Name: Bin “Sinbad” Zhou
Title: Incident Response Senior Manager
Location: Beijing, China
Education: Electronic and Information Engineering
Years in IT: 16
Years in cybersecurity: 16
Cybersecurity certifications: CISSP, ISO27001 LA
How did you decide upon a career in cybersecurity?
When I was a student in university, I helped manage ‘telnet-style’ BBS which requires UNIX administration skills. I was quite good at it, but vulnerabilities in UNIX systems can be exploited to bypass security mechanisms such as access control. I found that it is more challenging to harden a secure system, so I started to learn what is behind the vulnerability and zero day, and how to defend them. All these experiences have lead me to be devoted to the cybersecurity industry for the past 16 years.
Why did you get your CISSP®?
In 2004, I was a Security Consultant and worked with customers almost every day. I read all the CISSP domains that benefit my customers
What is a typical day like for you?
I focus on security incidents and vulnerability response in the ICT area. When I arrive in the morning, I read what’s new in the security industry and lead the technical analysis of new vulnerabilities and incidents. I also travel globally to meet security researchers and industry peers to exchange knowledge and experience.
Can you tell us about a personal career highlight?
In 2016, I gave a 40-minute presentation, in English, at a technical security conference in the United States. That is quite hard for a native Chinese speaker! It happened naturally, after I had been presenting to overseas customers for many years at meetings and via conference calls. As they say, practice makes perfect.
How has the CISSP certification helped you in your career?
I studied the CISSP materials in English, which helped me build my English security vocabulary. When I speak with global security professionals, both in China and oversees, the CISSP certification helped me find like-minded professionals, and cooperate with them later.
What is the most useful advice you have for other cybersecurity professionals?
Cybersecurity is a rapidly-evolving industry. We must keep learning every day to follow new attack techniques and develop countermeasures – never be slow. Also, be open. Being able to share is a key trait to thrive in cybersecurity.
Are you interested in sitting for the CISSP exam? Download our free CISSP Planning Kit today.