Cybersecurity jobs & people: Shelly, Technical Education Consultant
Certifications and careers seemingly go hand-in-hand like peanut butter and jelly. This is especially true for the IT security industry. Be that as it may, when it comes to media coverage one of these things is not like the other. For instance, one search can provide an aspiring cyber security professional with an endless supply of informative resources – can the same be said for those who are researching potential cyber security jobs?
Cyber Security Jobs and People is a series of interviews packed with practical information to help you become more familiar with some of the security-focused roles in IT. Each article will introduce a unique cyber security job by interviewing an expert who is currently filling the same position. Discover what these professionals do for a living, whether or not they value any specific certifications, along with what advice they have for those who are interested in pursuing a career in IT.
Shelly, our first guest, will be the first guide to help us explore the professional landscape of IT security.
Driven to provide the best learning experience possible, Shelly Calhoun-Jones spends her days as a Principal Technical Education Consultant at Symantec, where she builds a full range of IT training materials to help businesses improve IT efficiency and enhance security awareness. Away from Symantec, Shelly is working towards improving her abilities as a technical education subject matter expert (SME) by pursuing a degree in Computer Networks and Cybersecurity from the University of Maryland College Park. As far as certifications are concerned, Shelly has previously earned a number of leading IT certs – Network+, Security+, CISSP, and CCSK to name a few.
How would you describe your job to an average, non-technical person?
I write training material including videos, labs and courses taught by instructors on how to use security software. I also create exam questions and study guides for individuals pursuing Symantec certifications.
What attracted you to a career as a technical education consultant, specifically within the IT security space?
For Symantec Education, we are mostly subject matter experts. We have a few instructional designers, but most are people who have significant field experience.
Before this role, I was a Technical Account Manager (TAM) working with a specific Symantec product family. I’m a subject matter expert in that family. It was a fast-paced role that encouraged me to be a professional student, and that led me to a training role. One of my favorite aspects of this role was being able to identify training opportunities and make sure my accounts were getting the most out of the product. Education Services has led me to continue to develop my skills in this area.
What do certifications represent to you and what role do they have in your line of work?
Certifications give me the ability to learn a topic and validate that I understand it. I see the exam outline as a learning path. I can also apply it on the job and make sure that I’m learning important concepts. The certification is the bonus!
There have been times when I’ve started studying for a certification when I’ve realized that I need to spend more time on the prerequisites. CEH (Certified Ethical Hacker) is a great example. I started running through the CEH labs and realized that I needed to expand my Linux knowledge a bit. So I picked up a Linux Academy subscription and plan to take a Linux class in the fall. I find it fascinating how these certifications cross-pollinate and support each other. CISSP is a gateway drug.
You have experience with preparing for IT security certifications and creating technical training material; in your opinion, is there any single factor that separates a great learning experience from the rest?
Make the material relevant to what they’re doing now. It sometimes means adjusting the content or the presentation to fit a specific group of students. One size does not fit all. Every student comes into it with a different set of skillsets and experience. Sometimes it’s a delicate balance.
The best way that I’ve found to learn is to apply the information that you’re absorbed on the job. In the instance of Linux, I have multiple lab environments setup. I’m running through exercises, break/fixes, and learning the nuances of several different distributions.
That’s what I love about Cybersecurity; there’s no standard learning path. I’m never in cruise control; I’m always trying to translate what I’m learning into training content.
One credential you currently have is the CCSK, and another you are considering is the CCSP certification, both of which focus on Cloud Security: Why are you interested in increasing your knowledge in Cloud Security?
It’s the future of many companies and security applications. IaaS (Infrastructure as a Service) and SaaS (Software as a Service) are the future trends for most organizations. They wish to have a dedicated segment of a cloud infrastructure that they are not required to train to maintain their IT environment. Most of my students wear multiple hats and most support a cloud based application.
Looking back on your career path, was pursuing certifications like the CCSK worth it?
Yes – It gave me a better understanding of cloud security and the reasons why companies are moving their security infrastructure from on-prem. I took the certification before Symantec started to incorporate more cloud-based features into the product portfolio.
For those who are considering a career in either IT Security, education services, or both, do you have any advice you would like to share?
I’d recommend working in the field first to have a better understanding of your audience. It’s the best way to learn and gives you a chance to identify the right career path. Too many times I have seen formal education in college or university be more than a few years behind in cybersecurity. The same amount of time in the field will leapfrog your actionable experience.
What does the future hold for Shelly Calhoun-Jones?
A volcanic island in the Pacific and world domination.