Other than technical college, one of the things that I seriously embraced was getting certifications through vendors such as Microsoft, CompTIA, CIW, Cisco, eLearnSecurity, and Offensive Security. Since I could control the pace at which I obtained these certifications, this was my preferred route.
From the time I started at Louisiana Technical College until I finished, I had obtained my A+, Security+, and Network+, and two MCTS certifications -- one for Microsoft Windows Server 2008 and Windows 7.
I finally landed my first IT job with the help of one of my instructors and it paid minimum wage. After a few months, it became too slow and I was laid off and had a job at LSU a week or two later, doing very basic help desk work and a little bit of administration with servers. After I graduated with my technical diploma, I did a little bit more work with LSU (an extended contract) and eventually started working at a federal credit union in IT.
Working in IT at the federal credit union has taught me a lot about how a real IT department is run at an organization. I learned a lot more about networking and virtualization, although I couldn't keep myself out of Backtrack (now known as Kali Linux). Eventually we hired a cybersecurity firm to come in and do a yearly security assessment. When they came in, I applied for an open position over there. By this time, this was actually my second or third year applying to work there and I guess my persistence paid off. I started doing very basic IT stuff, but I was surrounded by cybersecurity analysts. Every chance I got, I got involved with what assessments they were doing and learned as much as possible. I also used my free time to take and pass my CCENT and CCNA within my first few months of starting.
When an opportunity opened up in the compliance associate role, I was the first person considered since I had already been pretty involved with the process. The path to growth was extremely clear for me.
Going from the compliance associate role to an analyst position only took a few months, and this is when I was in my first “infosec” position.
During my time being surrounded by other analysts, I learned as much as I could and also embraced the opportunity to take the eLearnSecurity Certified Professional Penetration Tester (eCPPT) certification, followed by my Offensive Security Certified Professional (OSCP).
After taking my OSCP, the rest was history. Opportunities opened up left and right and I became part of a badass team and just continued to work, code, and learn as much as I could for the next several years.