A Winding Path: Pursuing Security as a Second Career

Posted on by Jen Burns

Five years ago, I would not have pictured myself at the RSA Conference as a Security Scholar this past February. In fact, the last time that I was in San Francisco I was hauling my drum set up a flight of stairs and into a hotel room at 2am after playing a set at the Hemlock Tavern during my band’s west coast tour. So how did I end up in San Francisco again, having dinner and conversation with experts in the cybersecurity field? It all began when I decided to go back to school for computer science in 2013, after working many years as a percussion teacher, marching band music arranger, and occasional professional drummer. Then, in my final semester of my computer science degree at Oregon State University, I decided to apply to master’s degree programs to determine if I wanted to continue working as a software engineer and further my education.

Jen Burns

Although I originally hoped to pursue a specialization in machine learning, I happened upon the Information Networking Institute at Carnegie Mellon University, and immediately fell in love with the MS in Information Security program and the many opportunities that it offered. Although I was concerned that I only had a basic knowledge of cybersecurity, I was accepted into the program and was privileged to be chosen as a CyberCorps ® Scholarship for Service (SFS) recipient by the INI director, Dena Haritos Tsamitis. For context, the SFS program was designed to increase and strengthen the body of information assurance professionals that serve the federal government. It offers full scholarships and stipends to undergraduate and graduate students for the same number years as each student will serve the United States government as a cybersecurity professional.

The existence of the SFS program is just one testament to the growing need for cybersecurity professionals, and there are certainly efforts being made to encourage kids and teenagers to pursue careers in this field. One example of an excellent effort to do so is Carnegie Mellon CyLab’s picoCTF, a cybersecurity competition targeted at middle and high school students. Targeting younger students and teaching them ethical hacking will certainly ignite a passion in many who will then choose to pursue studies related to cybersecurity.

My path to the cybersecurity field was far from direct, however. I believe my choice to attend Carnegie Mellon University is one of the best decisions I have made in my life, and I also think that there are many people in a similar situation to me five years ago who would find a career switch into cybersecurity to be mutually beneficial to themselves and the field. Therefore, it is important that post-baccalaureate undergraduate and graduate cybersecurity programs target students with backgrounds outside of those that are expected, such as students with bachelor’s degrees in the liberal arts.

I was excited to find that many of my fellow RSA Conference Security Scholars were also pursuing cybersecurity as a second career, and that leads me to believe that at least part of the need for cybersecurity professionals will be met by a growing group of people wanting to change career paths. I would encourage anyone who is considering cybersecurity as a second (or even third!) career to begin searching for opportunities and to not be dissuaded by concerns about being a student later in life. The cybersecurity field needs talent at all skill levels and ages to solve some of the hardest problems that exist in our time, and I certainly do not regret this career change in my own life.

Jen Burns

RSAC Security Scholar and Carnegie Mellon Graduate,

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs