Episode Summary

Little does the Information Security community know, but among us are experts at OSINT. They lurk behind friendly faces, waiting to be asked questions. They are librarians!

Episode Notes

Tracy Maleeff (@InfosecSherpa) was a professional law Librarian and at the top of her game. Looking for change and meaning, she searched until she found the field of Information Security. This is her journey.


Tracy Z. Maleeff (/may-leaf/), @InfoSecSherpa, is an independent information professional providing research and social media consulting, with a focus on information security. She is a frequent presenter about best practices of data mining from social media, professional networking, and introduction to information security topics. Tracy has 15 years of experience as a librarian in academia, corporate, and law firm industries and earned a Master of Library and Information Science from the University of Pittsburgh. She is the Principal of Sherpa Intelligence LLC – your guide up a mountain of information.


  • There is a condition called "Librarian Face"

  • Librarians, who Master's Degree in Library Science, are taught to be approachable

  • Was never a public librarian, worked in "special" libraries. This made her really good at finding and accessing data.

  • Tracy shares some social engineering tricks she did earlier in her life.

  • Didn't grow up with computers around her.

  • Advice: "Know yourself"


  • "If you are out in public… people are likely to come ask you questions because you look like you know things."

  • "I did fail, but I did not fail as badly as I thought I would!"

  • "I don't regret the path that I took."

  • "For someone like me who does come from a technical background... having the certifications is what people want to see."

  • "They need to see some receipt!"

  • "Even if it turned out to be nothing, don't be afraid to speak up."

  • "I don't think I realized it was social engineering, I just knew it was something that I wanted."

  • "Managed to talk my way not only on the plane, but also into business first."

  • "They had me at port scanning."



Getting Into Infosec:

Twitter: https://twitter.com/coffeewithayman

YouTube: https://www.youtube.com/channel/UCg6gV_gdfc188HZdN8LUx4A

Book: https://www.amazon.com/Breaking-Step-Step-Starting-Information-ebook/dp/B07N15GTPC/

About the Show

Entertaining stories of how others got into Information Security (aka cybsersecurity), their experiences, lessons learned, and advice about getting in.


Listen for an "Easter Egg" in each show!

If you're looking to break into infosec, I wrote a little guide! Check it out:

“I purchased the kindle book last night and just finished it. It was a great “mini-mentoring” session, and I felt encouraged to persevere. I plan to listen to the podcasts regularly. As a woman getting into InfoSec, I feel as though I have been alone my entire life, learning and self-teaching with no real guidance or mentorship.”

If you benefited from an episode, please take a moment to thank our guests for taking the time and sharing their story.