A couple weeks ago, I attended the annual New Horizons International Conference, where I discussed essential changes in the cybersecurity landscape over the past few years. For example, I talked about how penetration testing and security analytics have changed quite a bit. I also covered the importance of practical red team and blue team testing in cybersecurity. It was terrific meeting with hundreds of the New Horizons folks, because they are one of our many delivery partners that teach to our certification standards.
While there, I had dinner with a few of the New Horizons leaders, including the incoming CEO, Mikell Parsch. While talking with her, I let it slip that I once got a Ph.D. in English. Yes, English. Who knew, eh?
She had seen me speak about cybersecurity and asked me how the heck I learned so much about cybersecurity when my formal training was in William Blake, British romanticism and literary theory. Yep – let me tell you, before I got into IT and cybersecurity, I was on a pathway to make hundreds of dollars a year with that background!
I made a couple of jokes about how I had taken the wrong path by getting a bachelor’s degree in English and then figured, well, why not go all the way down the wrong path to a Ph.D. That was my way of keeping the story short, which is always a good idea when you’re around CEO types. But I digress.
However, you may not be a CEO. If our research is anywhere near accurate, you may be a career changer, like I was. If so, then let me tell you my whole cybersecurity career path story.
My Career Change From Academia to IT
Back in the late 1990s, I had two-and-three-quarter kids and realized I needed to bolster my income for our growing family.
I didn’t need more jobs: I had four already. Yes, four. I was a lecturer at the University of California (UC), Riverside, adjunct professor at Moreno Valley College, assistant lecturer at University of Redlands and adjunct professor at Crafton Hills College.
You know, when I think about it, I had more than four jobs. I did a bunch of publishing work, too, for research magazines and study aids, like CliffsNotes. I even did some outreach work from UC Riverside to help students pass what was then called the Subject A exam – now called the Entry Level Writing Requirement.
How I Got Into IT
I was a busy guy. But, I decided it was time to change careers and get back into the tech scene. So, I did some research – something I’m pretty good at – about how to get into IT and got a couple of tech jobs. First, I got a job as a technical editor. The first month I worked as a technical editor, I got paid more than I did in six months as an adjunct professor.
But I decided that wasn’t enough. I didn’t want to just write about stuff and do research about other people’s activities. I wanted to do it myself. So, I started down a new career pathway: That of the IT and networking professional.
I began by getting some education. First, I did some on my own. I started taking apart PCs. I also started buying tons of books about the subject. Back then, the internet certainly existed, but it was still in its infancy. So, I bought lots of paper to learn about how all those bits and bytes work on the network. Ironic, isn’t it? Things certainly have changed.
I also took a bunch of courses – some were Microsoft Certified Solutions Expert (MCSE), but some were CompTIA. I took CompTIA A+, CompTIA Network+ and CompTIA Security+ courses and exams to get certified. Then, I learned about Linux. These were and still are the big courses in a person’s cybersecurity education. But the biggest thing that helped me was learning about networking.
No, I’m really not talking about all of the Linux and TCP/IP courses that I took. I’m talking about how I began to network with IT professionals. I took the time to take a few out to lunch. I asked lots of (what I thought) were silly, inane questions.
Then, a strange thing happened: All of these IT professionals started inviting me to help them with little projects. They invited me to walk into the server room with them and take a look at some of the things that they were doing. These folks became mentors. It was really cool. I started by doing “grunt work” for them, such as carting over PCs or servers or even putting a network card into a system. The jobs started small, but then they got bigger.
From Apprentice to IT Pro
After a while, something even more strange happened: every once in a while, I would get a phone call from these mentors. They’d ask me, “Hey, James, I’m thinking about creating a new subnet to help with network traffic. Do you think I should try a [virtual local area network] (VLAN) in a couple of new places?”
Others would call and ask, “Hey, James, you mentioned the other day about how to configure a [multi-purpose internet mail extension] (MIME) mapping on a web server. How did that work again?”
I remember one mentor calling me and asking, “Hey, James – I forgot one of the firewall rules that we created – could you send that over to me again?”
Later on, he confessed something to me. He hadn’t forgotten the rule at all; he couldn’t figure out how to do it and knew that I could. I have to say, this made me feel good. That “something strange” was that these mentors of mine were turning into peers. They were asking me for ideas and advice. It was really groovy.
Turning a Side Gig Into a Full-tme Job
Then, something even more groovy happened. I started getting consulting gigs, on top of my day jobs that I already had. I loved doing these gigs. They kept my knowledge current. They also helped pay for the now four – count ‘em, four – kids that my wife and I had. It took me a long time to get these types of gigs. But, looking back, it all began by doing small, little things.
What were those small steps to changing my career?
- I started connecting with a group of IT peers. This group was very informal. Many of them always saw me – and likely still do – as the “new guy,” who needed to learn a lot more. But they always gave me their time.
- I got really curious about things and never was afraid to learn about them. Get that innate sense of curiosity.
- I got trained, and I got certified.
But I’m confident that one of the main things that helped me along the way in my technical path was that I connected a lot with folks. Sometimes, that meant I did work for free. Other times, I helped them write network diagrams and write up reports for their bosses.
Yes, it was hard work. But it was never thankless: With their help along my cybersecurity pathway, I was able to make the transition from a college English professor to an IT professional. Through sheer persistence and a lot of trial and error, I’ve been able to do some pretty interesting things with IT pros all around the world.
How Can You Get Into IT?
It occurred to me that with all of this talk about the need for properly trained, skilled cybersecurity workers, it was important to take a step back and take a look at essential troubleshooting and configuration skills.
If you’ve already started that transition, then check out my previous Office Hours session, where I discussed the hacker lifecycle and mapped common applications to it, including Network Mapper (Nmap) and Maltego. I’ve been thinking about the types of skills and approaches that career changers need to do, such as learning important cloud skills.
Why are we focusing on networking skills right now? Because over the past year or so, chief information officers, chief information security officers, military network operators and network administrators around the world have told us that they have been asked to create resilient networks. They need to set them up in record time. But they are all having a hard time finding people with the requisite skills to create these networks. So, I’m hoping you’ll continue on your IT career path, and I especially hope that we can act as guides to you along the way.
Are you ready for a career change? Take our quiz to find out.