Security newbs find training program that pays

When new to any industry, one of the greatest challenges is landing that first job. Look at the requirements for most job postings, and you’ll see–everyone is looking for someone with experience. But how do you gain experience without first landing a job?

It’s a classic chicken and egg conundrum for job seekers, except for Jessica Carney and Erik Dominguez who were lucky enough to enter into the OptivU training program and launch their careers.

Want to know what worked about the program for them? Here are their stories:

Jessica Carney, architecture and implementation security consultant, Optiv, was enlisted in the military for six years and is a current reservist. Carney earned an undergrad degree in IT and a master’s in computer science, specializing in forensics. After spending four years as a contractor with the military, Carney longed to get out of shift work and put her degree to use.

She discovered the Optiv program through a veteran website and was part of the program’s first class. “I didn’t have to have actual hands on experience. With this program, they were willing to train me,” Carney said. Having graduated from the program, Carney has been a full-time consultant for about eight months now. 

“I’m on a pretty good track to move up in the company as a senior consultant,” Carney said. That track began when Optiv reviewed her resume and decided that she might be a good fit for architect implementation services and she was able to work on implementing firewalls.

“They sent us to Palo Alto classes, and we worked on migration and implementations with Palo Alto firewalls,” Carney said. The hands on experience complimented by the support of an individual mentor allowed her to flourish but 

“Everyone had an individual mentor, which was great for me because I had someone I could reach out to for guidance,” Carney said..

Erik Dominguez, consultant, attack and pen testing, Optiv is based in Memphis where he works from his home office. Prior to discovering Optiv, Dominguez worked at a help desk in IT during the dot com boom. “Jobs were hard to find after the bottom dropped out, and I was delivering pizzas when I thought about being a nurse,” Dominguez said.

Instead, he decided to become a paramedic and did that for 10 years before he got burnt out and needed a complete change. Even during his time working in IT, what he had longed for was to become a pen tester.

On his journey of mastering many traits, Dominguez said, “I learned years down the road that the grass is not greener. Even as a paramedic I hit a burn out stage and took the road back to IT.” On his return, though, he was able to pick and choose his career path and focused on becoming a pen tester. “Everything was based around being a pen tester,” he said.

Dominguez earned a BS in IT focused on info security from University of Phoenix, which he was able to do online because of his paramedic schedule. “I started with an associate degree in programming. I wanted to be a pen tester but knew I needed a good level of understanding of programming and scripting to help me get a job as systems admin,” he said.

That’s exactly what happened. He got an internship as an assistant to a systems admin for a local company and eventually got a job there and gained experience working in the corporate environment while still doing a lot of research and learning at home.

The year he went to DerbyCon, he met with someone from Optiv who told him about the program. “I was accepted in the second class of the program, and was promoted to security consultant this past March,” Dominguez said.

During his time going through OptivU, Dominguez experienced the frustration of going through an engagement with a client because he had to slowly cut his teeth but with constant oversight over him until he gained their trust. “That became intimidating, so I made a vulnerable virtual machine for Optiv to help new associates gain hands on experience without having to test on actual client environment,” Dominguez said.

Using actual applications with vulnerabilities that were disclosed publicly, Dominguez developed the virtual machine by going to exploit databases and finding web applications that were common for his clients. “They were real world items that anyone would see on a client network,” he said. Now the virtual machine is used in the training and allows recruits to find vulnerabilities and generate the data. “But they have to find the answer, they can’t just look up a walk through,” he said.

For those who find themselves in similar situations, take a look at the OptivU Associates program, and perhaps you might be the next featured consultant others will read about.