The three events that changed everything in my career

Introduction

Shortly before I graduated from high school in 1999, my principal at the time took me aside to tell me that all my diploma would be of use for is to wipe my butt with it. While it is true that my grades were not particularly strong, this parting remark was not particularly helpful. After school, I completed my civil service (an alternative to military service) as a driver for a drug therapy center. It was here that I realized I was more suited to working than studying. I therefore decided not to go to university, but to do a traditional apprenticeship instead. There was a new profession you could learn called “Fachinformatiker” (IT Specialist). I applied to two companies offering apprenticeships that couldn’t have been more different. One company had its own fancy glass and steel building, and they expected you to dress neatly and generally had their noses in the air. The other company had just 35 employees and had its offices in a building complex that also housed a hardware store. It was dark inside, the employees dressed casually, and they were playing Diablo II while I sat there waiting for my interview. Both companies accepted me, so I had to make a decision. Since I was exclusively and excessively playing Diablo II at the time and generally don’t have a stick up my butt, the choice wasn’t difficult for me.

The Beginning

My decision proved to be the right one. During the following three years of my training and the additional year as a permanent IT employee, I practically only went home to sleep. At work, I was taught the concept of rational databases and software development with Visual Basic with a lot of love and dedication. During my lunch break and after work, I played Diablo II with my colleagues, sometimes until shortly before midnight. It was a great time. Later, a large new customer requested the development of a web-based Java application, which led me to learn Java and object-oriented programming together with my colleagues. The whole thing was to be run on Linux servers, and I was the only one who knew Linux. I had been using Linux privately since the late 90s. So I gradually slipped into system administration and discovered my passion for it. This, combined with the slow demise of my employer, led me to leave the company after four years to take up a new job as a UNIX admin.

The new job as a system administrator was quite special. I was promised that I would be a UNIX admin (IBM AIX, to be precise), but my main responsibility would be to look after the ADABAS C databases. The catch was that most of these were still running on a mainframe with VM/ESA and were to be gradually migrated to AIX. So for the first two years, I was more of an ADABAS C database administrator on a mainframe with the additional task of migrating them to AIX as soon as the customers agreed. So I drifted along for a while, learning things from the dinosaur era, and that as a guy in his early twenties.

The first Event: Left Alone

Then it happened: three colleagues in key positions resigned almost simultaneously, leaving a huge gap. Suddenly, three people who had been responsible for the administration of SAP, SAN storage, UNIX, backup, DB2, and monitoring were gone. My employer’s solution for this was the following: They bought two consultants for 6 months and put them with me together in one room (virtually, it was sadly an open space office). We as a team at first tried to understand the infrastructure, involved systems, applications etc. After this orientation period, we were pretty much busy with not drowning, keeping things alive and only slowly improving things.

This was now the second time that I had personal trainers, so to speak, who helped me acquire knowledge. This time in record time and with an important mission. I have never acquired knowledge so quickly and so willingly in my life. Of course, this was due to the emergency situation, but also to the fact that what I learned was directly applicable. I also really enjoyed it and was (and still am) proud of my achievements.

After a long period of professional struggle, we got additional colleagues who took on individual tasks. From that point on, I specialized in becoming a solid DB2 database administrator and Tivoli Storage Manager backup administrator. Another five years passed, and I found myself both bored and realizing that my employer was developing in a direction that I didn’t like.

I heard from a friend that a local IT security consulting firm was looking for an in-house system administrator. A one-man show was exactly what I was longing for. So I applied there and had an initial phone interview.

The second Event: Suddenly Consultant

During the phone call with the managing director, I received both good and bad news: the in-house admin position was no longer available, but they were still looking for consultants and thought I might be a good fit. In a further personal interview, my strengths and weaknesses were identified and I was assured that my shortcomings would be compensated for with training.

I thought long and hard about whether to accept the job. On the one hand, it would allow me to enter the highly interesting field of IT security. On the other hand, I had never given a presentation in my life, never had to stand alone in front of customers, could always hide behind a boss, and besides, I didn’t like to travel (I still don’t). However, the job as an IT security consultant consisted largely of traveling, giving presentations, and being at the mercy of the customer on my own. In a moment of madness, I accepted and became an IT security consultant in 2011.

I did this job for exactly five years. Once again, I learned in turbo mode. I learned how to pentest web applications, how to perform conceptual audits, how to stay one step ahead of the customer in the manual, how to tie ties, how to give training courses, how to give presentations, how to acquire knowledge overnight in hotels in order to survive the next day, how to eat alone in the evenings, and so much more.

While all of this sounds positive (and indeed is), the first two years were my personal hell, consisting of anxiety, tearful nights, and stomachaches. From the third year on, it started to be a lot of fun. I was actually able to bring added value to my customers, help them secure their systems and applications, and enjoy the project completion presentations, where I could show off the most adventurous findings and celebrate my own work.

It was all great, but it was time to settle down again. The reason for this was starting a family, which didn’t leave much room for traveling. So I looked for a job as a security engineer, which I quickly found at a non-IT company in the region. Unfortunately, this job wasn’t right for me, so I quit after a year and looked for something else instead. I quickly had an interview with the head of a SOC (Security Operations Center) at a nearby IT company that had been around since the 1960s. Unfortunately, it had recently been bought by a foreign company, which would soon play a role. At first, everything sounded good, so I took the job and suddenly found myself in a SOC with nine other engineers and analysts.

The third Event: Left Alone again

I soon noticed that something was wrong. My new colleagues were acting strangely and kept to themselves. After just a month or two, it became clear why: apart from one colleague, the entire SOC, including the boss, had decided to move to a newly founded company. Probably out of pity or a guilty conscience, they offered me the chance to come with them.

I didn’t have much time to think, but I had to choose between three options:

• Join my colleagues, whom I hadn’t warmed up to and whose exact agenda was unclear to me, at a new company whose motives were also unclear to me.
• Stay behind with the remaining colleague (whom I liked) and run a SOC without any experience, which was already understaffed with nine colleagues and was already under considerable pressure.
• Quit and look for a new job.

Anyone who has read this far can probably already guess that I once again opted for baptism by fire. Once again, there was an opportunity to learn a lot, to shape things yourself, and to have the backing of management.

The following two years were turbulent but thoroughly positive. The two of us remaining colleagues had the full backing of the board and familiarized ourselves with what had been left behind. I worked my way into vulnerability management/monitoring, SIEM, and other services and kept them alive. Strictly speaking, there were two SIEM systems that were in the process of migrating from the old to the new. I spent most of my time working on the migration and operation of the new SIEM, which I enjoyed the most. Fortunately, I was once again assigned a consultant who knew the SIEM inside and out and helped me a lot to get up to speed.

In the end, it turned out as it had to: we were not only able to maintain the operation of the SOC, but also improve it. New colleagues joined us and, unfortunately, at some point a new manager. Officially, he had no idea about IT security and even less about SOC operations. That’s not a problem in principle, if the human component hadn’t made it one. Even more problematic, however, was that the mood throughout the company took a turn for the worse and the company itself went downhill at an ever-increasing pace (my assessment was correct; this company no longer exists).

The Present

So it was time to look for a new challenge again. I moved to another local company, where I worked for two years as a security engineer and another two years as a SOC analyst. After I had to witness far too much Game of Thrones style company politics for far too long, I followed my boss to my current employer.

After almost four years with them, I still can’t believe my luck. I nownow work fully remotely as a SOC engineer/analyst and am allowed to design the SOC according to my own ideas. The team I work in is great, I continue to learn a lot, and I feel like I can make a difference every day.

Conclusion

Why am I telling you all this? To show off? Maybe a little. But I also want to show that you can achieve a lot and fulfill your potential even if you didn’t go to university and even if you didn’t do well at school. It takes a bit of luck to be in the right place at the right time and a certain amount of resilience. The phases of my career that felt the worst at the time (and really were) were not only the most instructive and the ones that helped me advance, but also the ones that were actually the most fun. I’d rather have to tackle a mammoth task on my own than be bored to death. I don’t want to do that all the time, it would destroy me.

I hope this doesn’t come across as one of those awful LinkedIn posts. I work normal hours and have normal weekends. My family always comes first, and I would always choose family over career if I had to. I believe that you should never work more than 40 hours a week and that you can probably achieve the same results in less time. However, there are situations where it’s worth giving it your all. These are the situations where you actually make a difference and experience real satisfaction. Not to finance someone else’s third sports car, but to prove to yourself that you can do it, to give meaning to your actions, and to feel good about yourself:

The first event took me from being a mainframe administrator and turned me into a versatile sysadmin who has proven that he can be relied upon and is able to quickly acquire new knowledge at any time.

I see the second event as a substitute for a university degree, which propelled me into cybersecurity and accelerated my personal development in warp mode.

The third event enabled me to work in a Security Operations Center with a wealth of experience that would normally have taken much longer to acquire. Here, too, I was able to learn about new technologies that I would not otherwise have had access to.

I’m not sure what I want for the future, but for now, I want everything to stay as it is.