Carnegie Mellon University

Why INI Gives You an Edge: A Talk with Rotem Guttman

January 10, 2023

Why INI Gives You an Edge: A Talk with Rotem Guttman

INI Communications Team

Rotem Guttman ’12 is an engineer at the Software Engineering Institute’s CERT Division and a faculty member for the INI’s Cyber Forensics and Incident Response certificate track. He recently redesigned the curriculum of the CyFIR capstone to immerse students into a realistic scenario in which students conduct a forensic investigation over the course of the semester and present their cases during mock hearings. The new course earned him the CMU Andy Award for Creative Innovations. He is an alumnus of the INI and the Scholarship for Service program.

INI: Can you articulate what you believe makes a strong INI applicant? What types of things are notable within an application?

Rotem Guttman: If you want me to take your application to the committee and fight for you to get accepted into CMU, you only need to show me a few things: your technical skills, your interest in the INI, and how you’d like to make an impact.

First, show me that you are technically capable. Convince me of your capabilities in a way that I can verify, show me your repo or grades in a challenging CS course. Go to a competition, and then go post your solutions. Link the blog post, so I can see how you worked through a problem.

Second criteria: Prove to me that you want to be here in our programs, not just at CMU. Show me in your application that you understand how your goals align with what we're doing here.

If you just want a job that pays a lot of money, there are plenty of ways to get there. Show me that you actually care about systems, or you actually care about security. Show me that this is something you’re legitimately interested in.

And now, here's the third one. Show me why it's good for the world that you get a degree here. Because I’m not overstating it when I say that the skills and capabilities that you’re going to pick up at the Information Networking Institute are going to be able to change the world in a very substantive way.


And so, I want to make sure that the admitted students are the ones that are going to change the world for the better.

INI: How are students prepared for careers in cybersecurity

Rotem:  With the way the degrees are structured, the INI gives you a broad foundation on which to build your knowledge, while diving really deep on focused areas that apply to the field that you want to pursue.

You really get this foundation on which you can build, no matter what you end up doing.

… What you learn through your degree probably is not directly going to be applicable after a decade into your career. But, your degree will give you the foundation for what you will be doing in a decade. You will have a good, strong basis for it.

The connections that you will make here are invaluable to getting your career off to a good start. The people that you are going to get to know are going to be everywhere in the field within a couple of years. These are, I promise you, going to be some of the most successful and influential people in our industries for the next decades to come.

I have connections from my time at the INI, myself. Not just in government but in industry, too. You're looking for people in startups? In a particular industry? Guess what, there are people from the INI.

It's not just the things that you learn. It's the people that you get to know.

And there’s an amazing Career Services group that we have at the INI that’s going to allow you to make those connections. They're the ones that, you know, have been here for years, know the employers, know the recruiters.

INI: Could you talk a little bit about the skills and competencies that students gain at the INI, for example, through the CyFIR courses?

Rotem: When you're out of school and looking at your next steps, the degree at the INI is not the end goal.  It is an achievement that will open a lot of doors for you, and for the rest of your career.

The certificate is a way to further differentiate yourself. When an employer is looking to fill a position where they are only hiring the best of the best already—they’re going to come to Carnegie Mellon. They’re going to recruit specifically from the INI. But when you're competing down to the last three candidates who are going to fill that role, the certificate is going to set you a part.

[The employer] might not be familiar with the details of your courses, but they see, ‘Okay, this candidate has a certificate from [The CERT Division], the most notable name in incident response.’ Every organization’s individual in-house emergency response team is their CERT team, named after us. So, when [the CERT Division is] saying, ‘This person is prepared to be a digital first responder, is able to handle running an investigation themselves, is able to handle triaging events or managing an incident,’ then the employer will understand that you’re somebody that can do the job.

Specifically, the way that I've designed my class is that – on Day One, if you show up at your new employer, and they have an incident – you're ready to go. You're prepared, and there's no panic.

The CyFIR track is going to get you to the point where you are experienced with actually conducting an investigation and actually managing an incident, so that when you're in that role you already have the experience needed for it, and not just the knowledge of concepts and tools.

INI: Do you have examples of those specific skills that people seek out to develop at CMU?

Rotem: It's hard to give an answer to that specifically because of the flexibility of our degree programs.

One student might be developing natural language systems that allow you to help naive users optimize their security posture on advanced systems. So, you're having a router configure itself based on talking to you, right, while another student might be deep in the weeds doing crypto work and doing protocol analysis, while a third one might be doing reverse engineering of malware, discovering 0-days in use in the wild.

I can't tell you what you're going to do, because you can do whatever is of interest to you.

That's why I love finding a student that has a passion project – a problem that they really care about – because I know that they will have a very easy time navigating the wide variety of options that you have as an INI student.

It can be daunting as a new student if you don't know what you want to study. You have many options. But if you come and say, ‘I really love home automation. I'd really like to do a deep dive on the security of that,’ then, great! You should go for the MSMITE program, and you could focus on electives that give you a really deep dive on home automation.

Another student may tell me, ‘I love cyber security competitions, and I have these rankings on CTF (capture the flag). I really want to join the Plaid Parliament.’ Great, go take Brumley's class. It really helps simplify your course choices when you have passion.

INI: Can you just share a little bit more about why you personally value the alumni network at CMU?

Rotem: The value is your classmates, your acquaintances, the professors that you get to know. They're not going to stay at CMU forever, even the faculty are going to spread all over the world.

I had a very good time overseas, personally, because a professor that I cultivated a relationship with had taken a position there. I got to go out, have lots of great food, and be shown around by a local.

At the same time, when I had a research problem where the customer was talking about the security of a particular protocol. Well, guess what? I happened to know the guy that wrote it.

Our graduates are being recruited from a pool of the best of the best. They are motivated individuals. They tend to rise to the top, and the organizations that recruit know this. That's why they come to our campus, based on the pedigree of CMU and the history of achievement by INI students.

It's on you to make the most of your time while you’re here. Go to GoINI events, join WINI. Get involved in events and show your face.

Do not just log in to Canvas, do your assignments, and attend the occasional lecture, and then call it a degree. You might be able to manage doing that, but you're losing so much value.

The people that you get to know here are going to end up spreading out throughout industry, academia, government, and the world, for that matter. It’s really the relationships you cultivate while you're here that are going to pay dividends for the rest of your career.