The contents of this site are the words of a cyber security professional, and lifelong student, trying to help himself by helping others.
A Brief Introduction
My name’s Kibret Tsige (online handle HandsOnKB), and I’ve been working as a cybersecurity analyst, compliance specialist, and now Cyber Team Lead for several years.
Early Interest in Electronics
As a kid I had pretty typical interest in video games, but a lot of interest in consumer electronics as well. I’ve got some strong memories of browsing all the latest items at Best Buy with my Dad while my sister and Mom shopped elsewhere, reading through catalogs from Micro Center, and consuming articles and reviews from sites like Engadget, CNET, PC Magazine, Ars Technica, and more about the latest and greatest products.
None of those things were affordable at the time, but I still enjoyed reading about them and learning things like “What made the (at the time) new plasma TVs from Panasonic so great? Were the performance gains from running two NVidia GPUs in dual SLI worth it? How do you build your own PC and what parts do you need?” All things that I could only fantasize about back then.
I also ended up doing a lot of research, looking up information on any technologies or standards I didn’t know (PCI-e, SATA, PCBs, DNS, Display Types, SOCKS proxies, onion routing, cable types, RAM, CPUs, etc.) mainly on Wikipedia but other corners of the internet as well.
In addition, there was some budding interest in the world of information security; seeing people planning DDoS attacks using the Low-Orbit Ion Cannon (LOIC) online, learning about how easily IP addresses could be used to find your location, and browsing TOR and The Silk Road before getting spooked and hastily closing the browser. It was a fascinating era of the internet.
Later on in high school I took some courses in Python (which I enjoyed), Java (which I hated), Visual Basic (which was fine), and a keyboard class to force myself to type properly. After that IT-related studies fell by the wayside as I pursued other interests.
Years later in 2019 after a Film & Media Arts degree that I wasn’t able to utilize much, I went back to school for an Associate’s in IT at the Northern Virginia Community College (NVCC). Courses on Computer Hardware, Database Administration, Object-Oriented Programming, and Web Design gave me a strong start in IT, supplementing my previous knowledge and helping me get into an actual hands-on IT role.
Delving Into the IT/InfoSec Field Proper
In 2017 I started an office job at a small contracting company and a coworker of mine encouraged me to start studying for the Security+. He provided me with his digital copy of the SYO-401 version of the material and I immediately started reading through it, taking notes as I went. By the end of 2021 I had gained my Security+, CISSP, and CCSP but was dissatisfied with the lack of hands-on training.
In search of deeper, more technical learning I moved on first to TryHackMe, then to the OSCP, a number of GIAC certs, and Hack The Box’s Academy offerings. These more challenging courses were exactly what I needed to become “a real cyber security analyst” like I wanted.
These days I’m working through my Master’s of Science in Information Security Engineering with The SANS Technology Institute, doing labs on HTB Academy and Immersive Labs, and participating (at least part time) in cybersecurity competitions like the National Cyber League and NSA Codebreaker Challenge. I also attend a few industry and work-related conferences annually.
HandsOnKB 