National Cyber Security Awareness Month – Week 2

In 2014, I joined an Application Security vendor, and this would be what our team still refers to as The Glory Days. We had a stellar team, and made friendships that will last a lifetime. One of those individuals that I admire the most, isWendy Zenone. I’m probably her biggest fan girl. So, when I heard that week two of National Cyber Security Awareness Month (NCSAM) was about educating for a career in cybersecurity, I immediately thought of her. I’d love to share her journey because I am so proud of her for pivoting her career and knowing what she wanted. I always say that she is my spirit animal (alongside Joanna Gaines LOL).

To our team during the glory days, she brought the best jokes, amazing presentations tailored to our CMO’s passion of naval engineering, and goodness was she freaking smart. As we started to talk more and more, she opened up about her desire to go back to school and learn how to code. When I heard, I was so shocked, and frankly exhausted just by hearing all that would be required of her in the next year. She applied for scholarships that enabled women in security, and was awarded the Intel scholarship for mothers who want the opportunity to return to school and renter the tech world.

So, she set off to San Francisco and attended Hackbright Academy, an engineering school for women that boasts a number of more than 800 graduates that span some big name companies like Google, Netflix, etc. This was only the beginning for her and probably the most demanding 12 months. I remember our conversations during that time and she would tell me how this was testing her will to be an engineer. But, she excelled, graduated and landed a pretty sweet job post graduation. She is an advocate for security, women in security, and most of all a really cool lady that can teach us all a ton. We need more people in the industry like her.

Ladies and gents, please send some love to this wonderful lady and her incredible journey! Below are some questions that I asked her in hopes to share her responses for anyone looking for some inspiration and insight on starting a new path.

Wendy aka @ZenOneSec

What was your career path?

I didn’t know my specific path for a bit. I wanted to find a position in Information Security but did not have enough experience to call out what area exactly.

Where did your interest in security grow from?

My husband Steve has been a Information Security professional for more than 20 years. We had many conversations about what he worked on that seemed like a mix of magic and extreme skill. Security was a new world for me. I didn’t have the technical skills or knowledge yet, so I started to read books. Steve suggested I start by reading books about social engineering and of course books byKevin Mitnick. This helped fuel the fire. I spent time talking to people at work, especiallyJeremiah Grossmanabout my interest in a more technical role in Security. He was encouraging and has been a huge advocate of mine ever since. He said learning to code is like learning magic. So dang true! I have had amazing support from many people which helps a lot.

What have you found to be the most difficult in changing career paths?

The most difficult part in changing career paths has been learning so many things that were new. Tech is complex, and security adds another layer of complexity. You have to learn to think both offensively and defensively. I still have a ton to learn which is also very exciting. I am never bored! Also learning to ask questions when you don’t understand was hard. It’s hard to be vulnerable and show that you don’t know everything. But that also is empowering once you start asking. I mean, nobody knows ALL the acronyms! Haha…you should ask if you don’t know.

What gets you excited about what you do?

I like adding to my skill set. It keeps me relevant and keeps me valuable to my employer and future employers.

What are your favorite security conferences to attend?

I don’t attend as many conferences as I would like. I seem to attend more trainings. I loved the Python Zero to Hero course that was given at Black Hat and will be offered at AppSec USA. It was great for beginners and focused on how to code for security reasons. I am going to @Security this month. It will be a small and intimate conference that does have a focus on big bounty programs. Booting up and managing bug bounty programs is something I truly enjoy, so I am looking forward to this conference.

If you could give future folks looking to change careers advice, what would you share?

I would say if you have any desire to change, just do it. Have faith that it will all work out. Time is going to pass anyway and you may as well use it to your advantage instead of looking back and what could have been. If you truly can’t quit your job, look for night or online boot camps. Get out there and network yourself. My last few jobs I landed were via my network and not a job board. Also, never give up. You won’t be Mr. Robot after 12 weeks so don’t expect it. Always push forward and keep learning. Oh and stay humble!