Prashanth Pavuluri is working as Cloud Security Analyst at BASF in Mannheim, Germany. He tells us about his responsibilities as an IT security professional at BASF and at his previous employer, DCSO, his experience of working in this field in Germany, the career opportunities available for people looking to get into this domain, which skills to focus on, what the interview process for IT security positions is like and how to prepare for interviews.
📬 Get the latest India2Germany articles via email 📨
Prashanth, what are you doing as a Cloud Security Analyst at BASF?
So, what you have heard is absolutely true. I mean cyber security comprises hackers and spies. Without them, our job is very easy and boring 😃 So, cyber security is a broader topic, which covers many different aspects. When I talk about cyber security, I am only talking about the devices which are able to communicate with each other, and also interpreting it in a digital way. So I mean, there are many different areas in cyber security, but I have been exposed mainly to the technical side, which is a very important and critical part in cyber security. From my previous job experience, I have been technically involved in network detection and forensics, which usually monitors the networks, the network infrastructure and find if any anomaly is present. I was also into incident response. For example, if someone hacks into a computer, how to retain the system from the hacker and how to solve the problem at the spot. There are many different broader topics, which I have been exposed to, like internet leakage monitoring, internet exposure monitoring, identity leakage, technical threat intelligence, contextual threat intelligence and many more. Yet still I feel like, I have been exposed to a few parts of cyber security. Currently I am working as a cloud security analyst at BASF, where I monitor and analyze the cloud data, of the virtual environmental data of BASF infrastructure and try to find if something bad happens within the networks or the applications, which are in cloud environment, like Azure, Amazon, Salesforce, etc.
What kind of IT Security problems do you tackle as Cloud Security Analyst?
So for example, if I see huge amounts of data is being transferred to an external USB disk, then this might be a problem for the company. In this case so much of data is being leaked without authorization. If it is being authorized then we won't get notified about that, if it is being unauthorized then we will get alarms and alerts which get triggered to the next level. Therefore we usually immediately inform the Incident Response team which will go to the site, identify what exactly is going on and will immediately remove this device from the network so that the data is being secured and it's not being leaked to a high extent which will damage the company reputation or cause financial damage. When we identify this problem, we will immediately remove this device from the network and we inform the Incident Response to find out what exactly is going behind that scenario.
What brought you to Germany?
I'm originally from a village near a town called Khammam from the combined state of Andhra Pradesh now in Telangana in India. I completed my Bachelor's in Aerospace Engineering because I was very much fascinated about flights and helicopters during my childhood. And I decided to pursue my Bachelor's in Aerospace. I successfully completed my Bachelor's and during my third year of my Bachelor's, I went to technical events and technical fests at different universities within Telangana. So I had been invited to IIT Hyderabad, where I learned the word called Ethical Hacking. When I saw those presentations and the way they present it, I was very much fascinated and decided to pursue a career in either IT security or Ethical Hacking. Later I decided to go for my Masters in Germany, where I was fortunate to get admitted in Otto von Guericke University, Magdeburg and from there, during my Masters I was offered an internship at Volkswagen which was the foundation for my IT security career. So from there my IT security career began. And I was also offered a Master thesis at Volkswagen, where I worked with an exciting project called Machine Learning in IT Security. This showed me that you can also use different kinds of technology in cybersecurity. Later I joined DCSO (Deutsche Cyber-SicherheitsOrganisation GmbH), a community driven European cyber security company and a joint venture of Volkswagen, BASF, Bayer and Allianz. And now I am at BASF.
What are some of the current trends in the area of IT security?
Specifically speaking about Germany, a country with 800 billion exports for every year and the home for many manufacturing industries, I can see a broad spectrum in Germany. I mean, there are many developments which are currently going on. And each and every manufacturing company or industry in Germany are focusing on their own projects and processes to involve and to automate most of the cybersecurity work within their environment. For example, I recently heard that Mercedes Benz has an automation factory, where they automatically assemble cars using networks. A person sitting far from the factory can monitor every single aspect and every element of that car, which is possible because of the technologies involved in cyber security.
Machine learning is one of the factors and there are other technologies which can be integrated. For example, rule-based techniques, AI and quantum computing. Quantum computing is also very much interesting in the area of cyber security, where most of the innovations are not yet fully implemented. So I'm eagerly waiting to see what innovations quantum computing brings for the new era of cyber security.
Also, in 5G networks with their broadband speed and computing capabilities, we might need technologies like machine learning and artificial intelligence in detecting most of the anomalies. So in this area when we explore, we usually talk about the network's layers which play an important role. So in which layer the application is built on and in which layer it's communicating.
How important is cyber security in Germany? Which companies or organizations come to your mind in this area in Germany?
Cyber security not only means the devices or the networks or communication, when to and when not to. The broad triangle of cyber security involves the confidentiality, integrity and availability. Where there is a need for confidentiality, integrity and availability there is a need for cyber security. Recently, there are some startups that have come up and also my previous company which is a European community-based cyber security driven company called DCSO. Rohde & Schwarz is also one of the companies.
One more interesting thing is that the University of Bonn has established a tech cluster where extensive research on cyber security is being done. It's also called Cyber Security Cluster Bonn, which also employs experts in cyber security.
DCSO is mainly focusing on the European market and the companies which are established in Europe in the area of cyber security. It is an individual company that is community-driven, which means, sharing of threat information between different companies which is not normally possible, with the establishment of DCSO, the big DAX companies made this possible. So threat information can be shared among the different companies so that they will get a broader picture. If one company gets attacked then the other might also know the information about that and be prepared to face that attack. There are many areas in DCSO which primarily focus on security. The tagline of the company is security engineering. I mainly worked in network areas. There are different aspects like contextual threat intelligence which provide the different views of intelligence around the world. If an attack is being carried out, there are many aspects that can be drawn behind that. For example, there are attacks that are country-based, company-based, or product-based. If there are two enemy countries which don't like each other, they might plan cyber attacks. So it would be easier if we know the context of the attacks. For this, we use a service called threat intelligence. There is also an incident response in case of any cyber attacks. Also, since identity is very important, DCSO established a service called identity leakage monitoring. They also offer services like technology scouting, evaluation of different security products and tools, consulting and assessments.
Would you advice people to take up cyber security?
Here, I saw the people with different experiences. Few of my colleagues were firemen, few were of political science background and some were retired police personnel, it was a mixture and combination of knowledge. People with different backgrounds can opt to go into cyber security, and they also need to choose where they exactly fit. For example, someone with a non-technical background might not be well suited for incident response and for doing incident handling because he or she will lack the necessary technical knowledge. But they could analyze what is the motive behind an attack by using their analytical skills. So, this is how it usually works, I mean it always depends upon what you are capable of and what exactly is possible in the role or the scenario.
When I see jobs in cyber security two years back and now, the opportunities are growing day by day because digitalization is moving towards automation, which involves networks. So there is a lot more scope for the area of cyber security within Germany I feel.
What are the various options for someone looking to get into IT security?
Yes, if somebody is doing IT security they are now like hotcakes; they are sold even before they complete their Masters. If Masters is not possible, there are some good certifications, which will enhance your knowledge, thereby providing a really good job. In security, certifications play a vital role. If you need to pass a certification test, then you need to have proper background knowledge with lots of information. For example, in Certified Ethical Hacker, where you need to use most of the skills which we use in our daily life. And also you need to think beyond what the other person thinks, certification plays an important role. And also like attending hackathons, boot camps. These are some of the things which you can really do if you want to pursue a career in cybersecurity. If you have a CEH certificate, it's more valued than five years of experience. This is the Certified Ethical Hacker certificate. You also need some sort of clearance which will vary from country to country and also some roles really need a clearance from the country which you are living in and also from the management under whom you are working. Nobody can access the personal data of another person without their authorization. So the authorization also plays an important role and the level of access you have to the data. This is also a vital role. Before giving access they will usually think of the person and his background and they will give the access. It is possible for someone who is coming from outside Europe or outside Germany, like from India to get this level of clearance and work in this area.
Which sources would you recommend to find a job in IT security?
Here networking plays an important role. When you attend a Hackathon or when you attend a security conference you will definitely know a lot more people. Building contacts in those events will take your career to the next level, through networking. This is how I found my job at DCSO. When I was working at Volkswagen, we had a security conference where the colleagues from DCSO were there and they asked me, are you interested in this offer? And I said, Yeah, why not?
What are the different career paths in IT security?
Yes, there are different roles like IT security analysts, security architects, network operators, system administrator, etc. For example, if you want to know from the system side, what is exactly happening in the system when somebody attacks, then system administration plays a vital role here. From the network perspective there's network operator, network administrator, network architect and many other roles which we can talk about. For beginners, it's always the analyst, which is the primary focus and starting position where someone can improve their capabilities, skills and move to the next level.
So if I'm an analyst, there are three different options available for me, I can go to the networks or I can go to the incident handling or to the system side, there are three different career paths which leads to a different spectrum. In networking you can also do ethical hacking, in incident handling you can be a certified incident handler and from the system side, you can be like OSCP (Offensive Security Certified Professional) person.
What is the hiring process for cyber security positions like?
As far as I know, it always differs from company to company and according to the role which are looking. For example, for the DAX companies in Germany, there will be usually an assessment process where you first have a technical round, which is always scenario-based . For example, hacker tries to exploit you via x, y, z port. How could you stop that? Or how would you handle an incident, when somebody calls saying that my system is hacked? These are the kind of questions you usually face in an interview depending upon the role. Usually people working in computer emergency response team have this scenario based interview processes and some level of technical questions are to be expected on networks and system side. After that, it's usually the assessment where they ask, like all your mental ability and presentation skills, it will take seven to nine hours, a whole day you will be occupied. After that, it's usually the HR round. When coming to Mittelstand (SMEs) in Germany, it's usually the technical talk and scenario-based interview. after which you will directly go to the HR.
How should one prepare for IT security interviews?
Yes, first build up the basics, basics are very important in cyber security. For example, if I am applying for a threat detection and handling position, I should be very good with the TCP and UDP port-forwarding, TCP IP Port information, network information and communication, like what protocols systems use to communicate, etc. If I am applying for a cloud analyst role, then I should know which cloud products are available, what protocols they use, on which layer they communicate and what are the exploits that are possible. So, some research on background information is mandatory before attending any interview, like studying some references, looking for the recent vulnerabilities, how the product or the process can be exploited, etc. You should always apply your basics when explaining the scenarios because there is always a question, like why this or why not that.
Do you have any suggestions for people looking to work in cyber security in Germany?
Conferences are very important in cyber security, like the security conference like CCC which is held in Germany and RSA in Las Vegas. I usually follow these conferences because there's a lot of information that can be viewed for free. CCC videos are online and publicly available. I saw them and was surprised to see how my data can be used in social media platforms, which I never knew before. So you can also know some surprising facts there. And TED Talks, Ted Talks also play an important role.
📬 Subscribe to our newsletter to stay up-to-date! 👇
Join the newsletter to receive the latest updates in your inbox.