• United States




Don’t wait for students to graduate, develop your own training program

Jun 13, 20164 mins
CareersIT LeadershipSecurity

Entry level training programs: the bridge to senior level security positions

classroom training
Credit: Thinkstock

There’s been a lot of talk in the security world about the growing concern around the shortage of cyber security pros and lack of talent at a critical time where so much is done through or connected to the internet—and that is only going to increase.

Rather than sit around and hope that more cyber security pros will be spun out of universities, Optiv, took the bull by the horns and developed a curriculum of training and hands-on work experience that helps build the foundation needed to pursue opportunities in cyber security within the company.

The associates program designed to address entry-level talent serves as a bridge for those who are able to successfully completely the rigorous training program. “Essentially, anyone with an aptitude for security, technical basics in networking, troubleshooting skills, good communication and writing skills, positive attitude and personal initiative, and a strong desire to work in cyber security qualifies them, but continuation requires successful completion of key milestones in the first 90 days,” said David Brown, senior director services enablement, Optiv.

As is the case with many enterprises, Optiv is looking for those who have what they have defined as core skills and attributes for their business to serve as a baseline. “From there we can build on the skills they need to become a consultant,” Brown said.

Most of the candidates are coming out of IT specific or cyber programs, and some are former military transitioning. “They are coming out with a set of core skills, which includes a much broader range than people might think, and we can then build on those skills. Others are career changers, those who have been on a service desk for a few years and want to expand,” said Brown.

The set of core skills that would make candidates attractive to Optiv range from communications, commmunications security, cryptography, operations security, intelligence gathering and analysis, and even some from the logistic areas. 

The two year associate program ensures a constant improvement process. “Every cycle, every class, we learn something to improve upon. Just as we grow as a company we grow the training program too,” Brown said.

Rigor and intensity seem to be appropriate adjectives to describe the training program as the first 90 are focused on training with a combination of classroom, e-learning, and practical exercises.

“Then they move into one of the consulting practice areas. They actually start to work with our senior consultants on delivery. By the time they come out, they are trained and qualified on certain levels of engagements because they have worked with senior-level people to build to that next step,” Brown said.

Because there are only a limited number of cyber high level practitioners, teaming gives Optiv the capability to scale and at the same time grow that new talent. “The teaming arrangement nurtures the mentor-mentee relationship, which is absolutely beneficial. The mentors enjoy sharing their knowledge,” said Brown.

But be warned that entry into the program doesn’t necessarily guarantee that candidates will move on. “They have to have met the milestones throughout the 90-day training. Each training module has an end of course assessment that they need to pass. In some cases, in some of our practice areas there are entry level practical exams that they have to pass as well,” said Brown.

While very few don’t pass, there have been cases when one or two trainees did not meet those milestones. “In those circumstances, we have reevaluated the destination practice. We have looked at the trainee on an individual basis and assessed that while they are not a particular fit for this particular practice area, they could work better somewhere else,” Brown explained. 

Somewhere else is within the three practical verticals within Optiv, which include the advisory services group, managed services group, or architecture and implementation services. If those areas appeal to you, perhaps this or other enterprise training programs might pave the way for your career in cyber security.


Kacy Zurkus is a freelance writer for CSO and has contributed to several other publications including The Parallax, and K12 Tech Decisions. She covers a variety of security and risk topics as well as technology in education, privacy and dating. She has also self-published a memoir, Finding My Way Home: A Memoir about Life, Love, and Family under the pseudonym "C.K. O'Neil."

Zurkus has nearly 20 years experience as a high school teacher on English and holds an MFA in Creative Writing from Lesley University (2011). She earned a Master's in Education from University of Massachusetts (1999) and a BA in English from Regis College (1996). Recently, The University of Southern California invited Zurkus to give a guest lecture on social engineering.

The opinions expressed in this blog are those of Kacy Zurkus and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author