For my first blog post, I thought that I should tell my story. I was born in San Antonio, wait, too far back, let’s try again! Here is my cybersecurity journey:
After graduating from college in Texas with a BBA in Computer Information Systems, I supported, consulted, and trained on Windows and IBM hardware and software, as a Microsoft Certified Systems Engineer, Microsoft Certified Trainer, and IBM Certified Trainer. I worked at a support partner for Microsoft during the launch of Windows 95 as the training technical lead, scheduling, overseeing, and delivering training for all new employees. While working on the Windows 95 project, I learned about networking and hardware, areas that I believed I was not strong in. In addition to teaching Windows Server and Workstation, I taught and supported Microsoft Systems Management Server, IBM Tivoli Storage Manager, IBM Tivoli LDAP server, IBM Identity Management, and optimizing IBM hardware on Windows. As a Microsoft Certified Systems Engineer (MCSE) on Windows NT 4, I qualified for and completed the accelerated upgrade exam for the Windows 2000 MCSE, as soon as the exam was released in August of 2000.
When my family relocated to Seattle, I quit work to be at home with my son who is on the Autism spectrum. I volunteered at his school, serving as PTA president three times and received the Golden Acorn Award for service, and eventually working at the local elementary school as a special education paraeducator. Once my son started college, I tried to re-enter IT, but quickly found out that companies discounted candidates without current experience. So, I did something else that I enjoyed – office work. I worked temporary and permanent positions for a variety of companies including an aerospace machine shop, a city government office, and eventually became the office manager of an HR services company. Everywhere I went, I brought my technical skills and experience with me, using those skills to improve efficiency and accuracy by automating manual processes whenever I could.
I have been interested in security since my teaching days. Conversations about password policies, access to files, and administrative rights were among my favorites. I loved teaching about Group Policy in Windows – what a great tool! With data breaches and privacy issues in the news regularly, my family’s dinner time conversation frequently shifts to security topics including password requirements on various sites, which sites are “safe” and which are not, how companies respond (well or poorly) to security incidents and breaches, which companies protect users’ privacy, and any other security news we learn about that day. Last year while visiting the Diana Initiative on vacation in Las Vegas, I found out about the SANS Women’s Immersion Academy and applied. I completed the assessment and discovered that I remembered a lot more about networking and Windows than I realized and that much of my previous knowledge and experience was still relevant. I completed the application process with a resume, transcripts, and an interview. To my great surprise, I was accepted and began training in March. I have studied security essentials and incident handling and earned a GSEC and a GCIH certification. I am currently working on a certification in Windows forensic analysis (GCFE). I have learned a great deal more than just headers and hacker tools in these classes – I learned that I am skilled in networking and most other aspects of cyber security. I scored high enough on both exams to earn a place on the GIAC Advisory Board.
After completing the Women’s Immersion Academy and certification, I would like to begin my cybersecurity career in a Security Operations Center (SOC), working on an incident handling team. I believe that my history and experience working on Windows from the 3.1 days will be valuable to a team. As I begin my cyber security career, I look forward to improving my skills in Linux, Cloud security, and PowerShell. Eventually, I would like to lead an incident handling team or a red team at a consulting company.
This is a great time to be a woman in cyber security and I am excited to continue enjoying and building the community of women in cyber security for many years to come.