Welcome to our new website!
July 15, 2023

From $45k Helpdesk Analyst to Six Figure Government Splunk Cybersecurity Consultant

From $45k Helpdesk Analyst to Six Figure Government Splunk Cybersecurity Consultant
The player is loading ...
The TechTual Talk

Imagine walking into a new job and seeing the dollar signs, only to realize there's so much more to success than just a hefty paycheck. That's the journey Chloe Burton, an esteemed cybersecurity leader, walks us through in this enlightening episode. From her humble beginnings to leading a crucial security transformation project for a global financial client, Chloe offers a unique perspective on climbing the career ladder.

But our conversation doesn't stop at the financial leap and technical acumen. We chat about the crucial role soft skills, such as communication and trust, play in the tech industry. We also talk about the value of platforms such as LinkedIn for networking and ongoing personal development. Not to mention, we also delve into the challenges of consulting, the importance of having robust security processes in place, and the transformative role of automation in security frameworks.

And if you've ever wondered about the significance of platforms like Splunk in the cybersecurity field, Chloe's got you covered. From landing her first Splunk gig at Accenture to transitioning from analyst to consultant, she generously shares her rich experiences and in-depth insights. Tune in for an intimate look into the realities of making a significant financial leap, navigating the intricacies of the IT field, and more. You really don't want to miss out on Chloe's invaluable insights.

Chloe's Linkedin: https://www.linkedin.com/in/chloeaburton/

Support the show

If you enjoyed the show don't forget to leave us a 5 star review, to help with the algorithm :)

Email: henridavis@thetechtualtalk.com

➡️ Need coaching help then go here (ask about our financing)⬇️
https://calendly.com/techtuaulconsulting

➡️ Want to land your first IT Job? Then check out the IT course from Course careers use my link and code Techtual50 to get $50 off your course ⬇️
https://account.coursecareers.com/ref/50932/


➡️ Need help getting into Cybersecurity for a low price then check out Josh Madakor's Cybersecurity course at Leveld Careers and use my code TechTual10 to get 10%off your course.
⬇️
https://www.leveldcareers.com/a/2147530874/RuqjrBGj


Looking for a Cybersecurity bootcamp then check out Springboard.com Cybersecurity bootcamp. It’s 6 months long,it has jammed packed projects and cybersecurity course fundamentals and has a money back guarantee if you land a role 6 months upon graduation.
Use my link and code techtual to get $1000 off the boot camp price ⬇️
https://www.springboard.com/landing/influencer/techtual



Transcript
Speaker 1:

Did you get paid the same amount of money when you were at Boos versus the company that went bankrupt or what?

Speaker 2:

I do remember signing the contract for Boos, like 45 days, and I was like oh my gosh, I've made it, this is it.

Speaker 1:

How did you get the first Splunk gig at a century? You have to learn some new skills on the way. Was the interview tough?

Speaker 2:

The interview. It was tough just because I was very upfront. I said I don't know any security. So you're going to ask me questions and I'm going to tell you I don't know and I can't lie about that, right, you just can't fake security. I think the really big project for me was when I finally started to lead a team. I came into the team and they had a lead there already. She was moving on to another project and it was a global financial client. We had a data onboarding factory. So I had a team of 10 to 15, I think, a couple onshore, most offshore, and that was scary.

Speaker 1:

This video is being brought to you by Course Careers. What's going on, guys? If you're looking to start your IT career, then check out the IT course at Course Careers, taught by none other than the great Josh Maddox. I'm pretty sure you heard of him, but we all know that it could be pretty pricey in the IT and this course is very affordable. And also, if you don't want to pay back those student loans like I have to, then this is the course for you. So check out the Course Careers course. My link will be in the description. Use code TEXTUAL50 in order to get $50 off your course and get started on your IT career today. Welcome back, everyone, to episode 95 of the TEXTUAL TALK podcast. I'm your host, hd, and today we have a great guest for you guys. Her name is Ms Chloe Burden and let me read off her bio to you really quick. Chloe is a versatile and accomplished cybersecurity leader with eight years of experience specialized in security operations, siem engineering and security sales engineering. She's a depth at managing large-scale security transformation projects in the end, implementing best practices and devising innovative strategies to counter cyber risk. She's good at log analysis, threat detection and incident response using SIEM tools. Nobby Splunk Enterprise Security. She possesses a deep understanding of security frameworks, regulatory compliance mandates and industry standards. She has a proven track record of building and leading cross-functional teams to achieve organizational objectives. She's exceptional in communication and the stakeholder management abilities that enable effective collaboration with technical and non-technical stakeholders, including C-level executives. She's also proficient in analyzing customer requirements, tailoring customized security solutions and delivering impactful presentations and demos. So when you heard that bio, she has skills. In this episode we'll be talking about her early life, her beginning of a career but she really got her start in her career and also some tips and tricks on how you can become like her in your own career. With that being said, let's get into the episode. Guys, yo. So, chloe, what is your go-to karaoke song? If you had seen karaoke right now, what song would you go to?

Speaker 2:

I Just Wanna by Jay-Z and Pharrell.

Speaker 1:

That's a.

Speaker 2:

I feel judgment.

Speaker 1:

That's a scapegoat man. What?

Speaker 2:

That's one song I know all the words to. That's rare. No, it's very rare that I know all the words.

Speaker 1:

Man, I got so many karaoke songs Because see, for me, I'm like if I do karaoke I'm going all the way in without giving a performance. One of the ones I did in the past because it's one of my favorite songs to sing in the car, especially today's. I used to do one of the offices something like that Car concert is Beauty by Drew Hill. Oh yeah, I'm going in on Beauty, oh gosh, that's a, give me two. Come on, beauty. Not really. Everybody don't listen to Think about it. Everybody is probably younger than us. They don't know about Drew Hill.

Speaker 2:

That's fair.

Speaker 1:

I like that song too.

Speaker 2:

Is it a karaoke song though?

Speaker 1:

It's not that hard to sing. You can get two people to sing it Now, depending on Now, I hit people with the switch of rule, depending on where we are. I might hit them with something they respect. I might bust out singing some Backstreet Boys. You know what I'm saying and not I want it that way. I might do, as long as you love me.

Speaker 2:

Oh okay, Because everybody thinks A little spice.

Speaker 1:

Yeah, you know, everybody think you just know what's the cover. I know I don't know Backstreet Boys songs. We used to listen to that. We came through the area of white boy bands.

Speaker 2:

We did, we did Bye-bye-bye yeah, that'd be my go too.

Speaker 1:

Yeah, funny enough. On Twitter, I think I told you this right when. Matter of fact, when Threds came out, I was like, hey, I'm so ready for the white people version of verses, so in-scene could smoke Backstreet Boys boots, I'm ready for that. I'm ready for that. But welcome back, ladies and gentlemen, to episode 95 of the Textual Talk podcast. I'm your host, hd, and today we have another, miss Chloe Burden, with us and she came to rock out with us today. If you're listening on Spotify, apple Podcast, google Podcast, you name it, please leave us a review. Share out the podcast if you find some value in it. And if you're watching on YouTube right now, you already know what to do, man. Hit the thumbs up button. Hit the subscribe button. Matter of fact, look, I'm going to show you right here. So a little visual. Yeah, there we go. Hit the subscribe button, but without further ado, let me go ahead and bring our guests in. Hey, chloe, can you go ahead and introduce yourself?

Speaker 2:

APPLAUSE Burden. I am a security manager at Ascension and happy to be here today. This is my first podcast, so I'm like excited and nervous all at once. More excited.

Speaker 1:

Right place. So let's do like you know, kind of set the foundation of everything. I see that. Let me see if, how good my memory is, you went to the University of Pittsburgh, right? So are you born and raised in Pennsylvania?

Speaker 2:

No, no, I'm not. I'm from the DMV area Virginia.

Speaker 1:

Virginia will part.

Speaker 2:

Charlottesville. So I say that because people you don't know they say Charlotte, north Carolina, but no, like where UVA is. So, ok, cool, central Virginia.

Speaker 1:

Yeah, I asked about it because I want to ask a little bit. You saw the questions I sent you and I want to ask a little bit of a guess about maybe we can go, like maybe that senior high school, and to what would you say it would be Maybe going to college. Let's talk about that, yeah.

Speaker 2:

OK, senior year of high school I was an athlete and I was also a scholar, we'll say so I was very focused on basketball track I think those were the two main at the time and then trying to get into a good college. My parents were very impressed on me becoming a doctor. So I went to tour a lot of top notch schools, I'd say, but I didn't really want to be a doctor. So I wound up not saying Pittsburgh was a bad place, because it was actually really good for sciences. I ended up in University of Pittsburgh just because I didn't want to be at home, because it was UVA or Pittsburgh UVA was down the street. So I went there. They had this thing called Cathedral of Learning at the time, which I didn't know what it was. It was really tall like Cathedral of Learning and that's peaked my interest. So I went, I showed up.

Speaker 1:

Do your parents hold professional jobs as well? Is that why they kind of push you to be in the medical field?

Speaker 2:

So they're not in the medical field, not even close. My dad, he was IT, IT government ex-military. My mom was in the home loan industry. Yeah, nobody in my family is a doctor, so they wanted me to be the first. Yeah, that did happen.

Speaker 1:

I think we see people that are in the field, the illustrious fields, the lawyers and the doctors and whatever else. They're probably forced to do it by family, but they really don't like it. I remember a couple of years ago, back at one of my companies I worked for, I was working with a guy. I was a sock lead and he was just a sock analyst and he came from being a lawyer. He was like he hated me.

Speaker 2:

Yeah, it's like if it's not a passion, what I do, and especially medical field like that's saving lives you can't do that if you don't love it. There's one thing that I tried, I'll be honest. I took neuroscience. I failed intra-neuro twice, so that was out of the way. Biology I don't like plants, Couldn't do that. So I ended up on psychology and I thought I wanted to be a therapist, but I didn't. So a very interesting path.

Speaker 1:

I think I was a therapist in the past life.

Speaker 2:

Really why.

Speaker 1:

I like to talk. I'm a good active listener at times. That's key where I say at times when I want to actually listen, but no, I say that because I think it helps out, though, what I also do with the coaching things like being able to listen, being relatable and being able to just make things simple for people to understand and grasp. I have that probably downpacked to a T. I probably get that from my mom. People always call her out of the time. She's always on the phone talking, but I want to get into. So we get to college and you say you failed neuroscience twice, I want to get into. Okay, what after that made you decide, hey, you know what I'm going to get into? Cybersecurity or what you just said. I was going to get like an IT degree or something Like what. You know? How'd that go?

Speaker 2:

Yeah, it wasn't until 2013. So I graduated college in 2011. I moved back home from Pittsburgh and I was still working in the psych field and it was just high stress, low pay. I lived with my dad at the time and remember we had a conversation on his balcony and he was like, come join the dark side. The dark side to him was IT. I was like okay, like whatever. So he had a connection at a small tech firm and I got the job there. I later learned that they didn't really like me. If it wasn't for my dad I wouldn't have gotten that job. But you know, the stars aligned and it was a help desk type of thing. So we were working with the federal agency to help them. Think was financial management tool that we built. So that's how I got into it. And then I never wanted to do security and so, like you can kind of tell, I still wasn't there yet. I didn't really start security until 2018. I was in tech I call it 2013, loosely 2015 or so at Deloitte.

Speaker 1:

Okay, yeah, we're definitely going to get into that. I saw that on here. If you saw a little bit kind of my notes, I was researching you. I said, okay, she didn't work for some power players, man. So, like you see, give me a brief spiel a little bit about. Do you feel like your help desk experience was important to your career? Do you feel like you wasted your time there? How do you feel about it? And I like to ask people who've done it before and where we're at in our careers now, because it gets the people that are doing it now some hope. All you hear a lot of times is kind of a lot of people kind of like bag on help this, which I get it. I don't like it either, not because of the job, but because of it's not respected. You do probably more work than everybody in the building and get paid the least, and so that's one of the things I don't like about it. But what did you take away from it? Like, how has it been able to help you climb the ranks? Because, guys, I'm going to tell you guys something we didn't read out for bio, but she definitely she's up there right now. She's a big cheese.

Speaker 2:

Thank you. I learned first off customer service. That's just a given. I learned how to manage my time. I learned how to be agile, I learned well, obviously, I learned some of the technical aspects of it, right, that I hadn't before, so I had to learn the tool or the platform that the company created. But I agree. So I hate to say it's not that respected, because it is a really crucial job, and I think about it even when I call into, like help desk now, just being kind, right and understanding that they don't have all the answers right. This is literally the first line, and so how to escalate that upwards. So I guess something else I've learned there, right who to go to, and I think, if I'm looking back at it now, that probably has helped me network better, because I kind of just know where to go to. But it was an amazing experience. I made some really really great friends and I think that really the foundation for me to move forward into my career in tech. Without that I don't think I would have been well suited, and I say that just because you know we'll get into kind of the Deloitte era. But I think you know, though, it's an interesting place to be right and that helped us. You got to do all this, you got to manage a lot, and so going into consulting as a young analyst, I was ready.

Speaker 1:

And that is a good segue into our next question about that first gig at that, first big name recognition at a booze who's kind of been making, I guess, some splashes now with some of the contracts that they just been ordered. How was that? What was that transition like? Because I know one of my good friends when he left from working with us at Opto he went to booze and then that's when he started consulting and he was telling people like you know the pros and cons of consulting but I think one of the big pros is you get so much experience very fast but it's not a lot of handholding. How was that? How was that for you?

Speaker 2:

So interesting. Booze was a short stint, but what happened was the company I was at they went bankrupt and booze bought them out. So I continued on what I was doing, except I moved on to the onsite. So I was working at the agency. You know, literally with the contract I was a contractor around all the employees, and that was a new experience too. Like I'm in front of the client at all times, they can walk into our office and they can yell if they want to, they can say hi, they can bring me lunch, you know. So again, that was major because client interactions. It drives the entire consulting business. It's a customer-based, client-based relationship business. So it was interesting, but again, much of the same, except with that interaction day to day with the client, which was fun. Again, I met a lot of federal employees. I got to know the workings of how, you know, agencies work and I felt cool with my badge walking into a building that people can't get into. So it was fun.

Speaker 1:

Yeah, I see that as a trend for a lot of people. When they have these jobs, they like to showcase their badge. I mean, for me, working for CSRA, I had my badge, but it wasn't it just like where it was out at, like a lot of people weren't over there, just like by a community college in the highway. It's like it was like nothing there. Maybe if I'd have been working up there like in a DC area, but a little bit different, because people kind of use that as a little flex oh, look at me. Like you know, especially Silicon Valley, they do. Oh, I work at Google, I work at Meta, I work at Apple. Like I'm saying, I don't care where you work. I mean now I could probably social engineer you if I want to, so right. So I also want to ask you this, if it's not too intrusive For me I've told people like my first help desk job, the first contract, was 17 hour. Then when I came on full time, it was like $19 and like 40 cents, so like rounding, like $20 an hour. Did you get paid the same amount of money when you were at Booze versus the company that went bankrupt, or what?

Speaker 2:

No, it was a slight bump. I don't remember what. I was still salary at the first place. I don't remember what it was, though, but I do remember signing the contract for Booze like 45 K, and I was like, oh my gosh, I've made it. This is it, yeah.

Speaker 1:

Here's the thing, I think. I think one, social media wasn't like it was when we were coming 10 years ago. Two, I think it's the fact that a lot of us I think we're a little bit more realistic in what we probably possibly expected for a first job we were around people who were just. I think this is the issue and it's not an economics podcast. I've been listening to a lot of Thomas so lately, but back when we were growing up, we were around regular people that didn't necessarily like everybody was just these high time, high paying jobs, but these people were able to survive and fulfill on the table, have houses for their families without having to have some type of astronomical, like crazy career. Now, fast forward to 2023 is very much different. If you don't have a job that's paying you good money, especially based on region like I know out here in the D of W and I know you're in the D of V area like it's gotten very expensive. Like in you have to be pushing close to 200 if you have a family really by yourself, without even including a spouse or anything like that, to hopefully take care of the family Back then. For me, like I said, I came from making 775 a target to going to like 35 K to 40 K. I felt like you know, come from the city, I was in. That was more than everybody made in the city, so you would like okay, cool. But I was like once I started doing that work I was like, nah, I need some more money, Like for real.

Speaker 2:

Yeah, Once you realize you can and really what money is and what that means in terms of power and status, as you continue to excel, your mindset changes, Like the fact that I could live off of 45 K, like I couldn't imagine that right now I couldn't. And I can, we all could be, because I'm a single person. I'll say that for single people. Yeah, I blessed. I have to say that. I'll probably say that five more times, but I really thought I arrived Like in my little Corolla. I was pulling up, you know, like I had manual windows, I was starting out there. You know it was great With my notepad roll badge. I was it, I was her, it's over to CSC.

Speaker 1:

So I had a bad record at the beginning of the year. But I bounce back. I came put up in the parking lot. I had the brand new black Mustang GT, you know, 5.0. You couldn't. You couldn't tell me nothing. You can tell me. You hear me pulling up in the parking lot. You can't tell me nothing. Back then I wish I still had the car, but it was a gas. Gas, I had to get rid of it. I had to. Yeah.

Speaker 2:

You stunted more than me. I wasn't really into cars yet because I didn't have money yet.

Speaker 1:

So I realized Well, I wasn't really in the cars per se, but it was like I've always been this person and this is like a little gem for everybody listening I've always been the person that knows like, whatever I really manifest a thing about, I'll eventually get so funny enough. Like two years prior to that and like my last quarter in college, I remember posting on Facebook. I could put it up on the screen if I had to in post production. But I was like I posted that specific Mustang. I was looking at him, I was like man, I want one of these, I'm going to get one. And I ended up getting one. And it's always been like that for every car. I wanted a maximum, but I got a maximum. I wanted to. What else did I want? I wanted a cord. I went and got a cord, like. So I mean, even if I want, like something super expensive, I'll get that too, but it's always I always do it within time because it's been time. So when I could get some, I want it, but then eat it. So that's the difference where people do that. I understand. You can always manifest something, but you can also get it at the wrong time, and that's one of the things you got to pay attention to as you start earning more money. You got to look at, okay, I know I can buy it, but do I need it? And that if you can have that mindset as you start making a lot more money which we started to do in our careers you'll be fine. Because you see people who probably make as much as us, if not more, but I always either need to hold some money or need some money because they have bad money management and they didn't get a hold of grass with it yet. So that's just one of the things to pay attention to. So if you're still with us right now, put that in your notebook. Trust me, it'll take you a long way. All right, so we go from booze and Deloitte. So when you go to Deloitte, were you still doing the consulting analysts help, this type of stuff, or were you finally starting to transition into more of a security focus role?

Speaker 2:

So not yet. So Deloitte brought me on board because at booze and the previous company, the financial management platform was based on Oracle, and so Deloitte took most of my colleagues from the company because they have an Oracle practice. So we all went to that practice. Ironically, I never did any Oracle work at all, never, not once. So I had. Actually, I lied I had a little bit of security in there, but I didn't know what it was at the time I was doing. What are they? Ssps, process procedures, documentations, that type of work, and I just I hated it I'm not going to lie to you, Documentation and I was like this is life, Like why am I doing this? And I've recently just realized what I was doing, probably like within this year, that I actually was doing security way back when. But while I was there I did a mix of different things, but that's when I got into Splunk and so that's where my career took off.

Speaker 1:

We and I'll call that the tech part of my career- I know I got introduced to Splunk when I worked at the knock and all we did was used it for monitoring If stuff went down, turn red and noises were made, and that's how I got introduced to Splunk. But I didn't. That's crazy man, hang on. I did not know that back in 2016, when I was introduced to Splunk, that it was gonna help me make as much money as I'm making now.

Speaker 2:

You and me both, you and me both.

Speaker 1:

Because it was. And that's the thing about. Splunk was fairly new at that time too, and that company I was at was like an early adopter. They were actually in the payment car industry and it's funny. I just really thought about it. I had that revelation. When I thought about that, I said I didn't think Splunk was going to be a tool that helped me because jobs will reach out to me now just because I got Splunk on the resume, Just because yeah, my LinkedIn DMs are popping off of that. So, with that being said, let's go to really when you how did you get the first Splunk gig at a century, right? How did that go, and did you have to learn some new skills on the way? Was the interview tough? How was that? Because typically sometimes people have like a kind of a slow crawl there to where they kind of make that. I would guess, and I'll probably let you put that in your words, would you call that to be like a leap of like job responsibility and job title once you went from that Deloitte position to the Splunk role at a century, the first time.

Speaker 2:

Yeah for sure. So at Deloitte I was an analyst. I left as a new consultant. I came into a center as a consultant which will loosely align to call senior, and that had the security overlay. So I learned most of the Splunk skills at Deloitte. So I'll backtrack real quick with you. I accidentally went to a training for Splunk. I was a week long training with my colleagues. I learned it.

Speaker 1:

Wait, wait wait, let's, let's back it up. How do you accidentally go to training?

Speaker 2:

Right. So my teammate was supposed to go. I forgot what happened. He couldn't make it and they were like hey girl. I was like OK, and so I went to Jersey for a week and I just learned like it was literally eight hours a day of Splunk crash course and there was just Deloitte employees teaching Deloitte employees. I guess we realized there was a need in the market. We had to train up and there was no security to it. It was just purely Splunk admin, a little bit of architecture, and then from there I went on some projects. I did more federal projects and then I started to do some commercial projects, and one in particular was very grueling but it taught me a lot. We were helping a client. It was Black Friday so they wanted to see store health, so we had to build massive queries and Splunk to basically just have pie circles go red, green or yellow and then also make sure that they're colorblind appropriate. So it was a lot behind the scenes, but I think that project really accelerated my Splunk learning because I didn't know how to do that. So I'm in there 12, 13, 14 hours a day on clients. I'm just trying to figure this out with my team. So yeah, so to answer your question, by the time I got to Accenture I had the foundation, the interview. It was tough. Just because I was very upfront. I said I don't know any security. So you're going to ask me questions and I'm going to tell you I don't know and I can't lie about that. You just can't fake security. But they told me we'll give you a chance, we'll teach you, we'll train you, and they did just that. And so then I got in my first engagement. It was just me and one other person and we were doing it was Splunk-ish, I'll say it was more middleware, I don't know. It wasn't like too much Splunk involved. I'll say I think the really big project for me was when I finally started to lead a team. I came into the team and they had a lead there already. She was moving on to another project and it was a global financial client with a data onboarding factory. So I had a team of 10 to 15, I think a couple onshore, most offshore, and that was scary. I didn't know how to manage. I just barely knew Splunk. I think I just got in my architect or hadn't gotten it yet. So people are looking at me for answers and the client just happened to be in the Virginia area, so I'm on site so looking at me for the answers too, and then I was a consultant, right? So then I was playing a manager role and then our senior manager left, so it was just me and I was like, oh gosh, but you learn, I did it. And one day I woke up and I was like you're the lead, here's your confidence. Go. That's what it was.

Speaker 1:

Man, that's a lot, it's a lot, it's a lot. I want to touch on something that you did, like you said, when you did the interview for the position, and it's something that I was telling the client of mine. I've been having him record his interviews and critiquing them and one of the things I was telling him is that, you know, I could see in the interview like you are. Well, I pretty much told him it's okay to say you don't know something, instead of just giving an answer that something is not, instead of just giving an answer that sometimes may not make sense for what they're asking you. Right, and I've told people this before, like on some of my episodes before I said, hey, it's okay to you feel and know everything and interview, just be upfront with them. So the fact that you didn't waste their time, kind of, is one of those things where, if I have people on my team, I know who knows Like what you don't know, what you do know, and I know you're not going to waste a bunch of time acting like you know someone. You're just asked the person that you need to ask for it, where we can save time and alleviate everything. I think that was. I think that's pretty good on your part to do that, because you already knew how to use the tool. It's just you have to learn the other parts of security, and so those are some of the things I actually tell people. Sometimes, too, it's like we got a skill set. Is cool, some of the things you can be taught if you already know how to use something. And I know a lot of people don't believe like they see it, but it's like it's that part of it. And also the other part is like just settling your personality and I can see how you were able to get us. Oh, we like her, we're going to bring her on. So I was able to see that part of you too. Now, the part that was pretty cool was about you pretty much being thrown in the lines then and saying, hey, you got to lead this team. You know it's your time to shine now. You got to do this. I think we always grow when we're uncomfortable, of course, and it's either, as my pops will say, fight or flight, fight or flight. So you chose to fight. So I mean, I think, think about now, and how many years ago was this when you had to lead this team? That was 2018.

Speaker 2:

So five yeah.

Speaker 1:

Yeah, it's crazy, okay, yeah, I think it's funny too. It was a lot of parallels with your career. My career 2018 was like, even though 2017 was like when I got my first security job. I feel like 2018 was kind of where it took off because that's when I got to a company that let me grow. So I really see like some of those parallels right there. So, with that being said, did the role where you were leading in that that help you build that expertise into sec ops and sim engineering?

Speaker 2:

Kind of kind of. I only say kind of because I'm sure you know, right, with data onboarding and the splunk, it's very much so a repetitive process with some slight nuances depending on the data source. A cloud isn't syslog, is an API, isn't forwarder. But the different tools did I really have to understand what they did? Not so much. I just knew that they had to be in me. I knew the client needed them. So I would say probably took maybe another year or so before I really started to fully grasp security, because for a long time it was just splunk engineering and my title was Splunk Security Consultant but at the end of the day I was just engineering a problem.

Speaker 1:

Let's ask this question because this is a question sometimes asked in security interviews, especially for some analysts work. I've been asked this a couple of times. So what type of log sources did you guys have to ingest into Splunk like that? They need space, like for the security team.

Speaker 2:

Yeah, I won't use that client because they yeah, yeah, yeah, it's not even at the client image just because they wanted everything, like it was just everything. I think we had like 300 sources over a certain amount of time we had to get in. So there's not 300 security tools. Well, there probably are. But so if I'm thinking we'll fast forward a little bit in my mind when I've actually had to think about what tools to get in, I think I go network, edr, cloud and then I'll do the operating systems right Windows, linux, whatever varieties you have those. To me those buckets are typically priority and most of the time they should have a subset of those, should, should. Oh, it just depends.

Speaker 1:

But those four or five buckets, yeah, I remember I had to like list them off, and the reason why I asked you that and I'm trying to get up to the listeners is because it's one of those ways you can also think about how do you attack answering certain questions. If you know what type of log sources are in the same, then you could particularly answer a question that's given to you, because I have a slew of like I went on, I did like a couple of different times, like I had the sock interview, entry level questions that I would ask. I have, like my YouTube, my Tik Tok IG, and so occasionally people actually just coming on these things and they'll say, oh, how are you AD logs or whatever? And I say, well, how are you going to, how are you access, in case you don't have access to the AD console? And so I asked them that because I want them to realize that everything they need is going to be in that SIM. Now you're just going to have to figure out what you're going to do and how you're going to look at it. And also, I thought I had a good question for you when it came to the different log sources. I did have. This answer too is like the one of the things about consulting, and so when I was at Optivost Part of the Fusion Center, so we had one big client and so it was like consulting but not really. We have one big client, but this big client has so many companies of their own, so it's like you're working with different companies and different departments. But we had a guy on my team who would tell them straight up no, this don't make sense. I think that's very important. Sometimes people really they want the contract so much they'll do everything. They say it's like no, you got to draw a line in the sand, because typically what happens is people just want to listen to everything the client tells them to do it and you're not taking anybody else's input into it. It's going to cause your team some grief If you keep on telling them oh, we need to ingest all these logs and you're throwing all these different alerts at your endless and they're like bruh, this doesn't even make sense. What a client wanted, I don't care what they wanted. This doesn't make sense. Take it out, turn the rule off until it's actionable or make it better. All those different things. Those are things that you typically run into when you don't know how to tell your client no.

Speaker 2:

And that was me at a point.

Speaker 1:

Yeah, yeah, and then it can come back to bite you. There's so much information coming in and not being done correctly. Oh, how you missed this. Well, I mean, you got people doing X amount of alerts a minute and these logs are in here and we don't really need them.

Speaker 2:

Uh huh, yup, I was there. I was there at a point and it you know it's spun to before the workload model ingest was a big thing, right? So if you imagine we had that client, they wanted all these log sources and no one told them. No, I wasn't telling them no, right? Um, and you're just going to go over your license and that's that's money out of their pocket. Um, so, yeah, that's that's tough line to balance often and, I think, something I still deal with to this day. Um, how do you tell your client that when they really really want, they really think this is this is going to be it, this is going to be the source that's going to get us that visibility we don't have? And maybe, but is it being like, have we really vetted it? Is it just because it's going to make a pretty dashboard? What are we really getting with this?

Speaker 1:

Um, some of that stuff. They can just have some rules about it and then have the analyst or whoever is working on it pivot into the actual console. That's who would I have no logs in if they don't actually need it, if it's like low volume and I was gonna ask you something about. You said something just now you were talking about Tell them no licenses. Oh yeah, another. The funny, the funny things about Licensings and everything else is when they want tools to be stood up because they're paying for them. Like so we we had the engineers that Pretty much were the platform owners are all these different tools and it's like well, why are we using this? Like we had phantom for the longest and we weren't using names. Like, well, we don't have this in place in your environment and this and this, well, we want to use it because we're paying out his money for it. So you make you. You have to sometimes just rush and put something out there just because. So got to a point there say, hey, guys, we're gonna stop using phantom and go back to splint. Like it's a whole bunch of stuff. Like I think consulting stories would definitely, definitely make a good Series where I just talked to different consultants. They talk about funny stuff they did with their class. At that be pretty cool.

Speaker 2:

It's interesting, it's a very fun world. I tell folks, I'm like, what do you do? I was like I tell, I tell the time on your watch To you, right, it's kind of how to describe it. And you know you'll ask me is it half past five? Well, it kind of looks like that, but it depends. It's kind of you know how I imagine it because of the day. Can you do exactly what I'm doing? Sure, sure, you could, but I'm here to accelerate that for you and then, ultimately, to advise you on how to best do that and what's the best watch. Is it analog? Is it digital? You know what brand is gonna be good for you.

Speaker 1:

It's a fun field G. So at a high level, can you tell us about a large scale security transformation project you managed from start to finish, what works, some of the challenges that you face doing that?

Speaker 2:

thing, yeah, um. So I've typically just come in as I've been a build right, I have build teams, so build team will hand it off to the run team, which is really the, the MSSP or the sock. So my first go around was with a retail client a year or two ago and I was the one that was presenting to the client, did the proposal, talked to the CISO, so we're put the team staff, the team did the financials, so I was end-to-end right and then I put the team together and then led the team. So it was more oversight. I'm so in the consulting world we have a day job, we have side jobs and then some other fun stuff on the side rate. So I had a team of three to four of the build and so essentially we were having to transform their sim platform, which was Splunk, um. So we had, we had to assess it, we had to get data sources in, we were gonna do use cases, but we handed it off to the run and then we had recommendations on next steps for them. So at this time, splunk was really touting that workload model so and we felt they would be a good candidate for that. So a piece of you know what I had to do was talk with leadership about. You know what does it look like? We've afford for y'all. I guess it's important to note they had gone through a ransomware so they desperately needed to make sure that their sim platform was in place. I was recommendation from the Cypher team that came in and helped them. So I think it was about three months, led the team through that and Then we finally wrapped up and we wanted to extend, but unfortunately we weren't able to do that. They went to a different tool, which is which is fine. You know, I had to work through advising them on thinking about what that's gonna do we. A sim is a sim, but you know a different tool is a different tool too. So you know it's not always gonna be apples to apples, but that engagement really tested my ability to to be a leader, to have executive presence. I had to learn how to say no. I had to learn how to manage a junior team. I had to be comfortable Letting go of the fact that I don't know everything and leaning on these folks and then ensuring that I empowered them through this, because I I told some of the members like I want you to have this opportunity Because it doesn't come around all the time that you can just jump into an engagement with a pretty high-profile client and go through this and I have the what we would consider the proper skills at the moment. But I think a part of who I am is just everybody needs a chance. I was given a chance. So it was a lot of ups and downs. The client was really nice. They understood they needed help, but they were really nice to the point of. It was difficult because they're always were saying yes. So it's kind of like the opposite of when they're giving that pushback of no, it's yeah, sure, go for it. Whatever you want to do, I'm like are you sure? Like, do you believe me? I can tell you do whatever. You're like, yeah, great. So that was an interesting challenge in itself and I think just having to manage a team plus I was tasked elsewhere that was tough. I was a very tough three months and then having a life right on the outside world. But we did it and I was super proud and the client was very thankful. Again, they went to a different tool. So it was kind of like three months for what they? Yeah, it was good.

Speaker 1:

I feel like the different tool is really getting to you. You like all this working. Y'all switch. What tool do they go to? Sentinel I have. Why did I? You know it's funny, I was thinking it was signal and then in my mind I was like man, she can't be that matter with signal. Maybe they were the Q-rated or something.

Speaker 2:

Yeah, I would have been irate. I wasn't mad it. You know, it's Not something that's bad. It just Sometimes they look back at it it just sucks right, like we took that time but at the end of the day was right, yeah, yeah, and that's that's I mean. I did it, yeah, so it was okay as long as they're good and that's one of things to write Everybody can't afford splunk.

Speaker 1:

I think that's one of those, those good like one of those hard things to for some people understand. So everybody can't afford Splunk, everybody can't even get the Splunk training. But if you do want to get a suitable Splunk training shameless plug right here for my guy, kenneth Ellison at ECA, go check him out. He's giving you guys affordable Splunk training. That's much cheaper than what you'll get on Splunk's actual site, right.

Speaker 2:

Yeah.

Speaker 1:

I only said that because somebody was mentioning some free training about being a sock analyst. And they do in Splunk fundamentals Certification, which I was like okay, I mean it shows you how to use Splunk, but it's definitely not going to show you how to be a sock analyst. To be totally honest, they had that defensive one. They had that defensive analyst one that Telling you you can take the beta next week at the Splunk conf, but my Splunk power user and all that kind of stuff like knowledge is so rusty I'm not even gonna bother to do it. It really is. From a manager standpoint, what type of strategies and best practices have you put in place to reduce cyber risk?

Speaker 2:

So for my, my clients, yeah, I'm gonna give you a very consultant answer. It may, it depends, it depends. It depends on, obviously, industry need. I'm trying to think of something that's common across the board.

Speaker 1:

And this could be anything. This could be from things that need to be implemented as Splunk, so Something procedural, any anything.

Speaker 2:

Yeah, um, I Guess I'll tap into. What I previously said I hated was documentation, and I say that and the respect of governance and a kind of framework around your platform. That's something I learned, I think that's a couple years ago with the client put together a governance framework around Splunk for them. So what's the process of getting a data source in? What's the process of creating a use case, the maintenance, the architecture, like all these things that I think as engineers and technical folks we will take for granted sometimes, because in consulting we get up and we go three months, two months, we're gone somebody else to come in and figure out what you've left them. But oftentimes I see process breakdowns and that is crucial. Like I think about this in a sense of if I wanna get a data source in, and you know it's a critical source, maybe I have a week to do it, but I have no process, it's never gonna get done. And then what happens if we don't have that visibility? So just the downstream dependencies. And you'd be surprised that pretty much all the clients I've worked with they don't have that. They don't have any type of structure to what they're doing and it just causes more chaos. There's not a focus. If you don't have focus, then how do you do security? So, yeah, that's when I come into a new project, especially nowadays, that's what I'll bring to the table, and I've created some documentation and you know ASICs and accelerators that come with me and most of the time it's well received, right. Sometimes it's tough to actually implement and go through with it, just because we have to do the build part of it. But I think that's so critical and I can't emphasize enough having processes in place for not just your same platform, but, I think, any platform in general for security.

Speaker 1:

And not to mention, I remember in grad school we did this project and it was an enterprise architecture. I forgot what class it was, but it was about how to implement change in a company and how you have to get buy-in from the people at the top so everyone else will follow. And that's one of the hardest things to do when you come into a new environment. Like even now, I think I'm about to be on month six at this new company and we're going over all of us, like the three new people. They put all three new people on the same shift, the swing shift. So we're doing different tabletops of how we do in-same response and all this other stuff. And if you don't have those things in place, then hey for me, every time I come into an environment, I'm always looking. Okay, how many notables are we actually escalating? What are class positives? What are we close with the same clothes? No, I'm always looking at that stuff because I used to do QA for our analysts at Optive and, as boring as it is, it's pivotal. This helps you potentially possibly not get breached, possibly Just because you can start saying who's doing this right, who's doing it wrong. And I've experienced what happens when you had the same clothes over and over again. You're gonna get popped. It's not an if, it's a win, but hopefully you can contain it to where it's not, why I spread and you make the news.

Speaker 2:

It seems so simple. You talk about QA. I didn't realize how important that was until recently either, but you're absolutely right, and I think sometimes QA could come across as we're trying to call out the weakest link, or what are you doing over there with your time? It's not really about that I think about in the aspect of we're trying to improve, and learning from every little mistake is a good thing in this industry, because without those, then what? How do we know what is actually not good? I think we live in the space of the anomalies, right, and what's off and what's different, so we don't know that. It's a little difficult for us to do our job.

Speaker 1:

Yeah, I think we do our psychology like a little. I would do it like secretly or I would try to find like stuff they did good and bad, so it went like it was just all bad. But that part of being a lead was also pretty cool because I still knew just from. Occasionally I wasn't eyes on glass, but I was like the escalation point. I would know what we still were dealing with and then made it easy to speak to in meetings and I think that's one of those critical things too is like that buffer between the other analysts and lead and then the management. I think that's a crucial role. It's like their eyes and ears right there on the field and sometimes if you're not doing that stuff actively and you're working on artist, administrative and client stuff, you could possibly miss some things. That's some of the things that I learned in my career.

Speaker 2:

Yeah, we're all human and it's okay until it's not until you get popped, but it's okay, like I think that's obviously where automation comes into play. But we're gonna make mistakes and you can't be so scared to make them. But again, that's dependent on how you make them, how big it is, but it's okay.

Speaker 1:

So what type of security frameworks and industry standards do you have experience working with, and especially, like you were saying, when it comes to a sim right? We know that for certain compliance standards, certain logs have to be in place, certain alerting has to be in place to appease whatever compliance that the company needs to feed in. Based on the industry standards they're in, which ones are you familiar with or which ones do you see that people maybe should learn so they can make sure they always have a job, or at least attempt to?

Speaker 2:

Yeah, sure, I'll think about it. Some regulatory, some of the common ones like PCI, hipaa, sox I've had exposure. I think HIPAA and PCI I probably understand a bit more. Sox is still iffy. And if I'm thinking about, like security framework, mitre, I love MITRE Not a plug at all, I just really do. I know like Cybertill, shade and some of the other ones, but for me MITRE makes sense For someone that doesn't have a formal security training background and just being thrown into again. Another engagement where I had to map use cases to MITRE. That was everything for me. I understood so much and I anchor on that and again, as I continue forward in my different engagements, I use that read I come in and it helps me understand what the client is. What are you actually seeing, what's in your environment, where are your gaps? And then try to help you remediate that, whether that's sources, whether that's having to get new tooling, whether that's use cases, and some of that doesn't have to be just security tooling either. Right, some of your policies at the organization how are those? And I guess I'll throw in the NIST CSF. I've done a stint there too, with an audit on that, which is also great, I think, for the purposes of across the board, nist, csf is really good to lay a good foundation, but if you're really looking into some of those factors and what they're doing and how they move and manipulate, mitre is my go to.

Speaker 1:

I definitely agree with you, because that's one of the ways people can understand attacks, especially if you are more of an entry level person or have much experience in security. You need help maybe conveying how to answer something. Mitre has all the answers. Just go through and look through MITRE Research some of these recent security breaches and things that may happen. Just look it up and just start getting some knowledge there, and that can help you as well when it comes to interviewing. One thing that I did not ask you, because we talked about it earlier on when you got the 45 case Aleby we didn't talk about that jump to doing Splunk. We didn't talk about that jump right, because there's what about God? When Chris Cochran said there's riches and the niches yeah, yeah, splunk is a niche Like, how was that jump? Like, were you walking around like Mason and Diddy? Were you walking around like Mason and Diddy?

Speaker 2:

Yes, yes. So angles from boost to the low, I want to say it was probably like a 40K increase, 30 to 40. And then to a censure. I believe it was 110. I believe it was 110 with the sign-on bonus, or maybe it was 100 with the sign-on bonus of 10, something like that. So six figures. You know what everybody wants to hear. That was, I'll be honest, I got it. I got the sign-on bonus and I went to a Wizards game and I sat, not court side but kind of court side, and then like had a little suite in the back and I said the Ritz. You know, I did a little something and then realized I had more bills. So that quickly ended, but it was a pretty major jump. That was a great day for me to be able to say six figures, which everybody loves to say. Right, I can say it. Yes, that part.

Speaker 1:

I feel you on that. That's how I felt when I went from what I go from Went from like close to 50 to when I went to. I think. Once I went to McAfee I almost got like I got more than a $30,000 increase Because I had base was like 28,000 and then I had my bonuses. So it was like I think I was like 75 TC. You could tell me nothing, then I could do wherever I wanted. And then it started only going up from there. And Optif was cool because I was making more money. And then Optif had built into our contracts they had shift differential, so it didn't matter what shift you work, you got that. And then if you work the holiday, they would give you holiday pay. So, and you know in the sock, you're not doing that much work on a holiday. So we was volunteering yeah, I work, I just had your laptop open, you might get one alert the whole day Like, oh yeah, for Black Friday and Thanksgiving. I was doing that. I was like I'm going to get this easy money man. But yeah, I didn't see the really big jump, though until well, I lied, before I left Optif I had got a little jump, because that's the thing I probably haven't said it in an episode in a while, but one of the things you can do if you feel like you're underpaid at work this is for my listeners and audience you can ask them to do a comp adjustment or assess your comp to see if you are getting what you should be paid, based on market research. A lot of times they'll look at your job title. They may ask you how much schooling did you finish? You usually experience yada, yada, yada and then they'll look at it and they'll say okay. So right before I left Optif I did a comp adjustment and they finally pushed my base up to what was it? One, I think it was like 105 or something like that, cause I was already like getting like 90 something. But then, once I left there, my big jump happened. When I went to Goldman Sachs, like when I got a finance, I started getting bigger jumps cause it was easy to do. So I went from that one, I think, with a bonus which Optif didn't ask it, the bonus that would have put me at like one low key. It would probably put me at 115. I went from there to one. What was it? 165 or something at Goldman Sachs, and Goldman Sachs also had the guarantee bonus the first year. So I got my first big bonus last year in 2022. And then, yeah, yeah, man, now I had I'm a girl dad, so just getting stuff for them and just doing everything. I think I went somewhere for my birthday for the most part, but now then this year I did the same thing. I was able to get, like a bonus from JP Morgan, and then I also got my sign on and bonus from the new company. So I've learned some stuff on the way, and the good thing is now, with our skill sets there, all these companies willing to pay more as well, because the knowledge that you get everybody doesn't have. So all people really gotta do is just put their head down and put their experience in Now, granted, I also tell people they can, because of inflation and stuff like that, like six figures, you can get it faster now, but a lot of people aren't ready for it because we talked about in the beginning how they can't even manage the money they got now, how they gonna manage six figures, and that's one of the things people gotta ask themselves.

Speaker 2:

It's not really six figures either. I had to tax like you said. You're not making that, I think. Once I realized that, the goal became I want to make six figures after taxes and not just 100K. I want to make more than that after taxes.

Speaker 1:

I'm glad you said that. That's definitely me with the business and the branding and all the other stuff I'm really trying to do, because, hey, just got to go. They take out too many taxes, don't even want to talk about it, get taxes, we get taxes as much as people making a year, but what type of? So the people that are wanting to come into this industry, now right. Or if they say they want to do, hey, I want to do what Ms Khloe does, what would they need to do, like, what skills do you think will be important for them to do your role?

Speaker 2:

Soft skills I'll teach you and I'll share a company to tell you. I'll teach you the tech stuff. I'll teach you what we call hard versus soft. But, like I said at the help desk job, the customer service, the time management, being able to network and know where to go for help those things get lost in the sauce far too often. And, speaking as a manager that staffs teams, when I do staff teams I look for folks that are able to do that. I look for folks that are good communicators and it sounds really cliche but it's very important and I'll work with you on those strengths. And I think about a time I had a consultant he's a great talker like amazing, he convinced me of a lot of things. I was like, wait, what did we do that? I was like okay, but technically he wasn't as strong and I was like that's okay, we'll work through that and we sure did. We've had, such as, on the side to stay up late and do it together, get up early, but some of those soft skills that you just need to come to the table with. And because you have to have a presence, because, again, if I'm working with you to tell you what time it is on your watch. There's a proximity that I might get to, if it's physical, right, or even kind of virtual. That virtual proximity I'm getting with you, how I'm talking to you, my body language towards you, the engagement with you. I have to establish trust in a rapport with you, because if I don't have that, why would you listen to me? Like Henry, if I get on here and I don't trust you, I'm like why you ask me that question? I don't want to tell you my salary, okay next. So all of those things are to me way more beneficial than becoming a Spunk architect. Well, still do it. If you want to right, there's nothing wrong with it. But if you can learn all the technical but you can't talk about it, you can't talk to it. You can't bring it upwards to business level or to executive level. You're going to kind of be stuck in a space, right, you're going to kind of just get labeled the person that's just going to do the tech, which is great, you can do that and you can move up. But I think and I tell folks all the time it's a superpower for me to be able to do both. I can get on the keyboard with you, but then I can also bring it up, I can present it to you, I can talk to you about it, I can talk to the C level about it, to those soft skills you've got to come with some, if not all, yeah.

Speaker 1:

I think those are some of the things that people neglect, that they don't think that are important. But you just be surprised at who just wants you to come on just because they like you and who you interact with. Like I remember before I left GS I was getting a lot of good reviews from different managers and stuff like that when they were interacting with me when we were working on a project we were working on. They had like an internal ticketing system that they had used. Why, I don't know, it cost more money to upkeep. Then let's finally move on over to ServiceNow and then their security module. So I was helping with that and I think one of the biggest things, like you see in most industries phishing. So that was our first project working on. Hey, when somebody does report phishing, it automatically comes into the, it automatically makes the incident. So that's one of the first things we worked on. Funny enough, we were working with KPMG on that. I know I didn't even bring it up. I was like, wait, so we'll be talking all day about all this stuff. So you gave them kind of like the blueprint of, of course, using the soft skills, but really quickly on hard skills, maybe if they don't want to take as long as the time to get to what they need to be. What are some things like they possibly could learn, like right now, maybe on their own, that will help them basically be able to do something with Splunk, whether it's architect role, whether it's engineering, whether you know they're doing like endless type of work. What could they learn?

Speaker 2:

That's a really good question. I don't think I've ever been asked that. I guess what I would say is get the free demo and just play around with it. That's kind of bland answer. I'm trying to think of something outside that would help.

Speaker 1:

I hope you land right, and this is one of the ways I help clients. Let's say, for instance, a person came and asked you because I teach them to do this. I said, hey, let's find some people on LinkedIn that got the job title as you want. Let's try to reach out to them and talk to them. Let's ask them what their day-to-day is, and you know them. Asking you what their day-to-day is, they can say, hey, you know. So, based on your day-to-day, what are some things I should learn on my own? And how would I replicate these things on my own type of home lab on projects, right? So I know it's going to be hard for them to replicate some of the stuff that you do, but what is something like, of course, like they can onboard their own logs. You know they can make up a fictional company and they have different log sites, like I have one I found for clients called SecRepo, where you can just find these logs and you can onboard them and do other different things with them. So I guess some of the lines are like that. Like, maybe, hey, should they learn how to be a power user at Splunk admin, should they understand, like, maybe some networking fundamentals, some security fundamentals, something about databases, you know, whatever some stuff like that. If they're going to go like maybe they want to do a little bit more consulting when they have to help out, more of a Splunk.

Speaker 2:

Yeah, I think if you can understand the CLI of Windows and or Linux, that's helpful. And I say that with the hesitancy only because things are shifting to the cloud so much that I rarely have to architect an environment from scratch. Shout out to the SaaS platforms, that's amazing. But what I've realized that can bleed into other aspects of security which I didn't realize beforehand. Once I started to feel comfortable on the Linux CLI and then I realized, okay, I can utilize this across other tools, I can utilize it across other investigations. I can start to configure other things, and you can. I guess even on a Mac too, you can get on a terminal fairly easy. You can do that on your Windows computer too. Just start to mess around with your files and your structures, kind of where your data is residing, because that goes outside of just the SIM. Outside of that, it's tinker around. I still tinker around all the time, even if it's just on my phone and settings, and trying to figure out things. I'm very much so open up the hood and figure out how it's working. So it's maybe working that muscle in your brain of being able to break down and build up and problem solve, which you can do anyhow anyway. Okay.

Speaker 1:

Cool. So we've got two last questions. Number one are y'all hiring? I'm trying to get you some more. Trying to get you some more feral money.

Speaker 2:

Well, thank you. Thank you, I appreciate that I want to say no, but I want to say, potentially, we are expanding. There's some work that we're expanding into that we might. I'll let you know for sure, obviously, and anyone else. It never hurts just to ask because I've asked myself. Right, people have reached out to me and I'll ask the question. They'll tell me no, but at least sure you're on file rate. I remember you and they remember you.

Speaker 1:

Last thing is what would be three things you want to leave the guests with today? It doesn't have to even be tick-specific, it could just be three things that you use in your life that you want them to take away from this conversation.

Speaker 2:

Sure it's going to be humble. I have to remember that every day. Where you came from, it grounds me Kind of like you recently asked us to manifest. I didn't really know the power in that Manifest and those affirmations, which is another thing I didn't really believe in, but telling yourself you are worthy, you are here for a reason. I'm working through that personally. Make sure you enjoy what you do. I would probably not be doing what I am today if I didn't enjoy waking up and walking up to my office and doing this. If you don't enjoy it, just don't. Those are my three things.

Speaker 1:

Probably three things, especially touching on and enjoying what you do, because a lot of people don't. They do it for their own reasons and burn out, and that's one of the causes of burning. They're just doing it for the money. It's only so much money that's going to keep you going. It's got to be a little bit more intrinsic to keep you going.

Speaker 2:

Yeah, that's true. I want to tell you one last thing. You were talking about manifesting cars earlier. I didn't tell you I wanted a baby blue Range Rover. Don't ask why A Carolina blue, I'm sorry, not a baby Carolina blue. I manifested that. I didn't get it, but I did get a white one. So there we go. I'll leave you with that. So manifestation is real, even if I didn't really believe in it at a point, I guess I was doing it somehow, some way.

Speaker 1:

Definitely, definitely no. Well, guys, I appreciate you guys for tuning in today. This has been another episode of Textual Talk. If you want to watch this, like I said, with no ads, make sure you tune into the Patreon. If not, you'll be seeing this on Monday. You're listening to it on a Saturday. Like I always say, guys, until next time let's stay textual. It's boy HD and we are out.