How I Went from Climbing Cable Poles to High-End Threat Hunting
My path to cybersecurity wasn’t a linear one. My first real job was installing DSL (digital subscriber lines) for phone companies. I was climbing poles, pulling cables and that sort of thing. Installing high-speed internet is what led me to IT, because customers would ask questions like “How do I do this on more than one computer?” or “What’s a network?” or “What’s Wi-Fi?” To answer their questions, I started digging in deeper and got turned onto the IT side of the business.
Eventually, I started doing junior admin work and worked my way up through the ranks at different companies before ending up in the role of IT director. I was hired to help a company owner transition from a break/fix retail shop into a managed services offering for businesses. I was responsible for developing and maturing the services offering, establishing technology partnerships, and improving the end user experience – while also delivering the services, too. I had no idea at the time that this opportunity would end up spurring my career in cybersecurity.
Getting further under the hood with DevOps, security and cloud
As I became more responsible for service offerings and environments at that company, I started looking at all of the things that were going on in the industry. The three big things that stood out to me at the time were DevOps, security and cloud. The owner was really gung-ho about the cloud, but it seemed to me that we should be focusing more on securing these environments before putting all of our customers’ stuff in the cloud. And that jumpstarted my interest in security.
Once I got bit by the cybersecurity bug, I really dove in and started reading everything I could find. I started getting certifications and education in cybersecurity. The more I learned, the more interested I became – it resonated and felt like “This is how my mind works.”
Now, of course I’m not a criminal, but I’m very good at finding loopholes and developing ways to exploit them. It’s important to understand how things can be broken and infiltrated. It’s not criminal if it’s ethical – I’ve got a white hat. But if somebody can build it, somebody can break it; that’s how I look at things.
Security felt like my calling. It requires being able to think outside the box. And you’ve got to keep learning and adapt. You can’t just confine yourself to what’s the norm, what’s the standard, because as we know, the industry evolves every day and you have to be able to keep up with it.
Transitioning to security
At first when I started interviewing for security jobs, there was a tendency to push me towards pre-sales and consulting. That wasn’t what I wanted. I wanted to be technical and hands-on. I wanted to deploy things. But I did end up in pre-sales for a while, which helped me understand the other side of the sales cycle.
Eventually, a recruiter contacted me and told me I would be a great fit for eSentire, a managed detection and response (MDR) company. I didn’t even know what that was. I normally ignore recruiters, but I was intrigued by this opportunity so I continued to explore. The more I read up on MDR, the more I realized that this is where the industry’s going. I thought, “Holy cow – this is what I’m missing.” I don’t like to do what everybody is doing right now; I like to do what everybody is going to be doing in the future. eSentire’s MDR approach really interested me – it was exciting then, and I’m still excited.
A world of possibilities
Cybersecurity is a deep and multifaceted field with all sorts of opportunities and ways to get involved. It’s exciting to see the push to bring more women into the field, and I help with mentoring and attend meet-ups as my busy schedule allows. If you have a real interest, it doesn’t matter where you start from. I started out installing cable! There’s never been a better time to jump into this field; the need is huge, and there will be plenty of people and programs to help you along your own particular path.
Published by Cybersecurity Insiders