ciphermancy

December 8, 2024

Hello, everyone. I am starting this blog to document my journey through cybersecurity. Three months ago, I started my first job in the field, and I’ve been enjoying it. I have though struggled with imposter syndrome. There’s so much to catch up on and little time to do it in. I have found a moderate amount of early success offering myself up for projects that I have no experience in.

An example of this is a project for tracking trucks via GPS coordinates. My boss approached with the challenge. Something he knew would be difficult, but he believed I could do it. Ultimately, he was right. I learned a lot with that project, gained credibility within the team, and delivered a high visibility product to upper management.

This project had little to do with my development as a security engineer, but at this point I reckon the project will pay dividends in the long run. I learned new tech (to me), worked around the limitations of our specific network, and was able to build my personal relationships with my team.

At this point in the blog’s history, I would like to give you all more of a foundation of who I am to give future posts more context. I am in my early 30s and for the last ten years I was in the military working on nuclear reactors. I grew up lower middle class, so the military was kind of my only option because I really had no idea what I wanted to be when I grew up coming out of high school. Long story short, I got my degree in nuclear engineering because it took the least amount of time and chose to transition to cybersecurity. When I got out, I went to work for a very “prestigious” engineering company as a technician as I thought it would serve as a good springboard to something else.

When I got established, I started e-mailing security professionals around the company to ask for mentorship. This obviously was the least optimal way to go about things, but one of them actually replied and we set up a meeting. At this meeting, he advised me to look into the SANS undergrad certification program. I applied, got accepted, and started at SANS. Within 10 months, I had GFACT, GSEC, and GCIH. This pacing was not necessary, but I felt I could handle it and did. Also, I had the GI Bill so I accrued no debt to take on this program. This is obviously a huge advantage. I talked to my manager and I started doing some light cybersecurity work.

In the spring, I was laid off from my springboard job. At the time, this seemed horrible. Ultimately, it was the best case scenario for me. It forced me to look for new jobs and I got a generous severance. The big question was whether I had gathered enough experience for a cyber job. I used all four months of that severance, but I landed at my present job as a security engineer. The reason I did was a combination of luck, my documented work ethic, and my extreme willingness to learn as much as possible. What isn’t talked about though when it comes to interviews though is communication ability. I have strong people skills that I have worked really hard to develop. If you wish to overcome the same uphill climb, you will need to develop all of those skills.

In today’s day and age, you can’t get away with just being technically competent. In a job hunt you need to convince people that you’re their ideal candidate. You need to trick the AI resume genies to even get time with a human. And finally, you need to be lucky, and that involves stacking the odds in your favor as much as possible by working hard, collecting evidence of your excellence, and going out of your comfort zone.

The rest of this blog will be more of me blogging about technical stuff with a lot less personal info and inspirational stuff. Hopefully we can learn and improve together.