“From my perspective, skill trumps everything; over the years, I’ve aligned myself with way smarter people than me who have helped me grow into the security professional I am today.”

Twitter: @MarcoFigueroa

Marco Figueroa is a senior security researcher at a Fortune 50 company whose technical expertise includes reverse engineering, bug hunting, incident handling, and APT group tracking. He has a deep understanding of threat intelligence tradecraft across different market verticals and organizations to identify attack vectors, trends, and nation-state actors, and he utilizes the latest techniques from nation-state actor reports, enhancing his offensive security skills.

How did you get your start on a red team?

My first red team engagement was when I was a security analyst at a Fortune 50 company in 2006 and one of my co-workers cofounded a consulting company in India that had more than 100 employees. For about a week this co-worker, whom we will call Randy, was asking me security questions about specific network hacking techniques; at first, I thought he was interested in security because he was an Oracle DB developer, but then I finally asked him why he wanted to know all of these different techniques. He informed me that the company was being attacked every day and was playing whack-a-mole with the attackers. The questions he was asking me were to see if ...