The Job Security Cybersecurity Podcast cover art

The Job Security Cybersecurity Podcast

The Job Security Cybersecurity Podcast

Written by: Expel MDR
Listen for free

About this listen

The Job Security Cybersecurity Podcast, brought to you by Expel Security, explores the unique perspectives and stories of the people who make the cybersecurity industry what it is—whether they realize it or not. Hosts Dave Johnson and Tyler Zito recognize that we're living in an enlightenment period of cybersecurity, where the industry has stabilized with established education systems, compliance frameworks, and documented methodologies. But it took a lot to get here.


This podcast looks inward at our community and culture, sharing the stories of how we built this industry through DIY traditions, mythologies, and countless people figuring it out as they went. We explore not just the technical aspects of security, but the human elements—from current students and interns to seasoned professionals, and even those outside cybersecurity who offer valuable perspectives on risk, strategy, and innovation.


Expect conversations about where we've been, where we are now, and where we're headed next. We'll talk to adjunct professors, threat hunters, entertainers at hacker conventions, and professionals from adjacent industries who can teach us something new. This isn't another podcast about threats and threat actors—it's about the people doing the work and the lessons we can learn by looking in slightly different directions.


Join us for a mix of education, entertainment, and optimism as we celebrate how far cybersecurity has come while inspiring curiosity and innovation for the future. Whether you're taking a lunch break or winding down after incident response, we're here to help you relax with good stories and interesting discoveries.

© 2026 The Job Security Cybersecurity Podcast
Episodes
  • Episode 6: Becoming a tech evangelist
    Feb 4 2026

    Hosts Dave Johnson and Ben Baker sit down with Tim Chase, Global Field CISO at Orca Security, to demystify one of cybersecurity's most intriguing and often misunderstood roles. With over 20 years in information security—from manual penetration testing in 2002 to leading cloud security programs and now evangelizing cutting-edge technology—Tim shares the real story of what tech evangelism means, how to break into the field, and why listening matters more than talking.

    Key topics & timestamps

    Defining tech evangelism (4:00 - 6:07)

    • Not just talking about products—educating on industry trends and challenges
    • Sitting at intersection of marketing, sales, and product teams

    The guiding philosophies of effective evangelism (8:03 - 11:21)

    • Drawing on personal CISO experience to stay authentic
    • Putting yourself in the audience's shoes before prescribing solutions
    • Listening as much as talking—learning never stops in cybersecurity

    Tim's journey from practitioner to evangelist (12:52 - 20:53)

    • Started in AppSec to cloud security to evangelist
    • The path was convoluted but intentional at each stage

    Why connections alone don't make good evangelists (21:25 - 25:16)

    • Hiring for rolodex depth is a short-term strategy that fails
    • Executive presence and communication skills matter more
    • Speaking CISO-to-CISO changes the entire conversation dynamic

    The art of adding value without being preachy (25:16 - 28:36)

    • Cybersecurity professionals don't want product pitches—they want help
    • Executives struggle with "Is this just me?" moments—evangelists provide perspective
    • Positioning your company as thought leaders, not just vendors

    Breaking into tech evangelism (33:10 - 35:48)

    • Find your preferred communication medium and start there
    • Stretch yourself in areas where you're uncomfortable
    • Learn how good sellers ask discovery questions

    What's happening at Orca Security (38:11 - 39:48)


    Key quotes

    "A tech evangelist to me is just someone that sees what's going on in the industry. They've got the history, they've been in it long enough that they can really kind of educate others... to tell them kind of what you're seeing and where they should be focused." - Tim Chase

    "One of the ways that you can get security leaders to pay attention is if they know that you've walked in their shoes before. I've literally seen the face and the conversation change when I introduce myself and they realize I'm not an SE or a seller—I'm a practitioner." - Tim Chase

    "Let the sellers sell, and let me evangelize. They've got their process and they're respected for what they do, but let me just talk about the problem." - Tim Chase


    Helpful links

    • Orca Security
    • (Blog) Where to start your cloud security program by Tim Chase
    • (LinkedIn) Tim's response to Tom Alcock

    Production Credits

    • Co-hosts: Dave Johnson and Ben Baker
    • Producer: Ben Baker
    • Sponsor: Expel Security

    Connect

    • Follow Expel (follow us on LinkedIn, X, and YouTube)
    • Rate and review on your favorite podcast platform
    Show More Show Less
    44 mins
  • Episode 5: Hackers helping hackers: Mental health in cybersecurity
    Jan 14 2026

    In this episode of The Job Security Podcast, host Dave Johnson sits down with Amanda Berlin, CEO and co-founder of Mental Health Hackers, to explore the mental health challenges facing cybersecurity professionals and what the community is doing to address them.

    This conversation covers the unique stressors in cybersecurity work, the prevalence of neurodivergence in tech, practical strategies for combating burnout, and how Mental Health Hackers is creating safe spaces at conferences worldwide where hackers can support other hackers.


    KEY TOPICS & TIMESTAMPS

    4:00 How Mental Health Hackers got started

    5:22 What Mental Health Hackers does

    7:52 The challenge of finding mental health professionals who understand cybersecurity

    8:32 Practical strategies for preventing burnout

    12:08 Why polymaths have an advantage in mental health

    13:35 The most common mental health issues in cybersecurity

    16:10 The pressure of leadership and C-level mental health

    18:52 Finding therapists who can follow technical conversations

    20:43 Connecting mental health professionals with InfoSec practitioners

    22:50 Mental Health First Aid training—what is it is and why it matters

    24:13 How to volunteer or sponsor Mental Health Hackers

    26:49 What businesses can do to support mental health

    29:17 The cultural evolution of the cybersecurity community

    32:05 How DEF CON has changed over the years

    35:26 The connection between physical and mental health


    KEY QUOTES

    "Do something that is not security related, something that's not your day job related. For a long time I did not do that and burnt out." - Amanda Berlin

    "There's actually a really high occurrence of general mental health issues in STEM fields, as well as neurodivergence. We see it all the time." - Amanda Berlin

    "When my kids tell people what my nonprofit does, they describe it as sort of like a daycare for adults that are geeks. And it's pretty close to that." - Amanda Berlin


    HELPFUL LINKS

    Mental Health Hackers - https://mentalhealthhackers.org


    CREDITS

    Host: Dave Johnson

    Producer: Ben Baker

    Sponsor: Expel Security


    Connect

    • Follow Expel (follow us on LinkedIn, X, and YouTube)
    • Rate and review on your favorite podcast platform

    The Job Security Podcast explores the unique perspectives and stories of the people who make the cybersecurity industry what it is, whether they realize it or not.

    Show More Show Less
    38 mins
  • Episode 4: Making cybersecurity events findable
    Dec 2 2025

    Host Dave Johnson sits down with Walter Martín Villalba, founder of InfoSecMap, to explore how he's solving one of the cybersecurity community's most persistent challenges: finding and tracking the thousands of InfoSec events happening worldwide. This conversation covers the origin story of InfoSecMap, the mechanics of manually curating event data at scale, and the unique welcoming nature of the InfoSec community that keeps people coming back.

    Key topics & timestamps

    The problem InfoSecMap solves (3:37 - 5:16)

    • Missing events after expensive travel, information scattered everywhere
    • Turned frustration into action during early pandemic 2020

    Building InfoSecMap from scratch (5:54 - 9:45)

    • Started as side project, realized one person couldn't maintain it alone
    • Today: 6-7 people handling operations, outreach, and development

    Recent explosive growth (10:40 - 12:55)

    • Crossed 10,000 unique monthly visits two months ago
    • Now at 23,000 monthly visits (120-130% growth)
    • 100% organic traffic—no paid promotion

    Strategic partnerships and credibility (12:55 - 15:47)

    • Official partnership with OWASP Foundation provides credibility
    • Partnerships with BSides Security globally

    Partnership opportunities (15:51 - 19:01)

    • Flexible models: cross-promotion, highlighting CFPs, sponsor calls
    • Powerful filtering by dates, regions, and topics

    First conference and community passion (19:17 - 21:49)

    • First major conference: OWASP Global AppSec USA 2013
    • InfoSec community uniquely welcoming with knowledge sharing culture
    • Platform lists CTFs valuable for career development

    Manual curation at scale (23:28 - 25:29)

    • Everything manually curated to ensure accuracy
    • Prevents spam and vendor pitches
    • Expecting 5,000+ listings by end of year

    The actual numbers (25:54 - 27:44)

    • Conservative estimate: 7,000-10,000+ InfoSec events annually worldwide
    • InfoSecMap has close to 5,000 events for 2024 alone

    Automation and AI exploration (27:44 - 30:50)

    • Exploring AI for curation automation with mixed results
    • Higher priority: making platform self-sustainable long-term

    Future vision and new features (33:14 - 37:00)

    Key quotes

    "I simply got tired of wasting a lot of time searching online... spending a lot of time and finding only a handful of events and still missing a lot." - Walter Martín Villalba

    "The InfoSec community is very special in regards to certain aspects. It's very welcoming. There's a ton of knowledge sharing. There are a lot of people willing to give you a hand, not expecting anything in return." - Walter Martín Villalba

    "It doesn't really matter how big or small the event is. If it's a legit InfoSec event, we'll list it, even if it is five friends getting together every other Friday to try to do some Hack The Box machines." - Walter Martín Villalba

    Helpful links

    • InfoSecMap.com

    Production Credits

    • Co-hosts: Dave Johnson
    • Producer: Ben Baker
    • Sponsor: Expel MDR

    Connect

    • Follow Expel (follow us on LinkedIn, X, and YouTube)
    • Rate and review on your favorite podcast platform

    The Job Security Podcast explores the unique perspectives and stories of the people who make the cybersecurity industry what it is, whether they realize it or not.

    Show More Show Less
    38 mins
No reviews yet