Cybersecurity competitions help graduate land job at IBM’s X-Force Red

Commencement weekend kicks off with Academic Convocation on May 10. Read more about the Class of 2019 at rit.edu/news/commencement-news.

The main topic of conversation during Scott Brink’s co-op interviews was almost always about cybersecurity competitions. Luckily, Brink has thousands of hours invested in hacking competitions from his time at RIT.

Brink, a 2019 graduate of RIT’s computing security program, credits those cybersecurity competitions and student clubs with helping him succeed in the major. They also helped him land a job as a penetration tester at IBM’s X-Force Red in Austin, Texas. At IBM, he will help companies better protect themselves and make the computing world a safer place.

“I remember the major was honestly really hard at first—I got a 28 on my first midterm in Introduction to Routing,” said Brink, who is from Quincy, Mass. “I called home and thought about switching majors.”

Some upperclassmen suggested that he try out the upcoming Information Security Talent Search competition, better known as ISTS. In this student-run competition, teams of students—known as the “Blue Teams”—had to secure and defend a network infrastructure from the “Red Team”—a super-group of security industry professionals and students.

Student Blue teams were responsible for maintaining the critical computing services of their simulated business, including websites, email and file sharing. Meanwhile, the Red team was constantly attacking and trying to gain control of their systems in order to shut down the services or steal information.

“My team got demolished, but we learned so much,” Brink said. “At my next competition, we got a strategy together and actually won.”

Brink would go on to compete in and win many different kinds of security competitions, including RIT’s Incident Response Security Competition (IRSeC) and the University at Buffalo’s defensive security competition Lockdown. He also represented the university as captain of RIT’s National Collegiate Penetration Testing Competition (CPTC) team, when the nation’s best colleges came to Rochester to compete in the premier offense-based collegiate computing security event.

Outside of computing, he competed on the RIT swimming team in the 100 and 200 backstroke. Brink became captain of the varsity swim team his senior year.

Brink also became a technical lead in RITSec, the student-run security competition club, helping create the infrastructure for many competitions. He also created weekly challenges and lessons, where he could help teach underclassmen who might be wavering like he once was.

“The experience and passion that I gained from competitions helped me land a co-op and later a job at IBM’s X-Force Red Penetration Testing,” said Brink. “I didn’t even really have to interview for the full-time job, because they wanted me to come back.”

As a penetration tester, companies will hire Brink to complete assessments on their network, looking at how to break in and what vulnerabilities there are. He wants to find out what he can do to modify or gain access that he shouldn’t have. He also needs to report and explain his findings, including ways to fix the risks.  

“I get to solve problems for a living and hopefully make an impact on cybersecurity overall,” said Brink. “I’m a legal, paid hacker.”

To address the critical workforce needs in cybersecurity and help solve cybersecurity problems, RIT has announced the creation of a Global Cybersecurity Institute. The new three-story facility will allow RIT to address the global cybersecurity crisis by conducting groundbreaking research, education and professional training and development. It is expected to open in summer 2020 and will be the first facility of its kind in upstate New York.