From Unemployed to Information Security Associate after Code Fellows

After battling addiction and homelessness, Bill was rebuilding his life when the pandemic blocked his career path. Armed with a hand-me-down computer, he explored intro tech courses and found a love for cybersecurity. Through Washington State’s Training Benefits program, Bill enrolled at Code Fellows to learn information technology, computer networking, coding and cybersecurity skills. Bill shares how he was able to land a paid internship with Tevora right at graduation that soon led to a full-time position as a remote Information Security Associate. 

What inspired you to pivot from events to cybersecurity in 2021?

Since 2013, I’ve been slowly rebuilding my life.  I grew up on the East Coast where in my teens and twenties I became consumed by heroin for the better part of 10 years. This eventually led me to homelessness. During my worst point, though, I began practicing Buddhism which gave me the ability to see myself and the world in a new light. Soon after, I got an opportunity to move to Seattle, and from there, I was able to begin pulling myself out of that situation. 

Soon after I moved to Seattle, I found a job as a custodian in a local theater for about three years. Hungry for more income, and seeing stagehands on the stages after the events I would clean up, I decided I wanted to be like them, so I joined a union through word of mouth and began working events like concerts, theater productions, and conventions. I worked really hard and was really proud of the life I was building for myself. I was a union member, making a modest living, and I was making my way up in seniority. Just before COVID-19 hit, I had made it up to the second highest in seniority in the union that I was in, and as a result I was about to turn a corner financially. But COVID pulled the rug out from the entire events industry — it felt like I’d made all this effort just to find out I would be unemployed indefinitely.

I needed to get myself out of survival mode, which was what I’d been psychologically pulling myself out of the previous eight years but now found myself thrust right back into because of the pandemic — I wanted to shift toward thriving! I wanted to learn how to be successful and believe in my potential to realize true financial stability and experience things like homeownership and have the ability to travel or take care of my family members without worrying about money. Deeper than that, I wanted to do more rewarding work that actually helped reinforce a good sense of self. In that sense, the pandemic became a wake up call for me, and as a result Iwas ready to tap into my potential and challenge myself to take things to the next level. 

Seattle is a major tech hub, so I started exploring the world of opportunities available here in tech and what resonated with me. I really enjoyed the idea of working from home because I got comfortable being home through the pandemic, so I wanted a remote job. I tried classes out on coding and data science, but nothing seemed to feel like a good fit. That’s when I began thinking about working in cybersecurity. 

Very soon after, I heard about Code Fellows’ Ops 101 course. I thought it sounded so cool! So I took the class and actually really enjoyed it! The content, the instructors and the energy they brought really resonated with me. I decided to sign up for the full curriculum pretty much as soon as that class was over. I was even able to get an unemployment extension to cover my living costs during the bootcamp training. During the bootcamp, I made a determination to use all of my negative past experiences, including poverty, drug addiction, feeling inadequate or unworthy, etc., and turn it all into fuel to take this bootcamp and career change really seriously. 

There are so many cybersecurity bootcamps now -- Why did you choose Code Fellows?

As I got more comfortable with the idea of switching careers, I learned about training programs that were connected to the Washington State’s unemployment office that helped people make career transitions. Code Fellows is one of those organizations. I was initially skeptical about bootcamps because I didn’t want to fall into a marketing ploy. I wanted to find a program I resonated with, that was worth the investment, and in something that really interested me. Code Fellows seemed like an exception to the bootcamp stereotype — they were trusted by the state of Washington, had good reviews online, and everyone I spoke to as I began to seek more information and figure out how to enroll seemed to really care.

How did you prepare for the bootcamp?

There are a ton of free resources out there these days. TryHackMe is a website that offers free cybersecurity training, and it's all very gamified, so there are elements like a scoreboard and a leader board that keep it competitive feeling and engaging. There’s also a ton of great resources on YouTube, like NetworkChuck! Making use of those free resources helped me feel confident in the beginning stages of the Code Fellows courses. The free content out there is a great primer for important cybersecurity topics. This offered me a tremendous leg up going into the bootcamp. 

In your experience, do you need to know basic cybersecurity skills in order to apply to Code Fellows?

With Code Fellows, you can show up and apply yourself and you can learn everything you need. If you’re a total beginner, it’s good to do the prep courses (like 101 and 102)  at Code Fellows before you really get into the heavy lifting of courses like 201, 301, and 401. Courses 101 and 102 have plenty of great introductory content, but your success is still highly dependent on how readily you apply yourself, so those fundamentals classes also give you an opportunity to set the tone for how you’ll show up during the rest of the course.

What was a typical day like in the online cybersecurity bootcamp at Code Fellows? 

Whenever I could, I would get up at least an hour early, eat a good breakfast, and try to work on the assigned reading materials before class. I noticed that I often got more out of the lecture portion if I had already gone through the reading material the night before or the morning of the lecture. During the lecture I would take notes, but I remembered the Pareto principle – 80% of results will come from only 20% of your efforts, so I didn’t try to tax myself too much by taking extraneous notes. By note-taking, I learned what was essential and what was fluff.

I found that trying to think of follow-up questions to subjects that my teacher would bring up helped me stay engaged, so I'd always be trying to practice critical analysis in what they were talking about so I could come up with some meaningful questions to drive the conversation further. After the lecture, there was a lab demo. I would usually take a break for lunch, and then jump back to the lab. 

Did the teaching style match your personal learning style?

Our instructor set expectations early for how we should be preparing for each day. He emphasized that how we show up in the course is setting the tone for how we will show up in our new career. He told us we needed to keep up with various security news feeds like Bleeping Computer, The Hacker News, or Slashdot to find out about what's happening that day in cybersecurity news. You don't want to be on a call with an executive and get asked about something you should have known. I was grateful to have an instructor that emphasized that, and he would quiz us! He would ask us who heard about the thing that happened with a corporation who made the news for a breach or outage, or a recent CISA alert, and we would be able to have conversations around it. I remember Log4J actually happened in the last week of the course. Those conversations were really meaningful because he was able to leverage all of his experience in the industry to give us deeper insight/root cause analysis into his speculations on what must have been at the core of the breach or the outage, etc. 

What did you actually learn in the bootcamp?

Code Fellows covered in-depth content that not every cybersecurity bootcamp does, such as computer networking and coding. Pretty much as soon as the course begins, they throw you not only into hardware, hardware analysis, and machine maintenance and troubleshooting, but they quickly throw you into coding, too. It’s important to understand how the infrastructure of IT operates, from both the physical and logical side of things. The way Code Fellows explained these concepts was logical, orderly, and well thought out, progressing naturally from one concept into the next.

My big takeaways were learning about cloud computing, and understanding how enterprise level IT infrastructure works and is implemented. They teach you how to draw logical diagrams, how to draw data flow diagrams, how to write and conduct risk assessments, including the different quantitative versus qualitative analysis techniques for measuring risk. They even go into project management best practices, like Agile processes! 

The 401 course is called Cybersecurity Engineering. If you want to engage in cybersecurity engineering practices, you need to have a working knowledge of networking principles and how to read, write and understand code, to be able to identify malicious code or to create your own tools on the fly. You need to be able to read through Python scripts, VBS code, or PowerShell command lists and identify when malicious commands are being issued or to understand how to perform a task or function during an investigation or administrative tasks. We also learned forensic analysis tools and techniques. We learned GRC (governance, risk, and compliance) workflows as well, which is what I do now on the job. For the GRC content, they had us write mock policies and do risk assessment reports on hypothetical organizations and scenarios. 

Code Fellows also dives into a good amount of AWS functionality and shows you how to create AWS architecture and secure it as well. That’s invaluable! AWS is only going to continue to exponentially grow in demand from here, in the next five years. 

Were you prepared for any cybersecurity or networking certifications?

Code Fellows prepared us for three CompTIA certifications: A+, Security+, and Network+.  Preparing for the CompTIA Network+ certification is no small task — it's a big certification. The network course (301) is very robust, but you have to absorb a lot of information to pass the test. I recommend getting the Sybex study guides and using Professor Messer’s content on YouTube to supplement the Code Fellows course content. Using all three resources, I was able to pass each exam on the first try, and even managed to obtain all three before my classes were finished, which set me up really well for the job search process. Certifications count for a lot if you don’t have a formal college education, and I feel strongly that they were a decisive influence on my ability to obtain a job as quickly as I did. I’m really glad that Code Fellows thought to include these certifications as part of the curriculum.

What is your advice for making the most of the Ops & Cybersecurity bootcamp?

The content at Code Fellows is an inch deep and a mile wide. It’s going to be much more difficult to move forward if you aren't mentally preparing yourself for it prior to starting the course, such as by familiarizing yourself with the various problem domains. You’ll have to learn how to apply yourself to the content, since it’ll all be new. There are a lot of different domains to take in concurrently, so if you haven't done any kind of preliminary (as they say in the industry) open source intelligence into what exactly some basic things are, it will be more difficult. Your ability to absorb what you’re learning will be seriously enhanced if you do some homework ahead of time, such as learning some basic Linux commands, like how to walk a file system and navigate the directory structures. 

What kind of community support was there at Code Fellows?

I typically like to work alone, But truthfully, I found that I absolutely got more out of my experience in the labs once I found some people to work with. We would jump on a Zoom call every day and go through it together, and it really helped me because I was able to collaborate with others. As time passed and the course became more challenging, I was really grateful that I built some friendships in the cohort that I could really rely on. While friendships are important, I also was consistently humbled and impressed by the teaching assistants who support the coursework. They were all very patient, knowledgeable and helpful. Many times they helped me break through problems I probably wouldn’t have solved on my own, and even helped me get caught up a few times when I fell behind in the coursework. The instructors and teaching assistants were also aware that many of us had lives outside of the class, and consistently demonstrated flexibility and consideration when any of us had life situations get in the way of staying on top of class.

Which tech roles did you feel qualified to apply for after graduating from Code Fellows?

I personally felt strongest applying for Networking and Security Roles, like Network Analyst and Junior Network Engineer because I was most interested in them. It is realistic for a Code Fellows graduate to achieve a Junior Security Analyst role in a Security Operations Center (SOC) or on an incident response team, it just depends on the organization. A Code Fellows grad could definitely land a role as a Tier One Analyst, Junior Consultant, or Junior Associate at a consulting firm, managed service provider or a smaller organization. 

How long did it take you to land your first job after graduating from the bootcamp?

I was fortunate in that I got my job offer the day I graduated! It was a 2.5 month internship at cybersecurity consulting agency, Tevora that turned into a full-time job as an Information Security Associate. I’m still working there today and it’s been an amazing opportunity to gain valuable knowledge and experience.

Did you get the internship at Tevora through Code Fellows?

My TA at Code Fellows had interviewed with Tevora in the past and was really supportive of me applying there. The TAs and the instructors at Code Fellows are really supportive in extending opportunities and pointing students in the direction of job opportunities they know about. I filled out the Tevora internship application, and they scheduled an interview with me on the Monday before I graduated. An hour after we graduated that very  Wednesday, I got the call with the offer! 

I was in a position where I had to make money, and Tevora offered me a paid internship. Tevora is an amazing organization that not only has a great reputation in the industry, but believes in fostering peoples’ potential. After 60 days, they extended benefits to me and not long after that the internship extended into a full-time salary job offer. 

Did Tevora require you to have some certifications in order to land the job?

Tevora didn’t require certifications, but I think that they want to see some examples of either academic or domain-specific competency. I don't have a four-year degree, but I have those certifications, combined with how I presented myself in my resume, professionalism, and writing style heavily influenced their decision. Code Fellows also includes professional development classes during the bootcamp, which I definitely credit with helping me polish my resume and preparing to interview.

Do you recommend other recent bootcamp grads consider internships?

An internship is a great way to get familiar with the industry itself. It's one thing to understand the processes from a technical perspective, but actually understanding the workflow of an organization is totally different. Another advantage of an internship is that you can leverage being in that position to seek out more mentorship and networking opportunities.

The biggest attraction to me about the internship was that they paired me with a mentor who took responsibility for my success. My mentor thought I probably could have gone straight to a full-time position, but I knew I wanted that extra assurance that I’d be able to meet expectations. My mentor was awesome. He was engaged right from the beginning, ensuring that I understood the standards, showing me industry and organization specific best practices, and setting me up to successfully reach the goals presented by my manager. 

What’s it like working at a cybersecurity consultancy like Tevora?

A consultancy can be a good first step for someone like me coming out of a bootcamp because it involves report writing for clients and measuring their security posture against known security frameworks. You have to adapt to assessing a particular client's environment, which means that you need to research  the different tools and techniques they're using. There are so many different tools out there that you have to inevitably do a ton of Googling to figure out what the tool is and how it works, which allows you to quickly develop insight into a variety of different IT solutions. You also have to get familiarized with security frameworks like NIST’s CyberSecurity Framework or the 800 series of special publications. A consulting job is a good first step to quickly familiarize yourself with the industry, but it is a non-technical role, so it has limitations there. 

How have your job responsibilities changed from interning as a Developing Consultant to working full-time as an Information Security Associate?

I am fortunate to have found a company that sees the potential in people. If you're inherently a well-meaning person that's passionate about this, showing that you're engaged and are “showing up to grow up,” on the road to taking it seriously and not just there to collect a paycheck, they want to give you a chance. 

Now that I’m an Information Security Associate, there is more trust placed in me and my judgment, with less oversight. This is a client-facing role, and now I’m driving those client conversations whereas before as an intern I was more of an observer in these client meetings. Now I get to set the tone. My managers trust me to lead interviews when we're conducting assessments and even lead follow up meetings with clients that my managers may not be able to join.

I'm learning life skills in this job and how to interact with a wide variety of people and take myself as seriously as I need to get my job done, and I’m very proud of that evolution.

Are you using everything you learned at Code Fellows on the job?

Now that I’m in the industry, I can look back and see that every major domain that I would hope to see covered was covered at Code Fellows. Other professionals I’ve met in the field have been consistently impressed with what I told them about the course content. I walked away from Code Fellows knowing how to roll my own tools, and felt armed with versatile skills, which has been invaluable to me on the job. 

Did you experience any bias when you were applying for cybersecurity roles as a bootcamp graduate?

I’ve encountered a lot of gatekeeping in the industry. Some companies get annoyed if you haven't worked at an IT help desk because they assume you can’t understand the infrastructure if you haven’t had boots on the ground. Most companies also want to see a four-year degree, which I don’t think is right. The caveat is that a lot of people with a four-year degree consider that this is an in-demand industry with a lucrative payout, but their heart’s not in it. I think more companies are starting to shift towards the approach of identifying talent, but there is still a high bar of entry. 

At this point in your career, was Code Fellows worth it for you? 

Some people are self-teachers and take pride in not needing help from something like a bootcamp, but I think it’s narrow and judgmental to tell people they’re wasting their money if it’s what’s right for them because there are so many different learning styles. Personally, I learn better from curated content. Since I was brand new to this content, I didn't know where to begin. Code Fellows had a curated curriculum that offered everything I didn’t know I needed. Now that I'm experienced and have a better understanding of what's important in the industry, I see the quality of the Code Fellows curriculum and how well structured it is. 

To be fair though, being a self-starter really helps with staying engaged after the bootcamp — there’s so much knowledge to soak up out there! I still actively participate on TryHackMe, Antisyphon’s CyberRange, and other capture the flag style communities where I can sharpen my skills and have fun doing it. For personal enrichment and development, I highly recommend setting up and maintaining a home lab environment. Fortunately, Code Fellows armed me with one!

Do you have advice for anyone who may not see themselves in the typical career change stories who’s wondering if they too can get into the tech field?

In my opinion, the biggest barrier to entry for most people is imposter syndrome. It's feeling like you're not worthy or smart enough, or that you're not that type of person. Tech is a great industry for people that are looking for upward mobility in life. If you're looking for a stable career with fantastic growth potential and an opportunity to try different areas within this broad domain of technology, cybersecurity is a great place to get started. This is a career that you don't need to be a computer wizard to make it in this industry. Having a good heart is actually more important than technical skills. Anyone can learn technical skills, but being good-hearted isn’t something that you can learn so easily.

It’s also about figuring out what's important to you beyond just working a job. So many people identify with their career as their identity and that can be debilitating when things like a pandemic uproot your whole industry. For me, working in tech is a way that I can make a living without being too attached to what I do. Of course I like being a security professional and I'm proud of the work that I do, but my identity still transcends my job. I am a human first, that happens to know how to secure networks or protect organizations from cybercriminals. Tech is a way that I can make money and also be able to have fun and grow as a human being doing it. 

Find out more and read Code Fellows reviews on Course Report. This article was produced by the Course Report team in partnership with Code Fellows.