- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Mentoring to Grow the Security Workforce
About a year ago a much younger coworker told me his CompTIA Security+ was going to expire and was thinking about taking the CSA+ (now called CompTIA CySA+).
They had already achieved an MCSE: Cloud Platform and Infrastructure the year before and have a demonstrated ability to learn and apply new knowledge to their daily tasks.
They are very security minded and support many security initiatives including security operations, identity management, and security engineering.
They studied for the test and asked for guidance in some areas that I could help him on. They passed the test.
I congratulated them and told them that they should see what they would need to do to pass CompTIA CASP. They decided to take that test as well. This involved more guidance and mentoring and a small setback. By the test score, they barely missed passing.
Undeterred, they retook the test and passed it.
Right after passing the CASP, we discussed next steps. They wanted to continue and take the CISSP. I did tell them that the point of view of the CISSP is very different from the tests they passed from CompTIA.
The test is scheduled in a few weeks.
Every time the security team sees them we pummel them with questions. Describe PKI? What is a HASH algorithm for? What prompted the SOX law? What is the opposite of the CIA triangle? What type of control is a security guard?
I think that I am more nervous about this then they are.
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sounds likes you are doing a very worthwhile professional giveback to the community and to the individual. Hopefully with your encouragement they will pass the CISSP examination the first time around.
You appear to have a lot invested, I am sure they will do their best achieve to best result possible.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Caute_cautim wrote:
You appear to have a lot invested, I am sure they will do their best achieve to best result possible.
All they really needed to succeed is to be surrounded by a team of people that believe they could do the tasks ahead of them. So for me, it is not what I and my team have invested but rather what they can achieve with a little help and a positive work environment.
Back in 1993, when I started my first job in IT as a Sales Assistant, there were only a few people that thought I would succeed. Most told me negative things every day like, "You could never do the work I do." said an engineer and "Just keep doing your sales reports and leave that stuff to us."
The people that believed I could make it, did what they could to help. I learned how computers talk to each other starting in 1986 by building Amateur Radio networks using AX.25 protocol. Many at the VAR did not know how that could possibly apply to a business network.
After my workday doing construction from 1986 until 1993, I would come home and heat up a soldering iron used to modify commercial voice radios into data radios. I would edit ROM code in HEX and burn the edited EPROMS. These were needed to run on custom boards with Z80 processors that had two intergraded radio modems. One for the backbone and one for local access. When a node was complete it had to be installed.
That involved building UHF power splitters, climbing antenna towers, installing antennas and hardline coax cables. Like today, to find an issue you sometimes have to look at each packet. Frame tracing was built into every node. So as a carpenter, I learned how to frame trace.
None of that experience meant anything to the naysayers.
I am glad those days are behind me and look forward to helping as many as I can succeed wherever I can.
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well done - excellent example of professional giveback.
Regards
John
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We just got the word that they passed the CISSP exam today! Now we start the endorsement process....
We are so proud of their success.
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This week another team member passed their CompTIA Cloud+. The person is a very talented system admin and has been working on a lot of security products for years.
My advice to them is to examine the CSA CCSK test next.
I hope they do because then they could master two more areas (Legal and SDLC) for the CCSP.
Ok, after that I will tell them how close they are to a CISSP......
It's like using the escalator instead of the stairs.
____
|
___|
|
___|
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the update, just come back from annual leave overseas.
Now R&R accomplished, I will review comments and structure our study group approach accordingly≥
Many thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On Tuesday, July 10th we got the email that they are now a CISSP!
This morning, I handed them a CISSP sticker for their laptop which was promptly applied.
They have to wait until August to start earning CPE's. So when they attend the Alamo (ISC)2 Chapter (San Antonio, TX, US) meeting today, it will be just for fun and education since they cannot earn a CPE for it.
In August....they will be taking the CCSP exam!
Almost time to go to the meeting.
Paul
P.S. Support your local (ISC)2 Chapter!