Life of a DevSecOps Engineer (w/ Aras "Russ" Memisyazici)

Russ Memisyazici is a DevSecOps engineer and cloud architect with 30+ years experience in IT and cyber security. From coaching US CyberPatriot teams to building the Virginia Cyber Range, he's got quite the colorful career. By-the-way, it’s pronounced: my-mish-yah-zuh-juh. In this interview, Russ shares his knowledge on: Cloud risks Future cloud technologies Thoughts on cyber certifications His personal journey in cyber security. There's also advice for starting a DevSecOps career too! DevSecOps combines cyber security with traditional DevOps to help developers deliver secure apps. As a DevSecOps engineer, you’ve got to be well-versed in both software development, IT operations, and cyber security. Whether it’s application security assessments, cloud deployments, or coding, you need a wide range of skills. It’s system administration on steroids. A common DevSecOps workflow would be defining your entire infrastructure and deployment cycle as code. Then you would automate the tests, security assessment, and deployment with a CICD tool like Jenkins. DevSecOps personnel are very sought after in the startup world. When it comes to building scalable infrastructure and deploying apps, DevSecOps folks are commandos of the tech world. It’s a fast-moving domain, with terminology and technology changing from one day to the next. Soon the term “DevSecOps” might even be replaced with “GitOps.” But the most important thing that Russ highlights is to focus on the basics. Fundamentals like networking, scripting, or system administration, don’t change as much. Fancy new technologies that are coming out are all built on top of these skills. But they do take reading books and good old-fashioned keyboarding to acquire. 00:00 Introduction - Aras "Russ" Memisyazici 01:36 What is DevSecOps? 04:10 Why Is DevSecOps Critical for Cybersecurity? 07:24 Role of DevSecOps in Securing Infrastructure 10:04 What Technologies and Skills are Important for DevSecOps? 13:04 How Much Does DevSecOps Pay? 15:47 Roles & Opportunities for DevSecOps 17:25 Books and Resources for Learning DevSecOps 23:20 What is the Cloud? 27:57 What Risks are Associated with the Cloud? 32:22 What's the Future of Cloud Technology? 37:0 How Important Are Cybersecurity Certifications? 44:29 What Is the Value of Cybersecurity Programs? 50:10 What are Shortcomings of Cyber Education Currently? 55:50 Russ's Personal Cybersecurity Journey 1:05:58 Get in Touch with Russ Memisyazici LIKE and SUBSCRIBE ---- Resources ---- Phoenix Project, Gene Kim https://www.amazon.com/Phoenix-Projec... The DevOpSec Book, Jim Bird https://www.oreilly.com/library/view/... Hands-on Security in DevOps, Tony Hsiang-Chih Hsu https://www.amazon.com/Hands-Security... Agile Application Security, Laura Bell https://www.amazon.com/Agile-Applicat... Site Reliability Engineering (SRE) Workbook, https://sre.google/workbook/table-of-... The Site Reliability Workbook, O’Reilly https://www.oreilly.com/library/view/... #DevSecOps #DevOps #Cyberspatial