From Parenthood to Pentester: Insights from a Woman in Cybersecurity
Earlier this year, I had the honor of interviewing Jennifer “Jen” Bate, a parent turned professional penetration tester who happens to be a woman in cybersecurity. But don't call her a professional pentester, because she'll deny it. At first, I thought she was just being modest. I soon learned, that:
Jen's pathway to pentesting began much later in her life. But to truly illustrate how she became the fascinating ethical hacker that she is, we start with her military career. Jen’s a military veteran that proudly served as a captain for the U.S. Air Force working as an electrical engineer. After meeting her husband, she made the difficult choice of putting her career on pause to support his; by focusing on their family and raising their three boys.As soon as her children became teenagers approaching college, Jen faced a common challenge that those, especially engineers and other technical professionals, who pause their careers for extended periods: the struggle of reengaging in the professional technical world.
As Jen recounted her journey, she described how Cybersecurity wasn't something she considered even five years ago. She initially chose IT for a relaunch because it was something that every company needed. Jen was eager to get back into the professional world and had a technical aptitude….but was deeply concerned about the chasm in her resume that motherhood created.
But that did not stop her.
One of the things that she found appealing in cybersecurity were the industry certifications, as it meant that one did not have to start school all over again. Jen took the necessary courses, gained the knowledge and skills she needed, and earned industry certifications to prove her credibility (six certifications to be exact). She found her knack for penetration testing when her professor introduced her to capture the flag (CTF) exercises.
A SANS instructor she met through the cybersecurity club at her community college encouraged her to apply for the SANS Women's Immersion Academy. There were over 800 applicants, for a cohort of 13, and Jen was one them. She was selected for a cohort of 13 out of over 800 applicants. Fast-forward into the future (not quite today), and she was a career-aspiring -transitioner, with noteworthy credentials under her name but hardly any recent professional experience under her belt.
But this did not stop her.
Jen kept doing CTFs and online classes and going to local industry networking events to find out who was hiring junior people. She found a way to stand above the crowd by highlighting her new GIAC certifications early in her “elevator pitch” when meeting industry insiders. She leveraged her professional network to get the interviews that gave her the opportunity to tell her story and sell herself. She now works as a professional penetration tester and an Affiliate Ambassador for the Women in Cybersecurity (WiCyS) San Diego Affiliate.
In our interview, she shared three career insights that deeply resonated with me:
#1 Find a way to stand out from the crowd. Resumes for entry-level cybersecurity roles are most likely going to look very similar to each other, "Graduate from ABC University with 1-2-3 Certifications.... "
Find what makes you unique and valuable and leverage that.
#2 Leverage your social network and get your name out there. Jen emphasized how "everybody knows somebody." Personal referrals are like a secret passageway to the next level of your career. Simply put, get to know your industry and the people in it. Build connections and be the person to know, not merely the person who knows who. She also added:
Without having to explain it to me directly, I knew what she meant. It is through our stories is where our careers, not jobs, will develop from. So ask yourself, “What’s your story?
#3 Experience is not all equal. But at least know the fundamentals, especially for technical interviews. Degrees, certifications, and real-world experience are only as good as your ability to get the work done (results) or the tenacity to demonstrate you can get the work done. Professional experience (or lack off) can be supplemented with industry-related activities such as advocacy and volunteerism, or by building a cybersecurity lab and share the process on social media. But above all else, know the fundamentals.
Jen highly recommends that job seekers master the technical interview process. She suggests to take every interview opportunity that arises, even for positions that one may not even care for; all for the sake of nailing the technical interview.
Jen Bate’s journey from parenthood to penetration tester is an inspiration to all, not to just women or those looking to break into cybersecurity, but for anyone looking to break into any industry. The insights that she shared are not industry-specific, they are universal. I conclude this article with one last insight gained from my interview with her:
Interested in connecting with Jen Bate? Follow her on LinkedIn.
Dru Macasieb is the Director of Marketing for WiCyS San Diego an Affiliate of Women in Cybersecurity (WiCyS), global a non-profit organization with the mission to recruit, retain, and advance women in cybersecurity.