From meetup to major career moves: A chat with Esha, Cybersecurity Analyst

Hack The Box isn’t just about labs and challenges—it’s a community where careers can start. Take Esha as one shining example; she recently started a new job as a Cybersecurity Analyst, after a productive Hack The Box meetup in Auckland. 

We caught up with her to hear about her experience, the tips she picked up, and how hands-on learning changed the game.

HTB: Congrats on the new role! What are you doing now, and how did the opportunity come about?

Esha: Thank you for having me here! Currently I am working as a Cybersecurity Analyst at Amaru, dipping my feet both in red teaming and compliance. This opportunity came by after attending a Hack the box event in Auckland, and it was actually being hosted at Amaru. Through this event, I was able to engage with the team.

HTB: You mentioned meeting someone at a Hack The Box event—what was that experience like, and how did it lead to your new job?

Esha: It was fun! We had two machines to solve; in the beginning I thought it was a competitive event like a CTF but it turned out that everyone was very collaborative, helped me out whenever I got stuck during any challenges. 

And moulded into this learning experience for me, because the focus was about how such challenges are tackled from a red team's perspective. I got to chat with the folks from Amaru about what I have been learning, my CTF experiences, and that kind of started the whole process that led to the job.

HTB: Was that your first time at a meetup like that? What made it stand out?

Esha: Yeah, it was one of my first. What stood out was being in the same room with people solving challenges—it felt different from doing labs alone. 

You get to see how others approach problems and pick up little tricks you wouldn’t otherwise, like someone showed me how you can pipe Gobuster results straight into wfuzz, which saves time instead of copy-pasting between tools.

Another person told me how in CTFs she always writes down the flag format in HEX and Base64, so whenever weird encoded strings show up, she can instantly tell if it is the flag. Stuff like that really stuck with me.

HTB: Looking back, what skills or experiences do you think helped you stand out to employers?

Esha: The hands-on stuff. Hack The Box labs gave me solid basics, like Broken Access Control, Kerberos attacks, Wi-Fi cracking, Nmap scans, Introduction to Red Teaming AI, so when I talked about tools or attacks, I was not just quoting theory.

HTB: Did any hands-on platforms or projects come up during interviews?

Esha: Loads! I got a lot of my basics cleared out through the lab simulations on Hack The Box. Especially OWASP top 10 Broken Access control, Kerberos Attacks, Wi-Fi Password Cracking Techniques, Network enumeration with Nmap, etc. 

Because of practical experience of doing these labs I had the exact understanding of how real world simulations are, relate to that and explain the tools properly. I also had my fair share of experience in CTF competitions, and a couple of bug bounty programs which helped in my case.

HTB: What advice would you give to someone trying to get into cybersecurity right now?

Esha: Cybersecurity is always changing, and the learning never stops, so getting the basics down is everything. Start with networking, operating systems, and then core attack techniques, I would suggest nailing those first. Then jump onto hands-on platforms like Hack the Box because that is where things really start to click. 

And go to meetups and events; Hack The Box events, purple team nights, Secure coding practices, Cloud Security—whatever is relevant. You will meet people who actually work in the field and can give real advice and opportunities. If you want to be a purple teamer or red teamer, those in-person connections are a gold mine.

HTB: What are you most excited about in your new role, and how do you plan to keep growing?

Esha: I am always excited about getting hands-on with trying to break any system (legally), right now I have been diving more into API pentesting, and on the compliance side I am learning about SOC 2. 

My skills are still in the growing stage, but that is exactly what makes this role exciting because I get to learn with every project. I plan to keep building up by doing more hands-on projects, working toward certifications, and staying active in the community so that my growth does not stop and I can keep myself informed with all the updates with the field.

4 key takeaways from Esha

• Hands-on labs and CTFs aren’t just for practice—they give you real-world skills you can talk about in interviews.

• Meetups and community events are invaluable for connections and learning practical tricks from peers.

• Starting with the basics (networking, OS, core attack techniques) makes advanced platforms and challenges easier to digest.

• Continuous learning is key—whether through projects, certifications, or just staying involved in the community.

Want to follow a career path like Esha’s? Dive into Hack The Box Academy and build the skills that actually matter to employers.

Hit HTB Academy now ✅