My Journey Into Cyber Security (part 3)

I am publishing part three of my journey to get into a cyber security career. A lot has happened since I wrote part two back in August and I'm excited to share it all.

I'll start out first by talking about my certifications. I ended up passing both Core 1 and Core 2 of CompTIA's A+ exam in the end of August, making me one step closer to achieving the CompTIA trifecta - thought to be the best "bang for buck" in terms of showcasing knowledge and skills for entry-level positions. I found the material for the 1100 series much easier to digest than the older 1000 series that I briefly looked over back in February this year. The 1100 series that I studied for had introduced Active Directory on the exams, and thanks to my home lab setup and watching the PNPT Live series (which was canceled short), I ended up already having some great knowledge that helped fast-track my studying. Moving along with CompTIA, I also passed my Security+ exam in mid-late September as well, officially granting me the title of CompTIA Secure Infrastructure Specialist, along with achieving the goal of obtaining "the trifecta" before the end of the year. I felt that the 600 series of the Security+ exam had a much wider breadth of material compared to the A+ exams. I originally planned 14 days to study for this, but for the first time ever, I was feeling anxious about taking the exam after about one week of studying. I felt that there was so much content that I had to study and understand, and I didn't want to rush and run the risk of failing. So I ended up pushing the exam date back a week which ended up being the right call.

Now to move onto my progress in college. Passing each Core exam for the A+ and the Security+ exams meant that I completed another course. In addition, I also completed my Web Development Foundations course along with my Scripting and Programming Foundations course in October. My program mentor and I have a very good working relationship, where we talk every two weeks about my progress and what my goals and next steps are. I have tried to work it out where I'm spending an average of two weeks per course in addition to reading and watching my own supplemental material. She has been a great ambassador for me and has been rooting for me and cheering me on. When we last talked on Monday I told her that I feel like I'm slowing down a bit - she laughed and said, "I don't believe you." I have been very diligent in studying the course concepts for my Database Management courses and really understanding databases on a more technical level. However, the material is very dry and I have been busier than ever with all of my other activities that I'm participating in.

Along the lines of school, I have joined the WGU Cybersecurity Club as both a member and a volunteer to aid in posting events and encouragement on LinkedIn. The WGU Cybersecurity Club has become one of my main Discord channels where I get to interact with other students and alumni who share the interests of ethical practices in the cyber realm.

In addition to this organization, I have also been accepted into (ISC)2 as a full member due to receiving my Certified in Cybersecurity certification and paying my membership dues. I have joined the New Jersey chapter, where I hope to network and attend more events once my schedule clears up a bit. Also, I was accepted into the InfraGard program, which is a partnership between the private sector and the FBI as it relates to protecting critical infrastructure. The program has been amazing for keeping up to date with news in the realms of cyber security, homeland security, and law enforcement.

Speaking of law enforcement, I want to talk for a brief moment about my background. Ever since I was a child, I always aspired to become a law enforcement officer. Almost all of my previous jobs were in the same realm as law enforcement and public safety, which I thought was a good stepping stone to achieving the goal of becoming an officer. I had also spent four years working as a Public Safety Telecommunicator handling emergencies in the City of Long Branch and looking out for my officers, hoping to eventually make a transition to a full-time police officer. Among other reasons that I will not get into here, my passion for cyber security grew, and I knew that I had to transition into the IT world to get some more hands-on experience....and that I did. After a few unprofessional interviews (canceled 15 minutes before, not reading my resume, etc.), I had interviewed with ASC Technologies for a systems engineer position. The interview was amazing - I was asked technical questions based on my resume, my LinkedIn, and my projects that I posted on GitHub! Everything was very professional and I felt proud that somebody had finally decided to look at everything I was doing in order to transition into this field. The past three weeks at ASC has been great, and I'm working with a very diverse team that is helping me to pick up on the software solutions very quickly.

Although I've been busy, much of my free time has still been spent following the learning paths on LinkedIn Learning, Udemy, and elsewhere in order to supplement my college courses. In the past two and a half months, I have earned certificates of completion for over 100 hours worth of continuing education, with more courses lined up in the future. One of the courses I took related to Python for ethical hacking. In this course, I learned of some important libraries to use in my scripts and how to implement them to create my own tools, such as hashkitty (see here: https://github.com/Ryan-Sapone/hashkitty).

The National Cyber League is a performance-based, national, cyber security competition that hosts games every Spring and Fall season. I partook in my first ever competition for the individual games, where you are scored on completion and accuracy for nine different categories: Open Source Intelligence, Cryptography, Password Cracking, Log Analysis, Network Traffic Analysis, Forensics, Scanning & Reconnaissance, Web Application Exploitation, and Enumeration & Exploitation. For the individual competition, you are not allowed to seek help or work with anybody on these challenges. Some of the challenges were very difficult, however I achieved a rank of 205 out of 6665 total players! I ended up scoring 1945 points out of a total 3000. Not bad for my first competition I'd say! I am participating in the team games this weekend as well, where I will be leading a team of six of my fellow WGU Cybersecurity Club members. Very much looking forward to seeing how all of our skills can compliment each other.

For now, that's my update on how my journey is going. I feel like I've made very solid progress since my last update, and it seems like my hard work is starting to pay off. I'm excited for what the future holds for me and where I can set my sights!