This is the beginning. This blog will be my journey into becoming a red team cybersecurity professional.
I have been in IT for over 20 years. I have been help desk, sysadmin, manager, sr. manager….basically jack of all trades. This field has been good to me, but it’s starting to become a little stale. I have a great role currently, but I really enjoy the deep work more than the constant interruptions and business admin portion of my job. I’ve been searching non-stop for something that I can do mostly on my own, allows me to do more focused intellectual work, and allow me to continue growing to stay relevant into my later years.
I have tried several different avenues, from programming, game design, AI/ML work, etc. Nothing has really stuck. Red teaming is not something I really considered until a few years ago.
I was working as an IT Manager for a company that was needing to qualify for cybersecurity insurance. This company was in bad shape (I had just started in this role shorly before), so there were a lot of tasks I was needing to accomplish as quickly as possible. While researching, I came across CISA, and along with that, the opportunity for me to qualify this company as “critical infrastructure”. We qualified, which allowed CISA to do a free external and internal pentest of the company.
A few weeks later, CISA sent a few contractors on-site for a week to do internal testing. I spent most of my time in a conference room with them during the week. I was very intrigued by their process, and was informed of the possibility of not only getting into the field, but also that I would be able to make an easier transtion because of my previous experience with infrastructure. I will also add, the thought of being able to find things I could break, but not actually be responsible for fixing them, was extremely enticing.
I started studying for my PNPT from TCM-Security at the advice of one of the contractors. I also signed up for TryHackMe. I was fanatically motivated during that time, and was actually excited about my career future for the first time in a long time. Then, personal issues hit, which caused me to have to move, taking a new job, and focusing more on my family. While the changes were needed and utimately good, my “hacker dreams” went away because of this.
Life has become more stable, and my family responsibilities are becoming less (we’re almost empty nesters now). Long story short, I have caught the bug again, but am approaching it differently.
My current status is full-time employment as a Sr. Manager of IT Operations, and I’m currently on the back end of obtaining my PMP. I am going to finish that cert, then focus solely on red teaming, with an initial focus on bug bounty. This is not something I’m starting with to try and make a quick buck, but more to take smaller bites and have a specific focus.
This site will be the documentation of my journey, as well as my contribution to the community on my learning progress. My hope is that these posts will help anyone with their own personal journey as well as myself.
