Read on Twitter
There are lots of people claiming to be social engineers over the last few years. It’s good to see an industry expand.
But can I offer some words of advice... some may feel this is gatekeeping, but please see it as the guidance it’s intended to be.
But can I offer some words of advice... some may feel this is gatekeeping, but please see it as the guidance it’s intended to be.
1) You do an SE job and it goes OK. You are not The Flash. You do not have a superpower.
Companies have neglected this area of security. It’s all broken. You were able to traverse security because it was probably weak. The 19 year old receptionist isn’t Sun Tzu.
Companies have neglected this area of security. It’s all broken. You were able to traverse security because it was probably weak. The 19 year old receptionist isn’t Sun Tzu.
2) The ego gathered from point 1 is not your friend. It will be counterproductive in the long run.
Prepare to be dropped like a WWF fighter when you come across tag team Dunning & Kruger. You will realise how much you don’t know. Spoiler alert - if like me, it’s probably a lot.
Prepare to be dropped like a WWF fighter when you come across tag team Dunning & Kruger. You will realise how much you don’t know. Spoiler alert - if like me, it’s probably a lot.
3) The industry loves it. James Bond, sneaking into places, jumpers for goalposts posts. Isn’t it.
Your success in the SE arena will depend largely on how you can grow in this space. What will be your goals, who will pay you, what will they pay you for. Define this early on.
Your success in the SE arena will depend largely on how you can grow in this space. What will be your goals, who will pay you, what will they pay you for. Define this early on.
4) Try and solve problems that exist, not just rehash exsisting solutions.
We decided it was mainly national policy changes and awareness. You may find any number of unique problems to solve - there are many!
We decided it was mainly national policy changes and awareness. You may find any number of unique problems to solve - there are many!
5) Fans think it’s cool and yet again ego will trick you into playing to that. Jesters aren’t social engineers. Likes don’t equal contracts. Who is egging you on and who is helping. 2000 retweets from strangers or 2 retweets from happy customers 
6) After a few years, you will realise you aren’t in the business of SE at all. You are in the business of trust.
You get paid when companies trust you, you do good work when you are able to make their people trust you. You explain flaws regarding their trust in reports.
You get paid when companies trust you, you do good work when you are able to make their people trust you. You explain flaws regarding their trust in reports.
7) It becomes mundane. Yes, it starts like an Oceans film, full of adrenaline and pretty people.
After a while, it’s spreadsheets, stress, anxiety and fear. Get a good shrink... none of that score your mood 1-10 bullshit. SE takes from your well-being.
After a while, it’s spreadsheets, stress, anxiety and fear. Get a good shrink... none of that score your mood 1-10 bullshit. SE takes from your well-being.
8) The buzz goes, oh boy, you will try and get it back. It’s never the same. Accept it, you now know too much, you have no ego.
This is the career you picked. Still a good one! But less Mr Robot and more like The Office.
This is the career you picked. Still a good one! But less Mr Robot and more like The Office.
9) Shape future SE experts, exchange their blind and unfaltering enthusiasm for guidance and mentor them. Help them make sense of the industry.
10) Knowing everything I know today, would I do it again?! Would I start from a rookie being dragged on a job and get to the point where I am losing hair in my early thirties - YES. It’s one hell of a job and I love it, but I wish I had these tips starting out.
