Joanne Puchek went to SecureSet Academy’s cybersecurity [analytics] bootcamp in Denver after serving in the US Army. After graduating, she was able to take the skills she learned in the program and is now working as an Associate Security Consultant in cybersecurity. Joanne discusses how she got interested in cybersecurity, what she learned at SecureSet Academy and how she got her first job.
In 2019, SecureSet joined Flatiron School — partners who share our mission to secure futures by enabling people to pursue careers and lives that they love. Together we are setting out to address the worldwide cybersecurity skills gap through immersive cybersecurity education.
Hey, so can you tell us a bit about yourself?
I’m an Associate Security Consultant at Coalfire in the Greater Denver Area. I joined the U.S. Army at the age of 17. I served four years as a Mental Health Specialist assisting with treating acute cases during the Iraq and Afghanistan wars. I worked in various inpatient and outpatient environments. Upon discharge at the end of my contract, I worked various jobs in medical administration, opticianry, and computer repair. This was all while attending university for psychology and social work.
What does a typical day as a security consultant at Coalfire look like for you?
Being an associate security consultant is multi-faceted. I suppose one common denominator is that our work is client-focused, with each project being the client organization system in question needing HITRUST certification. My team specializes in assisting clients with this process.
The certification process system takes months. It includes interviews, onsite walk-throughs, evidence gathering and scoring. It all relates to the examination and assessment of the organization’s cybersecurity infrastructure. Sometimes we will prepare clients for the certification process, as well, which is another process in itself. It varies.
With clients all over the nation, consistent travel is a big part of the role, as well. Our schedules can get pretty hectic sometimes, but it makes for an interesting day at the office. I prefer it that way, though.
Can you tell us how you got your entry level cybersecurity job?
I’m not going to sugarcoat it. Getting an entry-level cybersecurity job is not easy. It requires an almost longitudinal scope of perspective. I began preparing for my first job well over a year ago. I volunteered as a computer repair technician while working another job to support myself.
I wanted the hands on experience. I wanted to learn from people who had already been there, done that, got the t-shirt, and had knowledge to share. I can attribute some of the most valuable knowledge and guidance I’ve received so far in my career to what I learned from my mentors there. During that time, I also studied and researched anything and everything training-wise online that I could get my hands on.
Upon my enrollment in and attendance at the SecureSet cybersecurity program (Flatiron School), the instructors and career counselor encouraged me to begin professionally networking and exploring job opportunities from day one.
They provided career-related meeting and event information to the students. The emphasis was that it was on us to pursue those recommendations. While it was an arduous process to simultaneously network, attend class full-time, do homework, and work a part-time job, it’s what eventually got me an interview and later on the position at my new place of employment.
There really is no one defined way to get an entry level job in cybersecurity. Everyone’s experience will be different. It was a mutually inclusive relationship of my own efforts combined with the assistance of SecureSet’s program.
How did you first get interested in cybersecurity?
While studying my undergraduate degree back in my early 20s, I hired an independent IT consultant to look at my laptop. It had been acting weird for the past few months. No system update, scan, or repair command I ran would remedy its odd behavior. It turns out my system had been hacked. When the consultant explained to me in detail how this happened and what exactly was going on, it made me wish I had his job.
While I would love to say that experience planted the seed, it had been nestled within me long before that. When I was in middle school, my brother and I used to hide Text Edit files containing “secret messages” on our family’s old ‘93 Macintosh IIsi computer. We made bets on who could find them faster.
I guess you could say I’ve always been interested in computers, puzzles, and problems. I think the same goes for anyone drawn to working in cybersecurity. We are all some variation of a problem solver, a tinkerer, or curious mind attracted to challenges.
What was the SecureSet application like?
It took a few weeks or so. The process involved filling out an application, an admission and technical interview, and giving financial aid details. The application and technical interviews were the determinants for acceptance. I was mostly assessed for attitude, motivation, and technical aptitude.
What did you learn in the Cybersecurity course at SecureSet Academy?
That is a really great question, and difficult to summarize. SecureSet’s program taught me the fundamentals of cybersecurity. It then nurtured my already existing curiosity to explore them further on my own time. I learned how important it is to check your ego at the door and ask for help when you don’t understand a concept. We also were taught the value of tenacity in problem-solving.
Ajay Menendez, the creator of SecureSet’s cybersecurity analytics (HUNT) program, showed us this during the initial weeks of the preparatory course when a system we needed for a training lecture was temporarily offline or disabled. He figured out how to create a secondary hypervisor training environment within AWS and so was able to successfully continue the lecture with minor interruption. Those types of examples helped solidify those core cybersecurity principles within me, and it significantly assisted me in my later career. I consider them to be invaluable and imperative for any cybersecurity job.
How has your life improved since learning cybersecurity at SecureSet?
I never have a boring day at work, I enjoy what I do, and I like the people I work with. That’s a professional trifecta that doesn’t always come about for everyone, and so it is something for which I am exceedingly grateful.
What advice do you have for getting a cybersecurity entry level job?
In cybersecurity, you have to know a little bit of everything. The more you know of each thing, the better you will be at what you do. This makes you valuable. So seek out those experienced in the industry and learn from them. Find a mentor, examine what their path entailed, and listen to them. It’s not about getting it right the first time, but rather understanding why it didn’t work. Be curious, question everything, and don’t be afraid to ask for help.
If it is within your means, there are opportunities to volunteer part-time at various tech places to gain hands-on experience. This can help with your job search later on. There is also a myriad of free online classes and courses available for programming, operating systems, and certifications training. Research these and incorporate them into your learning path.
Additionally, place special emphasis on understanding the various distros of Linux operating systems. Study social engineering and familiarize yourself with the human factor in the context of cybersecurity. Take a course at a community college or elsewhere in interpersonal skills. This will help to sharpen your skills in professional networking, communicating your results to others, conducting information gathering, and understanding how, when, and where to tactfully ask for help in a professional setting. Ultimately, everything is on you. There are multiple opportunities to be had, so it’s important to pay attention to them and to utilize them.
Have you ever had imposter syndrome?
Yes. As an associate, I know that many of the veterans in the cybersecurity industry figured all this stuff out in the days before the internet. It's enough to make me have imposter syndrome every minute of every day. And that’s just one part of it. But it also pushes me to keep learning.
Imposter syndrome is a natural phenomenon that comes as a result of someone going 150% full steam ahead when working towards something they are passionate about. It’s the resulting planted seed of doubt upon a goal achieved when the odds were stacked against you. It’s a natural occurrence of human nature. It happens. You just have to work through it in your own way, in whatever way that might be. I try to keep reminding myself how I got here. That helps.
What are your career goals?
I want to learn what I can as each day presents itself, enjoy what I can learn, and be grateful that I can enjoy it. This attitude has served me pretty well so far, and so I intend to continue to exercise it. I look forward to what it will continue to bring with curiosity and enthusiasm. You can’t go wrong when you love what you do.