Intern to Founder | Justin Collins | Breaking Into Cyber

Episode Summary

In this episode, Justin Collins shares his unique journey from a PhD student in Computer Science to becoming a key figure in the application security space. Justin explains how a funding shortage led him to a life-changing internship at AT&T Interactive, where he combined his passion for compiler theory with cybersecurity to create the open-source tool Brakeman. We dive into how he balanced a full-time job while co-founding a startup and the importance of preparation when breaking into a new field.

Key Takeaways

- Preparation as a Differentiator: Justin secured his first security role simply by researching the specific topics (SQL injection and XSS) the interviewers mentioned beforehand—a step many other candidates neglected.

- Applying Niche Skills to Security: Rather than starting from scratch, Justin leveraged his deep knowledge of programming languages and compilers to build a static analysis tool, proving that specialized non-security backgrounds are highly valuable.

- The Power of Open Source: Developing and open-sourcing Brakeman during an internship served as a massive career catalyst, eventually leading to a business acquisition.

- The "Side-Hustle" Startup Model: Justin highlights that successful startups don't always require VC funding or fancy offices; his company was built while the founders maintained their "real" jobs.

- Negotiating Flexibility: Early in his career, Justin successfully negotiated a part-time security role, which allowed him to support his family while simultaneously building his own business.

Resources Mentioned

- Brakeman: The open-source static analysis security tool for Ruby on Rails created by Justin.

- OWASP: Cited as a critical resource for learning about web vulnerabilities like SQL injection and XSS.

- Ruby on Rails: The programming framework that served as the foundation for Justin’s early work.

- Black Duck (formerly Synopsys): The company that eventually acquired Justin’s startup.

About the Guest

Justin Collins is a cybersecurity expert and the creator of Brakeman, a widely used static analysis tool for Ruby on Rails. With an extensive background in Computer Science and programming languages, Justin transitioned from academia to entrepreneurship, co-founding a boutique security firm that was later acquired by Synopsys. He is a specialist in application security and program analysis.

Sponsored by CPF Coaching LLC - http://cpf-coaching.com

Check out our books:

📘 The Cybersecurity Advantage - https://leanpub.com/the-cybersecurity-advantage

📘 Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level - https://amzn.to/3443AUI

📘 Hack the Cybersecurity Interview: Navigate Cybersecurity Interviews with Confidence, from Entry-level to Expert roles - https://www.amazon.com/Hack-Cybersecurity-Interview-Interviews-Entry-level/dp/1835461298/

About the hosts:

Christophe Foulon focuses on helping secure people and processes, drawing on a solid understanding of the technologies involved. He has over ten years of experience as an Information Security Manager and Cybersecurity Strategist. He is passionate about customer service, process improvement, and information security. He has significant expertise in optimizing technology use while balancing its implications for people, processes, and information security, through a consultative approach. https://www.linkedin.com/in/christophefoulon/

Find out more about CPF-Coaching at https://www.cpf-coaching.com

🌐 Website: https://www.cyberhubpodcast.com/breakingintocybersecurity

🎙️ Podcast: https://podcasters.spotify.com/pod/show/breaking-into-cybersecuri

▶️ YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity

💼 LinkedIn: https://www.linkedin.com/company/breaking-into-cybersecurity/