Jon Helmus is a security engineer, educator, author, and a cloud hacker who has been working in engineering, security, and information technology for 10 years. He specializes in Penetration Testing, Threat and Adversarial Assessments, Vulnerability Management, Cloud Technology (AWS), and also has experience as a Technical Educator and University Level Professor. 

Jon is known as “the granola” hacker due to his consistent attitude of “giving back” to those trying to get into pentesting, as well as helping others “bypass the gatekeepers” and get into cybersecurity. He recently, published a new book “AWS Penetration Testing”. Jon teaches the following courses at STC: IS 345, ISEC 525, ISEC 500 and the AWS Apprenti program. 

Radana: Jon, congratulation on your recent publication, and thank you for agreeing to be interviewed for the STC Thursday Byte. Let’s start off by telling us about your career path that brought you to where you are today. 

Jon: Thanks Radana. I first started out as a helpdesk employee for a medium size business in San Diego, CA. While I was there, I finished by bachelor’s degree and got a couple certifications. After about 2 .5 years of working there, I was able to transition into cyber security via my network of peers.  

I got my start in academia after being offered a part time job to teach at school where one of my teachers was the Dean. They offered me an adjunct position after graduating from my master’s program.  

Radana: What’s one thing you wish you had known when you began your career? 

Jon: To take time to appreciate the little things. It took me awhile to get a solid work/life balance and understand that sometimes you need to take breaks and enjoy the fruits of your labor.  

Radana:  How do you continue to learn in order to stay on top of things within your role? 

Jon: Currently I’m a Ph.D. student – so that helps me maintain my knowledge and upskill myself. I also talk with new people every week who work in the industry and who I can learn from – or who can learn from me! 

Radana: What are some of the things you’re researching right now? 

Jon: Cloud security – or more exclusively, cloud pentesting. 

Radana: We hear about success, but I think it is more powerful for our readers to hear you talk about our biggest failure (which I prefer to call biggest lesson), what was your ‘biggest failure/lesson’, and what did you learn from it?

Jon: I learned that you have to pick your battles wisely. We face all sorts of different challenges within are career – and I learned from my challenges that some battles are best left alone.  

Radana: What advice would you give someone wanting to pursue a career similar to yours? 

Jon: Learn to love it – and once you love it find a topic of interest and dive in! 

Radana:  Great advice! What are the best resources that have helped you along the way? 

Jon: My network has really helped me. Having a great network of wonderful people is been a major part of my success. 

Radana: What is the one common myth about your profession or field that you want to debunk? 

Jon: That you have to be HIGHLY technical to be a penetration tester. Also, that you have to be a coding expert to be a hacker. This could not be farther from the truth. 

Radana: What have you read or listened to recently that inspired you?  

Jon: Principles: Life and Work by Ray Dalio. 

Radana: Where can our students connect with you online? 

Jon: They can find me on LinkedIn under my name “Jon Helmus”. They can also find me on twitter at @Moos1e_Moose. 

Radana: Thank you Jon for taking time to be interviewed and contact details. If you are interested in Jon’s book, AWS Penetration Testing: Implement various security strategies on AWS using tools such as Kali Linux, Metasploit, and Nmap it’s available on Amazon.