What a Real Professional Social Engineering Team Looks Like

If you’ve been following us, you probably remember when we introduced our ops team. Now we’re back with Part 2—meet the crew behind the work today.

We asked the team two simple questions we think reveal more than any title can:

- What first drew you to cybersecurity, and how long have you been in the field?
- What’s the most valuable or surprising thing you’ve learned from the industry so far?

You’ll hear from Rosa, Josten, Carter, Faith, and me… Shelby,—each of us bringing unique paths and perspectives (yes, everything from collections agent to ASL interpreter). Whether you’re just breaking into cybersecurity or leading your own team, we think you’ll find something here that resonates.
Let’s dive into the first question—and meet the team.

What Drew You to Cybersecurity, and How Long Have You Been in the Field?

Let’s kick things off with Rosa, whose interest in human behavior sparked a career she hadn’t initially expected.

I’ve always been fascinated by psychology and human behavior, so when I learned about how social engineering is used in the field of cybersecurity to protect not only corporations but individuals, I knew I wanted to be a part of it. After 5 years of being in the industry, I’m still learning! – Rosa Rowles

Next up is Josten, who shares a perspective a lot of folks outside the industry might relate to.

Before joining Social-Engineer, I didn’t have much experience in the cybersecurity world. I wasn’t particularly technical and had always assumed cybersecurity was all about code and firewalls. What truly drew me in, though, was the human element—how attackers often bypass technical defenses by exploiting human behavior and psychology. That realization sparked a passion in me. I’ve now been in the field for four years, and I absolutely love helping people understand these threats and empowering them to protect themselves from social engineering tactics. – Josten Peña

From fixing phones to engineering security engagements, Carter’s journey is all about curiosity and evolution.

Cybersecurity caught my interest when I was repairing phones and laptops. I like understanding how systems—and people—work. I started studying in 2021 and moved from hardware repair to security consulting and then into offensive security and social engineering. – Carter Zupancich

Puzzle-lovers will appreciate Faith’s story.

I’ve been studying cybersecurity since 2019 and have been in social engineering professionally for almost a year now. It helps me stay engaged because it is a little different every day. I was drawn to the industry because I have always liked puzzles. Every interaction of social engineering is different, and you have to figure it out as you go along. There are “rules” and similarities between these communications, but each one will be unique. – Faith Kent

And finally, I’ll share my own entry point—equal parts adrenaline and admiration.

I’ve been in this field for just over six years. What got me in were the red team stories—the adrenaline of delivering a pretext, sneaking past guards, and all the mistakes that teach you something every time. – Shelby Dacko

Now that you know how we got here, here’s what the job has taught us.

What’s the most valuable or surprising thing you’ve learned from the industry so far?

Rosa

One thing that I’ve learned is that while cybersecurity certainly involves technology, the human factor is just as crucial, if not more so. When employees are well trained and empowered, they become the strongest defense against cyber threats.

Josten

One of the most fascinating things I’ve learned is how cognitive biases influence our decision-making—especially when it comes to security. These mental shortcuts are something we all develop over time, and while they help us navigate the world quickly, they can also leave us vulnerable to manipulation. The great thing is that once we’re aware of these patterns, we can train ourselves to recognize and resist them. It’s a reminder that cybersecurity awareness doesn’t just make us safer at work—it sharpens our judgment in everyday life too.

Carter

Learning firsthand during social engineering engagements, I found that two basic levers, authority and likability (often delivered with strategic humor), elicit sensitive information faster than most can imagine.

Faith

I feel like I have really refined my research skills. Using OSINT on a more regular basis gives me the ability to scratch that itch of always finding new information and always learning. And every interaction I have allows me to build on my knowledge base for future interactions with other people.

Shelby

Learning about communication styles via the DiSC methodology has, not to be dramatic, changed my life. I have always been interested in communication and understanding it better has impacted my personal relationships in a positive way as well as my working ones. Knowing how someone prefers to communicate helps me adapt to their preferences more easily, and this helps me so much on vishing calls and onsite jobs. But not only there, it really helps me day-to-day in communicating with my husband, family, and friends. Of course, mistakes are made, but even then, having a better understanding of communication styles has helped me learn how to react and recover better than I could have before.

Different Paths, One Mission: Human-First Cybersecurity

There’s no single path to becoming a social engineer. We come from all kinds of backgrounds. What we have in common is curiosity, constant learning, and the drive to leave everyone we meet more secure than before.

If you want to get started in this field or level up, take a look at our Foundational Application of Social Engineering course. It’s a 4-day, hands-on class that gives you everything you need to understand the fundamentals and start applying them immediately.

Written by
Shelby Dacko