About Me — Steve Gubenia
Increasing Cybersecurity Maturity Through Engineering Principles
Hello Medium!
I am Steve Gubenia, a cybersecurity professional, animal lover, former chef and current foodie, and human compendium of useless (or not so useless) facts.
I am writing this to let readers get to know me on a more personal level as I begin my journey into writing, speaking, and publishing cybersecurity-related content.
I have a diverse background, spanning many industries including military, hospitality, veterinary medicine, communications, and technology.
When I am not defending enterprises from the latest security threats, I enjoy spending time with my wife on our small farm where we have a menagerie of dogs, cats, and equines. Outside of security and technology, my passions include music, movies, anime, dank memes, and dad jokes.
Where am I from?
That question is not a simple answer for me. Long story short, all over.
As a military brat, I was born in Hawaii but grew up mostly in the DMV (DC, Maryland, Virginia) area. I have since traveled and lived in various countries globally, and states across the US (thank you military life). I currently live in North Carolina where I fell in love with the area and the people while stationed here at then Fort Bragg, now Fort Liberty, in the Army.
Early Beginnings
Since childhood, I have had an unquenchable curiosity and passion for learning. I was known to disassemble (and successfully reassemble) my toys and electronics to see how they worked. I also loved Legos and would spend hours building custom spaceships, vehicles, and buildings from scratch.
My introduction to computers and technology started when my parents gave me a Commodore 64. I fell in love with writing basic programs, and of course, playing video games. At the time, I never thought that my passion for computers and technology would develop into a career. Mostly because my main interests were animals and dinosaurs, so veterinarian or paleontologist seemed like a more natural fit.
Education and Exploration
I originally went to college to pursue a career in Veterinary medicine, which was my childhood dream. About three years into college, I started to question my career choice and decided to take some time off to figure out what I wanted in life. I spend the next several years working in a variety of fields (restaurants, radio, and veterinary medicine), and gaining valuable life experiences.
While working as a restaurant General Manager, I found myself unhappy with my career, and life in general. In 2010, I enlisted in the United States Army to serve my country and find some purpose in life. I enjoyed my time in the Army and made some great lifelong friends along the way. The army afforded me the opportunity to pursue both my undergraduate, and graduate degrees, which led me to my current career in cybersecurity.
Career
After medically retiring from the Army, I was able to acquire my first IT security certification, the CompTIA Security+, which led to me landing a contracting job in IT security for the Department of Defense. I gained valuable experience on that job while finishing my master’s degree in cybersecurity, and acquiring additional industry certifications.
Since then, I have worked in various roles in both offensive and defensive security for fintech, software, communication & collaboration, and technology companies, ranging from small startups to massive enterprises. This experience has enabled me to continuously learn and expand my skillset across several security domains including threat detection and intelligence, digital forensics & incident response (DFIR), detection engineering, security automation, vulnerability management, security assessment and testing (penetration testing, red & purple teaming, bug bounty), governance & compliance, risk management, and security operations across the enterprise (network, endpoint, cloud, control plane, identity & access management, email & collaboration).
I have extensive expertise in detecting, analyzing, and mitigating sophisticated threat actors using internal data, open-source intelligence, and automation, with a strong track record of improving security posture and aligning processes with emerging threat landscapes.
My Goals for Medium
I have been fortunate enough to work with and learn from many great people over the years, learning valuable life, and career lessons. These opportunities have given me a wealth of knowledge, that I enjoy sharing with co-workers, colleagues, and emerging talent.
I have a passion for mentoring, knowledge sharing, and teaching the next generation of security professionals. I have reached the point in my career where I can begin providing more value and make a larger impact on the industry through pursuing these passions. Thus, my goal for Medium is to create inciteful, and hopefully entertaining, cybersecurity content in my areas of expertise including, detection engineering, DFIR, threat intelligence (TI), security operations, and security automation (SOAR and scripting).
I intend to publish articles at least weekly, with the goal of publishing bi-weekly. I hope that by sharing my knowledge, which I am continuously developing, I can inform and inspire current or aspiring cybersecurity professionals and promote a culture of knowledge sharing across the cybersecurity industry. Knowledge is power, and we are stronger together. Additionally, I am hoping that by writing articles on Medium, I can begin to develop content for conference talks, eBooks, podcasts, and online courses.
What makes me unique?
My diverse background across many industries in military, public, and private sectors, has given me the ability to see things from many angles and solve problems with a multi-faceted approach. I am not afraid to fail, which I have many times, or admit my mistakes. Some of my greatest life lessons have come from failures (i.e. breaking things and learning how to fix them). Hopefully, by sharing my experiences, failures, and triumphs, I can inspire others to succeed through failure.
I am not an all-knowing security guru, but my broad skill set, coupled with my diverse background, gives me a unique ability to relate to people on a personal level and explain things in a relatable way.
Most of the content I aim to create will come from personal experience in my career, or personal experimentation in home labs. Some may be more anecdotal about industry trends, but a lot will be more technical in a defensive security domain.
Cool experiences?
There are too many to write about in this “about me” introduction, but some may become topics for articles.
What topics will I write about?
I intend to write about a subset of topics related to defensive security operations and industry trends including:
· Detection Engineering
· Threat Hunting
· Security Orchestration, Automation & Response (SOAR)
· Digital Forensics & Incident Response (DFIR)
· Threat Intelligence (TI) including TI platforms and OSINT tools
· Other security automation topics including open-source and commercial off-the-shelf (COTS) tools
Key Takeaway
I am a cybersecurity nut, and pretty nutty in general. If you have a passion for cybersecurity, dank memes, and bad (dad or otherwise) jokes, you may enjoy reading my articles and following me here on Medium.
Hopefully, my introduction provided valuable insight into myself, and the articles I will write.
Please give me a follow and feel free to share your jokes and memes. Let’s build a more robust and resilient future for cybersecurity together.
Contact
Feel free to connect with me on LinkedIn
