind of done like this, the same type thing.

It's always been in threat intelligence or red teaming, but it's been at different aspects, right?

So, you know, being in government, but then moving on to, you know, consulting and being, you know, a part of financial sector as a practitioner, like it came with a variety of mentors, just the same way as you, right?

You've gone through different, completely different jobs, right?

Two completely different career fields. We have to like create your network again.

So I think my mentors are really sort of like focused around who can help me at that time and where I want to go.

Right. And it's always great to keep your old mentors in touch too, about like where you're, where you're headed and kind of give you a different perspective too.

So, so my mentors are all over the place, right?

That it goes from, you know, from, you know, older, older, like folks from the Goldman Sachs era, but also who are now like, who are now like leading big military organizations, right.

Which is great to see. And you see their progression as well.

And, and it helps me strive to be a lot better too, right. Cause I feel like so many people are doing so many great things and I want to stay within their company too.

So I had to continue doing great things too. So, but also I would recommend this book called Tribe of Mentors by Tim Ferriss.

And that book, it's just all the top performers and their, their habits and their, you know, kind of bits of advice too.

So if you don't have a big network of, of mentors, you can just pick up this book and hopefully it'd be helpful.

Yeah, that's a great place to start.

We actually have a question from the audience, from Julie Sparks.

This may be a tough one. So Julie asks, what was your favorite position during your career?

And where do you see yourself in 10 years? Do you see yourself in the security space or, you know, do you want to try it when they completely?

Yeah. So first one.

So the second one is easy. First one is tough because there was a lot of fun missions in the air force.

I think the one, I wouldn't say it's favorite because there was a lot of like misfortunate things that happened, but really when I was in Iraq, whenever we were locating bad people, you know, this, you know, insurgents and kicking down their doors and stuff like that, I think it was very tough to go through a war zone.

And of course we lost a lot of good people there too.

But I think we made a really big impact in really securing a lot of, you know, the sections in Iraq at that time.

Right. So even though it was a very tough situation, I think that's when I grew the most.

And on top of that, I got to know a lot of the locals in Iraq as well, like outside of Baghdad.

So it was, it was very eyeopening and it just added so much perspective to my life.

And it made me realize that like everything that I do, I need to do it with purpose.

And if my passion's not in it, there's no point in doing it.

The second thing, the second question where I see myself in 10 years, like I definitely want to like found my own company on a, on a, start it and you know, grow it and be impactful.

Right. So I definitely do want to start my own company in the future.

I'm not sure in what, because you know, the spaces are just so challenging, but definitely probably something in the, in the cryptocurrency tracking space or somewhere in blockchain.

But again, the, it's all about timing, right? So we have to figure out what the product would be and, you know, the market market is asking for it.

I'm sure regardless though, you know, a lot of things you talked about with building your network and, you know, being mission oriented and just knowing how to manage a team, all of that will be more useful than ever if you ever start your own company.

Yeah. That's exciting. One, one last question that I'd love to get your thoughts on.

So some of the organizations you've worked at, most of them have some sort of like, you know, employee community for, for veterans.

We have on a cloud where it's called VetFlare and it's, you know, meant for veterans, families, allies, supporters, all that.

Have you found those organizations to be useful?

And the other part of that question is if we have people out here who are managing a team and they might have veterans, or they might be recruiting, you know, what, what, what would you tell them?

Like, is there anything where if you're, if you're a hiring manager, right?

Like, is there anything you should be thinking about to, to do a better job recruiting veterans or maybe like interviewing them differently?

Yeah. Okay. So first of all, veterans know what it means to serve, you know, what, what it means to be a part of a team.

They understand mission, they understand what to kind of, what to commit, talk about morale and diversity as well.

And I couldn't have said it any better because that's exactly what veterans offer, right?

And so, you know, if there's anything that I would, any advice I would give to a hiring manager, I think that you, you can't go wrong with hiring a veteran.

We're running up on time. So thank you again for, for doing this with us and stay safe and hopefully I'll see you soon.

Yeah, it's been my pleasure.

Thanks for having me.