Tag Archives: education

#FirstMonday Pre-Professional – Finding your Way

Published by:

Apologies for being a week late.  The dog ate my cyber 🙂

Pre-Professional: any individual who has not yet (and never has) obtained a position working in the cybersecurity field. This may include anyone who has interest in working in this area with or without formal training and education in the field. Examples of individuals and or situations who may be part of this phase are: individuals who are switching careers (former military, IT, retail, law enforcement, etc.) and students (high school or university).

Last month, I told you a little of my story in the Pre-Professional level of the Cybersecurity Career Lifecycle (CSCL).  Take the time while at this level to be a sponge.  Learn as much as you can, from as many sources as you can.  Both ISSA International and your Local Chapter have numerous learning opportunities, take advantage of them.  A good one that ISSA International offers are the CSCL Pre-Professional Virtual Meet-Ups.  I’m now going to brag about my Chapter.

We offer an annual CISSP review course.  The CISSP is by no means a Pre-Professional certification.  However, just taking the course can lead you down your path.  I would like to call out our Chapter Leadership for finding great subject-matter experts to mentor the course.  Understanding the real-world application of each domain is invaluable.

Another great place to learn is from Chapter meetings.  I remember a meeting we had that didn’t really interest me, based on the topic.  Even after the meeting, the topic still wasn’t high on my list of things to learn about.  However, the speaker that day did a tremendous job of walking us through the process she used to determine the best solution for her workplace.  That was my great take away from the meeting.  One day, along my CSCL, I might be tasked with determining the best solution to a pressing need.  I’ll be glad that I will have had the experience of listening to the story of how she went about doing it.

To conclude, use this time to become a Jack (or Jill)-of-all-trades.  As you will read in the coming months; the more you progress through the CSCL, the more specialized your work will become.  Next month, we step up to the Entry Level.  See you there!

https://www.issa.org/?page=CSCL

#FirstMonday Pre-Professional

Published by:

Pre-Professional: any individual who has not yet (and never has) obtained a position working in the cybersecurity field. This may include anyone who has interest in working in this area with or without formal training and education in the field. Examples of individuals and or situations who may be part of this phase are: individuals who are switching careers (former military, IT, retail, law enforcement, etc.) and students (high school or university).”

I was there once.  And this stage can be very difficult.  I remember attending my first Defcon conference and just being blown away at how smart everyone was.  I thought, maybe information security wasn’t for me.  Then I was given some great advice by someone I met, “Stop comparing my behind-the-scenes to others highlight reels.”  This changed everything.  Realizing that no one was born with the knowledge, and that they all had to work and put in time really put me on the right path.

I fit into both of the last categories from the Pre-Professional definition; I was looking to switch careers and I was a student.  I was working as a bartender, but I decided to switch my major to Information Systems and begin studying for some of the entry-level certifications.  By the time I finished my bachelors, I already had 2 CompTIA certs under my belt.  This is when I found the Las Vegas ISSA Chapter.  It was time to find out which part of the cybersecurity field I was best suited for.  By attending meetings, I was exposed to different facets of the industry.  I finally found one sector that really interested me.  I was introduced to it by a Speaker at one of the meetings.  I eventually got my first job in the industry with his company.  It was a great experience.

In conclusion, just remember that whomever you look up into in the industry paid their dues and earned their stripes just like you are trying to do right now.  Don’t be discouraged, keep moving forward.  One day, you’ll have a highlight reel of your own.

https://www.issa.org/?page=CSCL

#FirstMonday CyberSecurity Career Lifecycle Levels

Published by:

Welcome to our second installment of FirstMonday.  ISSA International has done a great job of creating levels within the CyberSecurity Career Lifecycle (CSCL) that are very easy to understand.  Below are the levels as explained by ISSA International:

Pre-Professional: any individual who has not yet (and never has) obtained a position working in the cybersecurity field. This may include anyone who has interest in working in this area with or without formal training and education in the field. Examples of individuals and or situations who may be part of this phase are: individuals who are switching careers (former military, IT, retail, law enforcement, etc.) and students (high school or university).

Entry Level: An individual who has yet to master general cybersecurity methodologies/principles. Individuals in this phase of the lifecycle may have job titles such as; associate cybersecurity analyst, associate network security analyst, and cybersecurity risk analyst for example.

Mid-Career: An individual who has mastered general of security methodologies/principles and have determined their area of focus or specialty. Individuals in this phase of the lifecycle may have job titles such as; network security analyst, cybersecurity forensics analyst, application security engineer, network security engineer. Individuals who are nearing the “senior level”, may begin to hold job titles such as senior network security engineer, senior cybersecurity analyst for example.

Senior Level: An individual who has extensive experience in cybersecurity and has been in the profession for 10+ years. These individuals have job titles such as senior cybersecurity risk analysis, principal application security engineer, director of cybersecurity, etc.

Security Leader: An individual who has extensive security experience, ability to direct and integrate security into an organization. These individuals have job titles such as Chief Information Security Officer, Chief Cybersecurity Architect, etc. After extensive periods of leadership – some become recognized industry leaders.

Now, what does this mean to us in Las Vegas?  First off, Pre-Professional and Entry Level often overlap.  Many have gotten that first job while still in school.  Another thing to consider is the fact that a person may have to move to many different companies throughout their CSCL.  Once a person reaches a certain level, there are only so many C-suite jobs within any given company.  In addition, Cybersecurity is not a static world.  The people that work at each of these levels must continue to educate themselves.  This is where local chapters really help.  No matter what level you are at, you can always learn something.

Next month, we will dive into more of what a Pre-Professional looks like.  As we go into each of the levels, there will be more real world examples of what that level actually looks like.  Thank you.

https://www.issa.org/?page=CSCL