(January 1, 2022) - Journey from Software Engineer to Cyber Security Engineer In search of working with an advanced team in AppSec.
In November 2019, I started my training in Software Engineering as an immersive student at General Assembly in Denver, CO. ⛰️
I struggled during that whole cohort, I was at the bottom of my class and at one point so far behind that the school was going to 'let' me audit the course. I asked if I managed to get my grades back if I could still graduate and they took a chance on me. I passed with an 86 percent and presented my project for graduation. That was one of the toughest programs I had to overcome, but I let go of my last lifeline then cried a ton and finally buckled down. I had an amazing TA that helped me every day after class going over topics that I was not grasping. My teacher was an absolute Saint, answering so many of my questions. ⏲️
Not to mention a very special tablemate that buddy checked on me and pushed me not to give up, she is such a motivational person and I took a page out of her extremely impressive background.
I'm so thankful for all them as I continued my journey.
After completing SEI6 at General Assembly, I found myself seeking more education and needing to understand the Python scripts that were interpreted and wanting to know what and how to interpret them.
Then in March 2020 (two days before everything went remote due to Covid-19), I joined and completed my second immersive at Skill Distillery in South Denver and this time in Java 8. As the world navigated WFH and remote work, our instructors never gave up. Some of us students did give up and I wish them the best on their path. For those of us that continued through our immersive, we powered through.
The instructors at Skill Distillery in Greenwood Village, CO taught me the foundations of object oriented programming (OOP) that I was missing. I dove in deeper into a new passion and wanted to know how to break, create, and repair software code in Java and Python. After graduating that program I felt ready to join the ranks of software engineers. The road to getting my first role was paved with so many technical challenges that I began to get good at interviewing.
However, I wanted to land my first tech gig so I continued to interview and network. 🎯 That is the secret sauce, keep networking and programming. Stay open to doors that close, have a growth mindset to new opportunities.
In January of 2021, I ran into a person I looked up to in the technical field and that person asked me a valuable question that began to shape my cyber security road, "What's your passion?".
That question seemed interesting and little did I know that was going to guide me to not only become great at my passion, but feel challenged to make my passion part of my worklife. That person pointed me towards Kali Linux, then it was like my theme song was on full blast in the background. I was led to find bugs to programs that were written by the very companies I was interviewing at. Awakening confidence in me that I didn't know lay dormant.
I began finding bugs that seemed common and would be considered low risk, but my write ups would begin to improve. Submitting bugs and leading me down a path of using software programming security tools. These tools are not taught at my traditional univeristy nor the capture the flag events I was attending, instead these tools were introduced on Youtube by security researchers all over the world. I was hooked.
My passion led me training on topics that I was weak at and wanted to keep improving on, tools like:
-
CompTIA Network+ knowledge not certified yet
-
COMPTIA Security+ ce certification (course taught InfoSec partnership with VetsInTech)
-
IBM Cybersecurity Fundamentals
-
ITIL 4
-
Bluetooth and Radio Frequency
-
IoT
-
Continuing reviewing through SD26 documentation to improve my knowledge on Java 8
-
Automation with Python
-
JavaScript
-
JQuery
-
RegEx
-
SQL
-
Typescript
-
Bash
-
Shell
-
Capture the Flag events
-
Learn to calculate risk and document risk
-
Lightning talks
- ISO
- CSF
- CMMC
- NIST
- Great resource for GRC security tools available on Github: Provided by creator
arudjreisfor Governance, Risk, and Compliance
Helpful secure code training on GitHub resource by creator:
-
kelseyhigtowerNoCode
- Attending my first Cyber Security Conference, meeting so many women in this field and building lasting friendships. Becoming a Student volunteer with WiCyS (Women in Cyber Security) org, with a set goal to be a mentor for 2022 cohorts.
This 2022, I welcome the new year by learning GO and C# to improve my personal projects. I have set a should - to pass two certifications:
- EC-Council Certified Application Security Engineer certificate and becoming better informed at GRC standards.
- CISSP
To be continued.. 💾
If you have read this far into my journey, let's connect: Yettsy Jo !
- I want to learn from your journey, any advice or feedback is greatly appreciated.
- Go to My transition to AppSec page
- Go to My DAST training resources
- Go to my journey with Web App Injection Types resources
- Go to my journey with Cyber Security Domains
- thanks!