Developers about to enter the workforce are looking for professional learning and work/life balance more than corporate perks, according to HackerRank.

Originally Posted On: techrepublic.com

Organizations desperate for software engineering talent tend to follow similar plays when it comes to attracting student developers about the enter the workforce, including offering perks like free food, beer, and ping pong. However, student developers have a much stronger appetite for other workplace elements when making employment decisions, according to a Tuesday report from HackerRank.

The three most important criteria students look for in job opportunities are professional growth and learning (58%), work/life balance (52%), and having interesting problems to solve (46%), according to a survey of 10,350 student developers worldwide. These far outpaced compensation (18%) and perks (11%), which they view as “nice to haves” rather than deal breakers, the survey found.

This should serve as a wake-up call to companies looking to attract new graduates, who need to take these career preferences in mind as they design and market software developer jobs, the report noted.

SEE: IT Hiring Kit: Programmer (Tech Pro Research)

For many student developers, a computer science degree is not enough to teach them the skills they will need in the workforce, the report found. Nearly two-thirds (65%) said they rely partially on self-teaching to learn to code, and 27% say they are totally self-taught. Only 32% said they were entirely taught at school, the survey found.

Student developers are most likely to turn to Stack Overflow (77%) and YouTube (73%) to learn new programming languages, followed by books (60%), competitive coding sites (46%) and MOOCs (46%), according to the survey.

There also exists a discrepancy between what coding languages developers learn in computer science curriculum, and what employers are actually looking for, the report found (you can see more results about the programming languages most in-demand by employers versus those students actually know here).

“Today’s average CS curriculum is not a clear indicator that a student will possess the skills needed to enter the workforce,” Vivek Ravisankar, CEO and co-founder of HackerRank, said in a press release. “Our mission is to connect all developers to the right jobs. Part of this is educating recruiters on the unique DNA of student software programmers, and helping them understand how critical it is to look beyond university degrees.”

The big takeaways for tech leaders:

  • The three most important criteria student developers look for in job opportunities are professional growth and learning (58%), work/life balance (52%), and having interesting problems to solve (46%). — HackerRank, 2018
  • 65% of student developers said they rely partially on self-teaching to learn to code, and 27% say they are totally self-taught. — HackerRank, 2018

Like the almond and pistachio trees in California’s Central Region, careful crop tending and patience were the keys to success in building dual enrollment in ICT courses. 

Dennis Mohle, ICT-DM Deputy Sector Navigator in the Central Region, said CyberPatriot was the catalyst that sparked the increase in enrollment. 

“Three years ago, we had three CyberPatriot teams in the region, today we have more than 50,” Mohle said. “The high school students in CyberPatriot are natural ICT dual enrollment candidates. If you have enthusiastic coaches (high school teachers) and supportive community college administrators, then you have the proper climate for technical articulation programs such as dual enrollment.” 

Fresno City College turned CyberPatriot teams into full-time students using the dual enrollment program. Timothy Woods, the college’s Dean of Business, created a conceptual pathway from high school to technical employment using CyberPatriot, CompTIA A+ certification, and college credit. 

“With help from the Career Ladders Project and the Strong Workforce Program Metrics, college faculty and high school teachers were immediately engaged,” Woods said. “One high school CyberPatriot coach is now a qualified community college adjunct instructor teaching Fresno City’s A+ curriculum to his CyberPatriot high school students.” 

Woods said CyberPatriot students could complete the CompTIA A+ certification after earning college credit and be prepared to transition into an IT support position after graduating. 

“We serve a lot of first-generation college students, and when underserved high school students gain confidence by learning how to fix a computer, and then get a part-time job doing something technical that they’re good at, well, that’s life-changing stuff,” Woods said. 

Modesto Junior College has also seen success from CyberPatriot. More than 40 students attended the college’s cybersecurity summer camp, and the school is already making plans to scale up for next year. Four high schools in the region have already formed new CyberPatriot teams since the school year began. 

“We are now working on a process to support schools that have decided to continue with the CyberPatriot program by creating competition teams at their schools,” said Brent Wedge, Cybersecurity Lead Faculty at Modesto Junior College. “The teachers, students, district IT and district administration of the Modesto City Schools District have all been very supportive. We are learning together and have a lot to organize but everyone is eager and seem to be up to the challenge.” 

Like Woods, Wedge sees CyberPatriot as a gateway to college for students who might not have otherwise considered higher education. 

“Over the years I’ve had a few high school students take some of my [college] classes and if properly prepared they can do very well and will be much further ahead of their peers in the long run,” Wedge said. 

Mohle said he’s proud of the work that’s been done so far and expects more good things to come for cybersecurity in the Central Region. 

“It took a while, but we are finally reaping the benefits of CyberPatriot. College classes, CompTIA certification, self-confidence – these are the seeds of success that our technology-oriented, yet underserved, students needed. Talk about moving the needle … you’ll see impressive things from the Central Region this year,” Mohle said.

Kaspersky Lab’s found evidence that a small spyware government contractor sells iOS malware, showing it may not be as rare as some people think.

Originally Posted on: motherboard.vice.com

Thanks to a combination of tight controls and innovative security features, Apple has made the iPhone perhaps the most secure consumer device in the world. But nothing is unhackable, and iOS malware isn’t as rare as many may think. 

Earlier this year, Russian cybersecurity firm Kaspersky Lab found evidence that a small government spyware maker called Negg developed a “custom iOS malware that allows GPS tracking and performs audio surveillance activity,” according to a private report the company sent to subscribers. The discovery of Negg’s iOS malware has never been reported outside of Kaspersky.

“We have uncovered an iOS implant,” Kaspersky Lab researcher Alexey Firsh told Motherboard in an email. “We assume that at the moment of discovery it was in a development stage and was not fully adapted to infect potential victims.”

“We have uncovered an iOS implant.”

Malware on iOS has always been rare, thanks to the increasing difficulty of jailbreaking iPhones and Apple’s continuous focus on locking down its devices. This has driven prices for iOS bugs and exploits through the roof. Nowadays, companies are willing to pay around $3 million for software that jailbreaks and hacks iPhones—and researchers are reluctant to report bugs to Apple simply because others pay better. 

Governments around the world have been willing to spend a fortune on iOS malware. Saudi Arabia paid $55 million to purchase iPhone malware made by NSO Group, according to a recent report by Israeli newspaper Haaretz. There’s several companies specializing in iOS malware, such as Azimuth, NSO Group, and some more. But despite the appearances, iOS malware isn’t only in the hands of big companies and their government customers. 

Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at [email protected], or email [email protected]

Security researcher Zuk Avraham recently wrote on Twitter that iOS jailbreaks, the basis of any kind of malware for iOS, aren’t as rare as people think, and estimated that there are more than 50 groups who have iOS exploits. While most people believe that only powerful government adversaries have access to iPhone exploits, more discoveries are being made that suggest that lesser-known groups have exploits as well. 

Now, even relatively smaller companies have iOS malware. 

Earlier this year, Kaspersky Lab reported having found a sophisticated spyware for Android dubbed Skygofree. Sources told Forbes at the time that the spyware was made by Italian government surveillance contractor Negg, a small upstart that isn’t as well known as NSO or Azimuth. While investigating Negg’s Android malware, Kaspersky Lab found that one of its command and control servers pointed to a “rogue Apple [Mobile Device Management] server,” according to the company’s private report. 

A source who received the report shared details contained in it with Motherboard on condition of staying anonymous since they were not authorized to share the information. 

Mobile Device Management or MDM is a feature in iOS that allows companies to manage and monitor devices given to their employees. By installing an MDM profile or certificate on an iPhone, a user gives the MDM owner some control over the device. This mechanism can be used by malware creators. In July, security firm Talos found that a hacking group used MDM to target a few iPhones in India (Mobile Device Management can be turned on for every iPhone.)

Costin Raiu, the head of Kaspersky Lab’s research team, said that Negg’s MDM server is still active. In its private report, Kaspersky Lab researchers wrote that “the code contains many mentions that let us presume that the developer is a small Italian company named Negg.”

Negg did not respond to a message sent to its official information email address. When Motherboard called its office, an employee said she’d refer questions to the company owner, who was not available at the time. Apple did not respond to a request for comment.

It’s unclear how government hackers get the malware on target’s iPhones. Kaspersky Lab researchers speculated it may be via social engineering “using fake mobile operators sites.” In other words, this malware does not leverage any bugs or exploits in iOS, but instead takes advantage of MDM, which is a specific design feature in the operating system. In this way, it relies on a tried-and-tested social hacking technique—tricking users into installing something. For many years, the average user could essentially click on any link, download any app, and otherwise use their iPhone without worrying about targeted surveillance. That may soon no longer be the case.

“You’re basically turning over administrative control of your phone to the attacker.”

In May, Motherboard revealed that Italian cell phone providers were helping cops install malware on suspected criminals’ phones.

According to former Cyber Command hacker and now director of cyber solutions at Point3 Ryan Duff, this discovery should not be seen as too much of a worrisome sign. 

“As far as MDM as an injection method for malware, it’s pretty lame,” Duff told Motherboard in an online chat. “As far as risk goes, it’s pretty low. You can’t just force an iPhone to connect to an MDM server. You would have to get them to install a device profile onto their phone. You’d need to social engineer them in some way to installing the profile.”

Raiu said that Kaspersky is not sure how Negg—or its customers—get the malware on the target iPhones. It could either be social engineering, Raiu said, or “even physical access.” Kaspersky is unsure if Negg has any zero days or specific iOS exploits.

Even if MDM-based malware is not as sophisticated as malware that gets injected with expensive and unknown vulnerabilities—or zero-days—once it’s on the phone the result is the same: the hackers—be them criminals or government-sponsored—have access to everything on the phone. 

“You’re basically turning over administrative control of your phone to the attacker,” Duff told me. “So of course they can install malware from there.”

Ticket Into Tech shows that IT and cybersecurity are for everyone

Michael Specchierla’s career began as a teacher and librarian more than 20 years ago. As computers and the Internet made their way into schools in the mid-1990s, he quickly saw the potential they could have and, although he didn’t know exactly how everything worked, jumped at the opportunity to figure it out with his students and colleagues.

Specchierla still applies that mindset today as the Director of Career and Technical Education for the San Luis Obispo County Office of Education. In that role, he’s responsible for creating programs that give students the skills they need to meet the demand for IT and cybersecurity jobs in the region.

Along the way, Specchierla has always stressed the importance of innovation and hands-on learning. The desire to learn and motivate others goes much farther than degrees or technical experience when it comes to introducing students to new concepts like IT and cybersecurity.

“We took a classic 1960s library and brought a computer lab into it,” he said. “We learned pretty quickly how to set up routers and servers and get the bandwidth moving. I taught a library assistant how to do basic troubleshooting so they would know when to escalate.”

Specchierla oversees the SLO Partners program, which connects business and education to promote real-world learning through apprenticeships and create pathways from the classroom to IT jobs in less than two years.

Throughout his career, Specchierla has seen that technology changes quickly and it is impossible for teachers to stay on top of everything. Letting go of the notion that teachers need to have the answer to every question is essential for success in IT and cybersecurity, as he’s experienced in his own teaching.

“The subject matter and content will keep on changing, and you need to be willing to learn it alongside people,” he said. “I took comfort in the fact that I didn’t know all of the answers, but I knew more about how to solve problems and figure things out quickly so I could help them find the answers they needed.”

Specchierla’s experience in the K-12 world demonstrated that anyone could enter the technology field, no matter what level of familiarity with technology they had. This philosophy lies at the heart of SLO Partners Ticket Into Tech Program, which provides training and apprenticeships to people from all backgrounds who have the desire to learn.

Ticket Into Tech provides a mix of online and classroom learning, along with a yearlong apprenticeship, to give participants the skills they need to obtain stable, high-paying jobs as software developers, software testing technicians, IT technicians, and other technology-related positions.

“We brought in people who had minimal experience with tech and never thought they could do it,” he said. “Our apprenticeship program allows them to start doing the work and getting the confidence that comes with it. Employes are going to see that they’re a good bet.”

And, thanks to the efforts by Specchierla and his team, employers are already starting to see the benefits that Ticket Into Tech provides. The immersive approach Specchierla piloted in his classrooms and libraries is paying off for businesses throughout the San Luis Obispo region.

“Bootcamp-style training programs are so effective for technology. They essentially throw all the information at you so you can see what sticks and what piques your interest,” said Dan Blike, Lead Software Engineer at IQMS. “A lot of people don’t know what they like about tech until they experience it. It’s also hard to see why the theory and curriculum matters until you start building something, so it provides that much-needed context.”

Specchierla said Ticket Into Tech’s success shows the power that can come when industry and education work together.

“If you use your employer partners correctly, they’ll give you those real-world problems and that’s what you need to bring into the classroom,” he said.

Clever Ducks, an IT consulting firm in San Luis Obispo, has hosted several Ticket Into Tech apprentices, who gained hands-on experience from the company’s more seasoned employees. Co-founder Amy Kardel sees the apprenticeship program as a critical part of building and sustaining a cybersecurity workforce.

“When we think about cybersecurity we think often of only the point of the spear cyber warrior types, but cybersecurity requires a whole army of skilled tech workforce to set things up correctly in the IT environment and maintain them,” Kardel said. “Apprenticeships let us train this essential workforce efficiently and meet the needs of the job market while giving people a great start in a growing career field.”

Moving forward, Specchierla hopes Ticket Into Tech’s success will help break the stereotype that people need to have technical backgrounds to succeed in the technology industry or mentor others looking to do so. This applies to teachers, coaches, and anyone else looking to take on a mentoring role in IT or cybersecurity.

It might seem counterintuitive or even a little scary to think about, but as Specchierla’s career has shown, it definitely pays off in the end.

“Early on in my teaching career, one of my mentor teachers said that the teacher shouldn’t be the hardest person working in the room or the one doing all the work,” Specchierla said. “High schools and community colleges need to create environments that allow the learning to be supported and amplified and allow students to gain confidence in the process.”

 

Originally Posted On: techrepublic.com

Experts predict companies will continue to hire cybersecurity, AI, and developer roles throughout the year.

The tech jobs landscape of 2019 will likely look largely the same as it did in 2018, with roles in software development, cybersecurity, and data science dominating across industries.

“Emerging technologies will be key catalysts for the in-demand jobs we expect to see in 2019,” said Sarah Stoddard, community expert at job search site Glassdoor. “From artificial intelligence, automation, virtual reality, cryptocurrency and more, demand for jobs in engineering, product, data science, marketing and sales will continue to rise in order to support the innovation happening across the country.” 

More and more often, traditional companies are beginning to resemble tech companies, and this trend will likely continue throughout the next year, Stoddard said. “As employers across diverse industries, from health care to finance to automotive and more, continue to implement various technologies to streamline workflows and boost business, the demand for top-notch workers who have a balance of technical and soft skills will continue to rise.” 

SEE: The future of IT jobs: A business leader’s guide (Tech Pro Research)

Here are 10 of the most in-demand tech jobs of 2019, according to recruiters and career site experts. 

1. Cybersecurity engineer

Security is a major concern for companies and consumers alike in our connected world, said Marc Cenedella, CEO and founder of executive job search site Ladders

“Because of this emphasis on organizational safety, we’re seeing a huge upswing in the number of security engineer jobs meant to be the first line of defense to safeguard lucrative products and services,” Cenedella said. 

Internet of Things (IoT) security will become a particular area of focus, as connected devices become staples in daily life and cybercriminals look to exploit them, said Stephen Zafarino, vice president of national recruiting for recruiting agency Mondo. “Companies are definitely looking to figure out how we can protect these new products that we’re putting online and make sure they’re not a vulnerability,” Zafarino said. 

2. AI/machine learning engineer

The explosion in artificial intelligence (AI) and machine learning technologies across the enterprise has led to increased demand for these professionals. “Everyone’s trying to figure out ways to optimize their businesses and their practices, and how to automate and make their day-to-day lives a little bit easier, or a little bit more productive and functional,” Zafarino said. 

3. Full stack developer

Full stack developers are among the most in-demand by employers right now in terms of open job postings, according to data from job search site Indeed

“Some companies are moving away from siloed back-end and front-end development teams, which requires hiring developers who can work on all levels of the application stack,” said Paul Wallenberg, head of technology recruiting services at staffing and recruiting firm LaSalle Network

SEE: Job description: Data scientist (Tech Pro Research)

4. Data scientist

Named the no. 1 best job in America by Glassdoor for the past three consecutive years, data scientists are expected to remain in high demand in 2019, as nearly every company now has the ability to collect data, and all need employees who can effectively organize and analyze this information. 

“Companies are continuing to increase their own proprietary data, but are also looking at ways to incorporate third-party data to understand problems impacting their business, and having data science competencies internally enables them to do that,” Wallenberg said. 

5. Python developer

The rise of AI and machine learning technologies has led to increased demand for Python developers in the enterprise, Zafarino said. The fastest-growing programming language, Python is also relatively easy to learn, and has a large developer community. 

SEE: Hiring kit: Python developer (Tech Pro Research)

6. Java developer

Java developers will remain in high demand in 2019, according to data from Indeed and Glassdoor. Despite the growth of programming languages like Python and R, Java continues to dominate the enterprise, with the growth of the cloud keeping it on top. 

7. JavaScript developer

JavaScript also remains popular in the enterprise, and will continue to in the new year. “Companies that have development teams structured between front-end and back-end teams are hiring technologists whose strengths lie in using various JavaScript libraries and frameworks to deliver more compelling user interfaces,” Wallenberg said. 

8. Cloud engineer 

Job postings that include the terms cloud computing or cloud engineer have gone up 27% since 2015, according to Indeed. “As companies move away from an on-premise infrastructure model to a cloud-first approach when upgrading or designing new environments, the need to hire technologists with cloud experience has increased dramatically,” Wallenberg said. 

9. Scrum master

Organizations are increasingly turning to Scrum to organize software development, and this method will break out even more in 2019, Cenedella said. “Thousands of companies are hiring so-called scrum masters for the purposes of achieving excellence in self-organization and making changes quickly in their Agile environments,” he added.

10. DevOps engineer

As the DevOps workflow grows increasingly popular, more organizations are seeking DevOps engineers, according to Indeed. The number of job postings mentioning DevOps rose from less than 1% in 2012 to more than 24% in 2017, another Indeed report found. These professionals also ranked no. 2 on Glassdoor’s 2018 Best Jobs in America list.