Name: Mark A. Singer
Title: Principal Software Engineer
Employer: DoD Sub-Contractor
Location: Indianapolis, IN
Education: Business Management
Years in IT: 19
Years in cybersecurity: 12
Cybersecurity certifications: CISSP
How did you decide upon a career in cybersecurity?
Evolution. I stumbled into computers when I served in the U.S. Navy from 1985 to 1989 when PCs with 8086 processors were common. When I got out of the service, I was able to get a job working for Naval Avionics in Indianapolis and was placed in a role where I was doing local computer support on tempest computers (386, 486, & 486DX processors). When Naval Avionics was identified on the Base Closure list, I accepted a position in the Security Department as ISSM in 1997 with Hughes which became Raytheon in 1998. Also in 1998, I transferred from the Security Department to IT Department working in Desktop Support before becoming Desktop Team Lead then moving to the Network Support team. I stayed in IT until 2005 when I transferred back to the Security Department reassuming the ISSM duties until April of 2017 at which point I transitioned to new role within the engineering department as Principal Software Engineer.
Why did you get your CISSP®?
Because of the support we provide in the certification and accreditation of Information Systems (IS) in support of DoD programs, the government required 8570 certifications for users with privileged access to those systems. Essentially, I needed to obtain an 8570 certification to be able to retain my position as ISSM.
What is a typical day like for you?
Up until April of 2017 it was mostly Certification and Accreditation (C&A) as well as security compliance in support of DoD programs under cognizance of the NISPOM. Most days are spent working with Information Systems Security Officers (ISSOs) on configuration issues of current systems or working with program managers to stand-up new systems most recently under the new Risk Management Framework (RMF) process. Since April of 2017 my days consist mostly of software & hardware asset management.
Can you tell us about a personal career highlight?
Transferring from the Security Department to the IT department in 1998 - this move really honed my computer skills and is the basis for my development in cybersecurity. Without my work in the IT department, not only would I have not had the knowledge base for my current position - I would've had to find another profession to support my family.
How has the CISSP certification helped you in your career?
As eluded to earlier, having the CISSP certification helped me retain my position as ISSM which required the 8570 certification as well as widening my knowledge base across the domains. Certifications such as the CISSP are really starting to be recognized in the various computer professions, especially if you're working for a DoD sub-contractor as a government employee (civil service or military).
What is the most useful advice you have for other cybersecurity professionals?
First and foremost, make sure you love it. If not you won't be able to sustain the type of effort it currently takes to not only acquire the skill-set needed to be successful in cybersecurity, but to stay on top of the ever-changing knowledge base to keep systems working efficiently while at the same time addressing all the vulnerabilities to systems & the data they are designed to process & protect - i.e. Confidentiality, Integrity, & Availability.
Aspiring to be a CISSP? Download the Ultimate Guide to the CISSP.