I joined a cybersecurity immersion academy through Women in Cybersecurity (WiCyS) and the SANS Institute, and it is sponsored by Google. The program provides the experience and resources to start a career in cybersecurity. Part of the program included SANS courses such as SEC401: Security Essentials (144 hours), and SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling (144 hours). The on-demand courses consist of theoretical and technical concepts enforced by labs and projects. Once the courses are completed, there is an exam and a certification contingent on passing the exam. In addition to the courses, the program also incorporated career guidance from Google Security Engineers and SANS mentors.
Throughout my practicum, I learned many cybersecurity concepts such as the types of cyberattacks, techniques used by cybercriminals, and the incident response process. For the technical aspects, I used tools to find vulnerabilities and to exploit weaknesses in systems. Furthermore, the labs give real-life applications of theoretical concepts and experiences with different environments like Linux and Windows.
The screenshot below shows part of my index that I used for the GIAC Security Essentials Exam, which is based on the SEC401 course content. Creating an index helped me understand how different study habits can be applied to different learning environments to most effectively reinforce my learning. The exam is 5 hours long and is open note, meaning that I can use all 6 of the books, so I needed to focus on understanding the general overview rather than the specifics and create an index that would allow me to effectively utilize the books during the exam. This experience helped me recognize that, as a student, I need to “study smart not hard” and as a professional, I will always have additional resources, so it’s not expected for me to know everything. Additionally, for the leadership aspect, the studying developed my organizational skills and enabled me to visualize the big picture and incorporate it into my planning.
Screenshot of my SEC401 Index
The cybersecurity skills and concepts I have learned through my practicum directly impact my professional development and will be relevant to any future internships and jobs. The program has enhanced my existing background in computer science, and the certifications from the courses are a stepping stone for a cybersecurity career. Furthermore, the experience taking the course and its exam has prepared me for future certifications and given me an idea of career specialization in the future.
After finishing this semester, I will start taking upper-level courses in computer science, including many cybersecurity-related classes. I look forward to learning more about cybersecurity by focusing on specific technologies. Furthermore, I recently joined a leadership position at Hack4Impact, a student organization at UMD, and am working on growing the organization. Over the summers, I plan on interning to experience the applications of the skills I’ve culminated at UMD and my practicum.
As my practicum indicates, my career field of interest is cybersecurity, and the field is still growing and has several specializations from pentesting to compliance. So far, I know that I would like to work in a more technical role, but I’m still exploring to find out more about my specific interests.