Start Your Career In Cyber
Simon Fraser University
Surrey Campus
The Next Regional Competition Starts In
Day(s)
:
Hour(s)
:
Minute(s)
:
Second(s)
Start Your Career In Cyber
You Can't Get a Job Without a Resume...
And you can’t build a resume without a job.
Break that cycle!
Earn a real cyber job working with top cyber professionals.
Full time & fully paid. You won’t be working a helpline or fixing printers.
One-Day Event in Your Region
Cyber*Sci is Hacking in the morning, interviews in the afternoon, and summer job/intern/co-op offers by supper. Full-time positions may need follow-up interviews later in the week.
Win National and International Travel
Winners in each region advance to Cyber∗Sci national finals, and top teams there go on to represent Canada at international events – in Prague, Vienna or Athens.
Eligibility and Rules
Regional events: Participants must be
1.) full-time students at a Canadian university or college and 2.) must be eligible to work in Canada.
National finals: You must also be a Canadian citizen or landed immigrant.
Got an Elite Team Already?
Prove it. Come and compete against the best in the Canada, Europe, and the rest of the world.
Just Beginning?
Cyber*Sci is a great place to start. There will be mentors and coaches. This is a fantastic learning opportunity.
Who Can Send a Team?
Cyber*Sci welcomes Canadian college and university teams. Up to 4 members per team. 2 teams per school.
Registration
Students who wish to participate in Canada’s Cyber Security Challenge cannot register directly through our site.
You must register through your school in order to verify that you are an eligible post-secondary student.
Find a list of all eligible schools and see registration info here.
If your school is not listed, contact one of your professors to inquire about having your school register to participate in the Challenge. Unfortunately, we cannot register you or your school without having a teacher or official student club contact us.
Background For Students
You are a team player with a strong interest in cyber security who can plan and organize work and react quickly to change. You provide consistent attention to detail and monitor the quality of your work. You are also able to manage protected and confidential documents and information. As well, you possess strong written and oral communication skills.
Responsibilities may include:
-
- Performing vulnerability management testing of information systems and applications
- Producing written and analytical reports and dashboards on key cyber risks
- Monitoring security alerts of potential hacker attacks detected by security systems such as: Intrusion Detection & Prevention Systems (NIDS/NIPS, HIDS/HIPS, WIDS), Log Monitoring, File Integrity Monitoring and SIEM
- Investigating and reporting on potential security incidents
- Assisting with IT security investigations, exercises and tests
- Identifying and notifying organization of discovered security threats
- Providing recommendations to clients to assist with eradicating discovered threats
Must possess:
-
- An interest in the cyber security field
- Solid skills with Linux commands and/or Windows PowerShell
- A moderate to advanced knowledge of networking protocols and configuration gained from class work, labs and probably hours of tinkering with your home network (physical or virtual routing and switching)
- Perhaps some experience with cyber challenges (CTFs) either in person or online
- A strong desire to learn and grow while working alongside highly experienced members of a well-established IT security
For the Cyber*Sci Regional event in 2024/25, the following skills will be useful:
– How a network device communicates over TCP/IP. (first 4 layers of TCP stack)
– and beginner binary exploitation
– Knowledge of cryptographic algorithms and their weaknesses
Hacker Tools and Techniques
– So many! But at least how to create and interact with a reverse shell.
Not these…
And remember
– It’s a hacker event; there will be surprises… and no apologies!
Penetration Testing is a great career, but it’s not easy to get into.
Your best shot is to take a job – any job – in cyber, to get experience. And while you’re doing that, try completing this training path. It was compiled by someone who recently rocketed very quickly from first cyber job to full time pen tester in just three years. She still has a lot to learn, but this is definitely the path.
Some steps are free or low cost. Others are expensive – but for a reason. If you have a job in cyber, your employer might pay.
Introduction to Pentesting:
- Practical Ethical Hacking – The Complete Course: https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course
- Linux Privilege Escalation for Beginners: https://academy.tcm-sec.com/p/linux-privilege-escalation
- Windows Privilege Escalation for Beginners: https://academy.tcm-sec.com/p/linux-privilege-escalation
- TJ_Null’s list of OSCP Like boxes (HackTheBox, TryHackMe, VulnHub, etc.): https://docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview
- OSCP Certification: https://www.offensive-security.com/pwk-oscp/
Active Directory Pentesting:
- Attacking and Defending Active Directory: https://www.pentesteracademy.com/activedirectorylab
- OSEP: https://www.offensive-security.com/pen300-osep/
- Advanced Red Team Lab: https://www.pentesteracademy.com/redteamlab
- Global Central Bank: An Enterprise Cyber Range: https://www.pentesteracademy.com/gcb
Introduction to Red Teaming (with Cobalt Strike):
- CRTO: https://courses.zeropointsecurity.co.uk/courses/red-team-ops
- Raphael Mudge’s YouTube videos: https://www.youtube.com/watch?v=q7VQeK533zI
Web Application Pentesting:
- Web Application Hacker’s Handbook: https://www.amazon.ca/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470
- PortSwigger Web Security Academy: https://portswigger.net/web-security
- OWASP Top 10: https://owasp.org/www-project-top-ten/
- OWASP WSTG: https://owasp.org/www-project-web-security-testing-guide/
- OWASP ASVS: https://owasp.org/www-project-application-security-verification-standard/
Programming:
Great skill to have. No time to describe here, but programming skills are extremely useful / very necessary! Especially .NET and Python.
Reverse Engineering, Steganography, other CTF Challenge Skills:
Not here. On purpose. These are tons of fun, and build computing knowledge. But none of these are part of penetration testing.
(Last updated: May/22)
Video of Regional Hiring Event
Schools from Six Regions Participate